# iexplore.exe, WOW!



## Mess

Alright, I'm sure someone here has at the very least heard of this problem before. A process called iexplore.exe is running under "system". This is happening while no actual internet explorer window is open. (I use Chrome) 

This process hogs a lot of the computer's CPU usage.

My question to you guys is, how do I get rid of it? I've read of other people experiencing similar problems, almost all of them posted a log. I will do the same using HijackThis.

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Analog Devices\SoundMAX\SMTray.exe
E:\Program Files\Microsoft Hardware\Keyboard\type32.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
E:\Program Files\Search Settings\SearchSettings.exe
E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
E:\Program Files\Norton Internet Security\Norton AntiVirus\navw32.exe
E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://start.shaw.ca/start/enca/addons/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = >>> 'Full Speed' Enabled <<<
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - E:\Program Files\Search Settings\kb127\SearchSettings.dll
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - E:\Program Files\FlashGet\jccatch.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - E:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - E:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - E:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - E:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - E:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [Smapp] E:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [IntelliType] "E:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "E:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [SearchSettings] E:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [ATIPTA] E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [ISUSPM] "E:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Microsoft Works Update Detection] E:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [AdobeUpdater] E:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [Google Update] "E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "E:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Pando Media Booster] E:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Air Mouse.lnk = E:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Download All with FlashGet - E:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - E:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all links with IDM - E:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - E:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - E:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6930A6D1-72B8-4FEB-A2F2-FE64A3428F19}: Domain = vc.shawcable.net
O17 - HKLM\System\CCS\Services\Tcpip\..\{6930A6D1-72B8-4FEB-A2F2-FE64A3428F19}: NameServer = 64.59.144.92,64.59.144.93
O20 - AppInit_DLLs: E:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - E:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.909.30391 (GoogleDesktopManager-093009-130223) - Google - E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - E:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - E:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - E:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 10574 bytes


----------



## johnb35

Please download Malwarebytes' Anti-Malware from *here* or *here* and save it to your desktop.

Double-click *mbam-setup.exe* and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to
*Update Malwarebytes' Anti-Malware*
and *Launch Malwarebytes' Anti-Malware*
 
then click *Finish*.
If an update is found, it will download and install the latest version.  *Please keep updating until it says you have the latest version.*
Once the program has loaded, select *Perform quick scan*, then click *Scan*.
When the scan is complete, click *OK*, then *Show Results* to view the results.
Be sure that everything is checked, and click *Remove Selected*.
A log will be saved automatically which you can access by clicking on the *Logs* tab within Malwarebytes' Anti-Malware



Post the malwarebytes log along with a fresh hijackthis log.


----------



## Mess

*Well, I did as you said. The Anti-Malware program found no malicious software or anything like that, but here is the log anyways.*


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4328

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

7/19/2010 6:55:56 PM
mbam-log-2010-07-19 (18-55-56).txt

Scan type: Quick scan
Objects scanned: 193282
Time elapsed: 28 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


*Now here is a fresh HijackThis log.*


Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Analog Devices\SoundMAX\SMTray.exe
E:\Program Files\Microsoft Hardware\Keyboard\type32.exe
E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\Search Settings\SearchSettings.exe
E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\Common Files\Java\Java Update\jusched.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
E:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
E:\WINDOWS\system32\NOTEPAD.EXE
E:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://start.shaw.ca/start/enca/addons/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = >>> 'Full Speed' Enabled <<<
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - E:\Program Files\Search Settings\kb127\SearchSettings.dll
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - E:\Program Files\FlashGet\jccatch.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - E:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - E:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - E:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - E:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - E:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [Smapp] E:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [IntelliType] "E:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "E:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [SearchSettings] E:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [ATIPTA] E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [ISUSPM] "E:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Microsoft Works Update Detection] E:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [AdobeUpdater] E:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [Google Update] "E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "E:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Pando Media Booster] E:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Air Mouse.lnk = E:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Download All with FlashGet - E:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - E:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all links with IDM - E:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - E:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - E:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6930A6D1-72B8-4FEB-A2F2-FE64A3428F19}: Domain = vc.shawcable.net
O17 - HKLM\System\CCS\Services\Tcpip\..\{6930A6D1-72B8-4FEB-A2F2-FE64A3428F19}: NameServer = 64.59.144.92,64.59.144.93
O20 - AppInit_DLLs: E:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - E:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.909.30391 (GoogleDesktopManager-093009-130223) - Google - E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - E:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - E:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - E:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 10824 bytes


----------



## johnb35

Please download combofix and post the logfiles requested.

*Download and Run ComboFix*
*If you already have Combofix, please delete this copy and download it again as it's being updated regularly.*

*Download this file* here :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe


Then double click *combofix.exe* & follow the prompts.
When finished, it shall produce *a log* for you. *Post that log* in your next reply
*Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall*

Combofix should never take more that 20 minutes including the reboot if malware is detected.


In your next reply please post:

The ComboFix log
A fresh HiJackThis log
An update on how your computer is running

Then I need you to post an uninstall list using hijackthis.  Open hijackthis, click on open misc tools section, click on open uninstall manager, click on save list and save it, then copy and paste it back here.


----------



## 1337dingo

johnb35 said:


> Please download Malwarebytes' Anti-Malware from *here* or *here* and save it to your desktop.
> 
> Double-click *mbam-setup.exe* and follow the prompts to install the program.
> At the end, be sure a checkmark is placed next to
> *Update Malwarebytes' Anti-Malware*
> and *Launch Malwarebytes' Anti-Malware*
> 
> then click *Finish*.
> If an update is found, it will download and install the latest version.  *Please keep updating until it says you have the latest version.*
> Once the program has loaded, select *Perform quick scan*, then click *Scan*.
> When the scan is complete, click *OK*, then *Show Results* to view the results.
> Be sure that everything is checked, and click *Remove Selected*.
> A log will be saved automatically which you can access by clicking on the *Logs* tab within Malwarebytes' Anti-Malware
> 
> 
> 
> Post the malwarebytes log along with a fresh hijackthis log.



lol do you have this copy and paisted someware? lol seen it all over the place wouldnt wanna do it every time would ya XD


----------



## Mess

*Here is the ComboFix log*


(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

e:\documents and settings\All Users\Application Data\doc2txt.exe
e:\program files\Search Settings
e:\program files\Search Settings\kb127\SearchSettings.dll
e:\program files\Search Settings\kb127\SearchSettingsRes409.dll
e:\program files\Search Settings\SearchSettings.exe

.
(((((((((((((((((((((((((   Files Created from 2010-06-20 to 2010-07-20  )))))))))))))))))))))))))))))))
.

2010-07-20 01:26 . 2010-04-29 22:39	38224	----a-w-	e:\windows\system32\drivers\mbamswissarmy.sys
2010-07-20 01:26 . 2010-04-29 22:39	20952	----a-w-	e:\windows\system32\drivers\mbam.sys
2010-07-20 00:40 . 2010-07-20 00:40	--------	d-----w-	e:\program files\Trend Micro
2010-07-20 00:16 . 2010-07-20 00:16	--------	d-----w-	e:\documents and settings\Gregory\Application Data\Malwarebytes
2010-07-20 00:16 . 2010-07-20 00:16	--------	d-----w-	e:\documents and settings\All Users\Application Data\Malwarebytes
2010-07-20 00:15 . 2010-07-20 01:26	--------	d-----w-	e:\program files\Malwarebytes' Anti-Malware
2010-07-19 10:55 . 2010-04-13 00:29	411368	----a-w-	e:\windows\system32\deployJava1.dll
2010-07-13 23:24 . 2010-06-14 14:30	743936	-c----w-	e:\windows\system32\dllcache\helpsvc.exe
2010-07-04 21:30 . 2010-07-04 21:32	--------	d-----w-	e:\documents and settings\Gregory\Application Data\TeamViewer
2010-07-04 21:29 . 2010-07-04 21:29	--------	d-----w-	e:\program files\TeamViewer
2010-07-04 08:15 . 2010-07-04 08:15	1362899	----a-w-	E:\wrar39b1(1).exe

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-20 05:48 . 2008-02-12 04:11	--------	d-----w-	e:\program files\Common Files\Symantec Shared
2010-07-20 04:45 . 2010-04-16 22:20	51	----a-w-	e:\documents and settings\Gregory\jagex__preferences3.dat
2010-07-20 04:45 . 2008-07-04 08:12	46	----a-w-	e:\documents and settings\Gregory\jagex_runescape_preferences.dat
2010-07-20 04:40 . 2009-09-05 10:15	99	----a-w-	e:\documents and settings\Gregory\jagex_runescape_preferences2.dat
2010-07-20 00:40 . 2010-07-20 00:40	388096	----a-r-	e:\documents and settings\Gregory\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-07-19 10:55 . 2008-02-14 03:00	--------	d-----w-	e:\program files\Common Files\Java
2010-07-19 10:54 . 2008-02-14 03:02	--------	d-----w-	e:\program files\Java
2010-07-19 10:39 . 2008-02-12 04:12	--------	d-----w-	e:\documents and settings\All Users\Application Data\Symantec
2010-07-19 10:24 . 2008-02-13 05:08	--------	d-----w-	e:\program files\Steam
2010-07-06 21:11 . 2008-02-14 03:03	--------	d-----w-	e:\documents and settings\Gregory\Application Data\LimeWire
2010-07-03 23:02 . 2008-02-13 06:32	664	----a-w-	e:\windows\system32\d3d9caps.dat
2010-06-26 01:32 . 2009-08-28 12:18	112766	----a-w-	e:\windows\War3Unin.dat
2010-06-14 14:30 . 2008-02-11 14:06	743936	----a-w-	e:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
2010-06-03 02:31 . 2010-06-03 02:31	503808	----a-w-	e:\documents and settings\Gregory\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-11d4888a-n\msvcp71.dll
2010-06-03 02:31 . 2010-06-03 02:31	348160	----a-w-	e:\documents and settings\Gregory\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-11d4888a-n\msvcr71.dll
2010-06-03 02:31 . 2010-06-03 02:31	499712	----a-w-	e:\documents and settings\Gregory\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-11d4888a-n\jmc.dll
2010-06-03 02:31 . 2010-06-03 02:31	61440	----a-w-	e:\documents and settings\Gregory\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-57bbdec2-n\decora-sse.dll
2010-06-03 02:31 . 2010-06-03 02:31	12800	----a-w-	e:\documents and settings\Gregory\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-57bbdec2-n\decora-d3d.dll
2010-05-25 05:30 . 2010-05-25 05:30	61440	----a-w-	e:\documents and settings\Chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7d5d6a26-n\decora-sse.dll
2010-05-25 05:30 . 2010-05-25 05:30	348160	----a-w-	e:\documents and settings\Chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-26e0ddf1-n\msvcr71.dll
2010-05-25 05:30 . 2010-05-25 05:30	12800	----a-w-	e:\documents and settings\Chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7d5d6a26-n\decora-d3d.dll
2010-05-25 05:30 . 2010-05-25 05:30	503808	----a-w-	e:\documents and settings\Chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-26e0ddf1-n\msvcp71.dll
2010-05-25 05:30 . 2010-05-25 05:30	499712	----a-w-	e:\documents and settings\Chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-26e0ddf1-n\jmc.dll
2010-05-02 05:56 . 2003-03-31 12:00	1850880	----a-w-	e:\windows\system32\win32k.sys
2009-04-01 05:47 . 2008-02-23 18:55	324976	----a-w-	e:\program files\mozilla firefox\components\coFFPlgn.dll
2009-10-19 04:55 . 2009-10-19 04:55	119808	----a-w-	e:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeUpdater"="e:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 2321600]
"Google Update"="e:\documents and settings\Gregory\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-03-22 133104]
"AlcoholAutomount"="e:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-02-22 217544]
"Pando Media Booster"="e:\program files\Pando Networks\Media Booster\PMB.exe" [2010-03-09 2937528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="e:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 143360]
"IntelliType"="e:\program files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 94208]
"Adobe Reader Speed Launcher"="e:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"NeroFilterCheck"="e:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"ccApp"="e:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="e:\program files\Norton Internet Security\osCheck.exe" [2008-02-07 718704]
"ATIPTA"="e:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-02-25 335872]
"ATICCC"="e:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-03 45056]
"ISUSPM"="e:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-21 213936]
"QuickTime Task"="e:\program files\QuickTime\QTTask.exe" [2009-05-27 413696]
"iTunesHelper"="e:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"Google Desktop Search"="e:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-10-19 30192]
"Microsoft Works Update Detection"="e:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-07 50688]
"SunJavaUpdateSched"="e:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

e:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - e:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-2-12 113664]
Air Mouse.lnk - e:\program files\Air Mouse\Air Mouse\Air Mouse.exe [2009-2-16 269824]
Microsoft Office.lnk - e:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\Program Files\\FlashGet\\FlashGet.exe"=
"e:\\Program Files\\LimeWire\\LimeWire.exe"=
"e:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"e:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"e:\\Program Files\\iTunes\\iTunes.exe"=
"e:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"e:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"e:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=
"e:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"e:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"e:\\Program Files\\Steam\\steamapps\\trigon_v\\counter-strike source\\hl2.exe"=
"e:\\Program Files\\Steam\\steamapps\\trigon_v\\condition zero\\hl.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58271:TCP"= 58271:TCPando Media Booster
"58271:UDP"= 58271:UDPando Media Booster
"56454:TCP"= 56454:TCPando Media Booster
"56454:UDP"= 56454:UDPando Media Booster

R2 LiveUpdate Notice;LiveUpdate Notice;e:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [1/25/2008 6:47 PM 149352]
R3 COH_Mon;COH_Mon;e:\windows\system32\drivers\COH_Mon.sys [1/12/2008 7:32 PM 23888]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;e:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [6/9/2010 12:58 AM 102448]
S3 cpuz130;cpuz130;\??\e:\docume~1\Gregory\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> e:\docume~1\Gregory\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;e:\program files\Google\Google Desktop Search\GoogleDesktop.exe [10/18/2009 9:55 PM 30192]
S3 npggsvc;nProtect GameGuard Service;e:\windows\system32\GameMon.des -service --> e:\windows\system32\GameMon.des -service [?]
S3 vtayn;vtayn;\??\e:\docume~1\Gregory\LOCALS~1\Temp\vtayn.sys --> e:\docume~1\Gregory\LOCALS~1\Temp\vtayn.sys [?]
S3 XDva273;XDva273;\??\e:\windows\system32\XDva273.sys --> e:\windows\system32\XDva273.sys [?]
S3 XDva279;XDva279;\??\e:\windows\system32\XDva279.sys --> e:\windows\system32\XDva279.sys [?]
S3 XDva309;XDva309;\??\e:\windows\system32\XDva309.sys --> e:\windows\system32\XDva309.sys [?]
S3 XDva321;XDva321;\??\e:\windows\system32\XDva321.sys --> e:\windows\system32\XDva321.sys [?]
S4 sptd;sptd;e:\windows\system32\drivers\sptd.sys [2/13/2009 7:49 PM 717296]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST
.
Contents of the 'Scheduled Tasks' folder

2010-07-15 e:\windows\Tasks\AppleSoftwareUpdate.job
- e:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 19:34]

2010-07-19 e:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1060284298-839522115-1006Core.job
- e:\documents and settings\Gregory\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-22 04:33]

2010-07-20 e:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1060284298-839522115-1006UA.job
- e:\documents and settings\Gregory\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-22 04:33]

2010-07-20 e:\windows\Tasks\Norton Internet Security - Run Full System Scan - Gregory.job
- e:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2008-02-07 14:05]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mSearch Bar = hxxp://start.shaw.ca/start/enca/addons/search/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &Download All with FlashGet - e:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - e:\program files\FlashGet\jc_link.htm
IE: Download all links with IDM - e:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - e:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - e:\program files\Internet Download Manager\IEExt.htm
TCP: {6930A6D1-72B8-4FEB-A2F2-FE64A3428F19} = 64.59.144.92,64.59.144.93
FF - ProfilePath - e:\documents and settings\Gregory\Application Data\Mozilla\Firefox\Profiles\nmyduj4o.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=vmn&type=vdio5&p=
FF - plugin: e:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: e:\documents and settings\Gregory\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: e:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: e:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - e:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-SearchSettings - e:\program files\Search Settings\SearchSettings.exe
AddRemove-Musicnotes Player - e:\program files\Musicnotes\Player\musnotes.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-19 23:23
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="e:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1547161642-1060284298-839522115-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3f16d8ee-0f46-4ce6-ad79-aedd35e2ae54}]
@Denied: (Full) (Everyone)
"Model"=dword:000000f5
"Therad"=dword:00000013

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):cc,cf,99,a7,e1,f1,12,16,2a,75,05,96,a7,b5,71,6c,b7,47,dd,b0,09,
   b6,70,0c,04,78,73,e2,25,e2,49,1d,68,ff,88,c8,d7,71,3d,db,00,00,00,00,00,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(820)
e:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2108)
e:\program files\Common Files\Symantec Shared\NPC\2.0\NPCEXT.dll
e:\windows\system32\WPDShServiceObj.dll
e:\program files\Nokia\Nokia PC Suite 7\phonebrowser.dll
e:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
e:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
e:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
e:\program files\WinSCP\DragExt.dll
e:\windows\system32\PortableDeviceTypes.dll
e:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
e:\windows\system32\Ati2evxx.exe
e:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
e:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
e:\program files\Bonjour\mDNSResponder.exe
e:\program files\Java\jre6\bin\jqs.exe
e:\program files\Analog Devices\SoundMAX\SMAgent.exe
e:\windows\system32\Ati2evxx.exe
e:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
e:\program files\Windows Media Player\WMPNetwk.exe
e:\windows\system32\rundll32.exe
e:\windows\winhlp32.exe
e:\program files\iPod\bin\iPodService.exe
e:\progra~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
e:\program files\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Completion time: 2010-07-19  23:35:02 - machine was rebooted
ComboFix-quarantined-files.txt  2010-07-20 06:34

Pre-Run: 3,853,434,880 bytes free
Post-Run: 4,219,158,528 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
e:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

- - End Of File - - 899F0FD80F1B06D1140BB4D6662DEA1F


*Here is the updated HijackThis log*


Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Analog Devices\SoundMAX\SMTray.exe
E:\Program Files\Microsoft Hardware\Keyboard\type32.exe
E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
E:\Program Files\Common Files\Java\Java Update\jusched.exe
E:\Program Files\Pando Networks\Media Booster\PMB.exe
E:\WINDOWS\winhlp32.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
E:\WINDOWS\explorer.exe
E:\WINDOWS\system32\notepad.exe
E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
E:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
E:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
E:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
E:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://start.shaw.ca/start/enca/addons/search/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - E:\Program Files\FlashGet\jccatch.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - E:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - E:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - E:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - E:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [Smapp] E:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [IntelliType] "E:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "E:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [ATIPTA] E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [ISUSPM] "E:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Microsoft Works Update Detection] E:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [AdobeUpdater] E:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [Google Update] "E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AlcoholAutomount] "E:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Pando Media Booster] E:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Air Mouse.lnk = E:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Download All with FlashGet - E:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - E:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all links with IDM - E:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - E:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - E:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6930A6D1-72B8-4FEB-A2F2-FE64A3428F19}: Domain = vc.shawcable.net
O17 - HKLM\System\CCS\Services\Tcpip\..\{6930A6D1-72B8-4FEB-A2F2-FE64A3428F19}: NameServer = 64.59.144.92,64.59.144.93
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - E:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.909.30391 (GoogleDesktopManager-093009-130223) - Google - E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - E:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - E:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - E:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 10817 bytes


----------



## Mess

*And now, here is that list*


7-Zip 4.62
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 7.0
Adobe Reader 8.1.2
Adobe Shockwave Player 11.5
Air Mouse Server
AirMAPS
AppCore
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Control Panel
ATI Display Driver
Audiosurf
AviSynth 2.5
Battlefield 2(TM)
Bonjour
CABAL Online
Calculator Powertoy for Windows XP
ccCommon
Component Framework
Condition Zero
Counter-Strike
Counter-Strike: Source
CPUID CPU-Z 1.52.2
Critical Update for Windows Media Player 11 (KB959772)
DiskAid 3.0
Eufony
ExtractNow
FlashGet 1.9.6.1073
'Full Speed' Internet Booster + Performance Tests
Futuremark SystemInfo
GCFScape 1.7.1
Google Desktop
Groove Games\Land Of The Dead
Guitar Pro 5.2
Half-Life: Counter-Strike
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Internet Download Manager
iTunes
Java(TM) 6 Update 20
Java(TM) 6 Update 3
Lernout & Hauspie TruVoice American English TTS Engine
LimeWire 5.1.2
LiveUpdate (Symantec Corporation)
LiveUpdate (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office 2000 Premium
Microsoft Picture It! Photo Premium 9
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.0.19)
MSVC80_x86
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Need for Speed Carbon
Need for Speed™ Carbon
Nero 6 Ultra Edition
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
Norton AntiVirus
Norton AntiVirus Help
Norton Confidential Core
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
Pando Media Booster
PC Connectivity Solution
Project64 1.6
QuickTime
Search Settings 1.2
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 8 (KB917734)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981350)
Security Update for Windows XP (KB982381)
Segoe UI
Shaw Support 7.0
SoundMAX
SPBBC 32bit
Starcraft
Steam
Symantec Real Time Storage Protection Component
System Requirements Lab
System Requirements Lab
System Requirements Lab
TeamViewer 5
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
Ventrilo Client
Winamp
Windows Driver Package - Nokia Modem  (05/22/2008 3.8)
Windows Driver Package - Nokia Modem  (05/22/2008 7.00.0.1)
Windows Driver Package - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WinRAR archiver
WinSCP 4.2.1 beta
WinZip


----------



## johnb35

1337dingo said:


> lol do you have this copy and paisted someware? lol seen it all over the place wouldnt wanna do it every time would ya XD



Yes, its called a canned speech.  All you do is copy and paste it from a notepad file, like I do with all my other ones.


----------



## johnb35

Please uninstall the following programs via add/remove programs in control panel.

'Full Speed' Internet Booster + Performance Tests
Internet Download Manager
Java(TM) 6 Update 3
Search Settings 1.2

Then please download and run Ccleaner.

http://www.filehippo.com/download_ccleaner/

Click up top right where it says download latest version, install the program and set it to the options that are checked in the attached image then click on run cleaner.

Please move the combofix file to the desktop if its not already there so we may perform the following procedure.


1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It must be Notepad, not Wordpad.
2. Copy the text in the below code box



		Code:
	

Driver::
vtayn
XDva273
XDva279
XDva309
XDva321

File::
e:\docume~1\Gregory\LOCALS~1\Temp\vtayn.sys
e:\windows\system32\XDva273.sys
e:\windows\system32\XDva279.sys
e:\windows\system32\XDva309.sys
e:\windows\system32\XDva321.sys

3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!







ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.

Also please post a fresh hijackthis log.


----------



## Mess

*Here is the ComboFix log*

FILE ::
"e:\docume~1\Gregory\LOCALS~1\Temp\vtayn.sys"
"e:\windows\system32\XDva273.sys"
"e:\windows\system32\XDva279.sys"
"e:\windows\system32\XDva309.sys"
"e:\windows\system32\XDva321.sys"
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_VTAYN
-------\Legacy_XDVA273
-------\Legacy_XDVA279
-------\Legacy_XDVA309
-------\Legacy_XDVA321
-------\Service_vtayn
-------\Service_XDva273
-------\Service_XDva279
-------\Service_XDva309
-------\Service_XDva321


(((((((((((((((((((((((((   Files Created from 2010-06-20 to 2010-07-20  )))))))))))))))))))))))))))))))
.

2010-07-20 21:54 . 2010-07-20 21:55	--------	d-----w-	e:\program files\CCleaner
2010-07-20 01:26 . 2010-04-29 22:39	38224	----a-w-	e:\windows\system32\drivers\mbamswissarmy.sys
2010-07-20 01:26 . 2010-04-29 22:39	20952	----a-w-	e:\windows\system32\drivers\mbam.sys
2010-07-20 00:40 . 2010-07-20 00:40	--------	d-----w-	e:\program files\Trend Micro
2010-07-20 00:16 . 2010-07-20 00:16	--------	d-----w-	e:\documents and settings\Gregory\Application Data\Malwarebytes
2010-07-20 00:16 . 2010-07-20 00:16	--------	d-----w-	e:\documents and settings\All Users\Application Data\Malwarebytes
2010-07-20 00:15 . 2010-07-20 01:26	--------	d-----w-	e:\program files\Malwarebytes' Anti-Malware
2010-07-19 10:55 . 2010-04-13 00:29	411368	----a-w-	e:\windows\system32\deployJava1.dll
2010-07-13 23:24 . 2010-06-14 14:30	743936	-c----w-	e:\windows\system32\dllcache\helpsvc.exe
2010-07-04 21:30 . 2010-07-04 21:32	--------	d-----w-	e:\documents and settings\Gregory\Application Data\TeamViewer
2010-07-04 21:29 . 2010-07-04 21:29	--------	d-----w-	e:\program files\TeamViewer
2010-07-04 08:15 . 2010-07-04 08:15	1362899	----a-w-	E:\wrar39b1(1).exe

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-20 22:01 . 2008-02-12 04:11	--------	d-----w-	e:\program files\Common Files\Symantec Shared
2010-07-20 21:56 . 2009-10-09 06:02	--------	d-----w-	e:\documents and settings\Gregory\Application Data\Media Player Classic
2010-07-20 21:53 . 2009-08-16 02:16	--------	d-----w-	e:\documents and settings\Gregory\Application Data\DMCache
2010-07-20 21:51 . 2008-02-14 03:02	--------	d-----w-	e:\program files\Java
2010-07-20 21:51 . 2008-02-14 03:00	--------	d-----w-	e:\program files\Common Files\Java
2010-07-20 10:47 . 2010-04-16 22:20	51	----a-w-	e:\documents and settings\Gregory\jagex__preferences3.dat
2010-07-20 10:47 . 2008-07-04 08:12	46	----a-w-	e:\documents and settings\Gregory\jagex_runescape_preferences.dat
2010-07-20 10:36 . 2009-09-05 10:15	99	----a-w-	e:\documents and settings\Gregory\jagex_runescape_preferences2.dat
2010-07-20 00:40 . 2010-07-20 00:40	388096	----a-r-	e:\documents and settings\Gregory\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-07-19 10:39 . 2008-02-12 04:12	--------	d-----w-	e:\documents and settings\All Users\Application Data\Symantec
2010-07-19 10:24 . 2008-02-13 05:08	--------	d-----w-	e:\program files\Steam
2010-07-06 21:11 . 2008-02-14 03:03	--------	d-----w-	e:\documents and settings\Gregory\Application Data\LimeWire
2010-07-03 23:02 . 2008-02-13 06:32	664	----a-w-	e:\windows\system32\d3d9caps.dat
2010-06-26 01:32 . 2009-08-28 12:18	112766	----a-w-	e:\windows\War3Unin.dat
2010-06-14 14:30 . 2008-02-11 14:06	743936	----a-w-	e:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
2010-06-03 02:31 . 2010-06-03 02:31	503808	----a-w-	e:\documents and settings\Gregory\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-11d4888a-n\msvcp71.dll
2010-06-03 02:31 . 2010-06-03 02:31	348160	----a-w-	e:\documents and settings\Gregory\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-11d4888a-n\msvcr71.dll
2010-06-03 02:31 . 2010-06-03 02:31	499712	----a-w-	e:\documents and settings\Gregory\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-11d4888a-n\jmc.dll
2010-06-03 02:31 . 2010-06-03 02:31	61440	----a-w-	e:\documents and settings\Gregory\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-57bbdec2-n\decora-sse.dll
2010-06-03 02:31 . 2010-06-03 02:31	12800	----a-w-	e:\documents and settings\Gregory\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-57bbdec2-n\decora-d3d.dll
2010-05-25 05:30 . 2010-05-25 05:30	61440	----a-w-	e:\documents and settings\Chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7d5d6a26-n\decora-sse.dll
2010-05-25 05:30 . 2010-05-25 05:30	348160	----a-w-	e:\documents and settings\Chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-26e0ddf1-n\msvcr71.dll
2010-05-25 05:30 . 2010-05-25 05:30	12800	----a-w-	e:\documents and settings\Chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7d5d6a26-n\decora-d3d.dll
2010-05-25 05:30 . 2010-05-25 05:30	503808	----a-w-	e:\documents and settings\Chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-26e0ddf1-n\msvcp71.dll
2010-05-25 05:30 . 2010-05-25 05:30	499712	----a-w-	e:\documents and settings\Chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-26e0ddf1-n\jmc.dll
2010-05-02 05:56 . 2003-03-31 12:00	1850880	----a-w-	e:\windows\system32\win32k.sys
2009-04-01 05:47 . 2008-02-23 18:55	324976	----a-w-	e:\program files\mozilla firefox\components\coFFPlgn.dll
2009-10-19 04:55 . 2009-10-19 04:55	119808	----a-w-	e:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeUpdater"="e:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 2321600]
"Google Update"="e:\documents and settings\Gregory\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-03-22 133104]
"AlcoholAutomount"="e:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-02-22 217544]
"Pando Media Booster"="e:\program files\Pando Networks\Media Booster\PMB.exe" [2010-03-09 2937528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="e:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 143360]
"IntelliType"="e:\program files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 94208]
"Adobe Reader Speed Launcher"="e:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"NeroFilterCheck"="e:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"ccApp"="e:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="e:\program files\Norton Internet Security\osCheck.exe" [2008-02-07 718704]
"ATIPTA"="e:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-02-25 335872]
"ATICCC"="e:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-03 45056]
"ISUSPM"="e:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-21 213936]
"QuickTime Task"="e:\program files\QuickTime\QTTask.exe" [2009-05-27 413696]
"iTunesHelper"="e:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"Google Desktop Search"="e:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-10-19 30192]
"Microsoft Works Update Detection"="e:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-07 50688]

e:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - e:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-2-12 113664]
Air Mouse.lnk - e:\program files\Air Mouse\Air Mouse\Air Mouse.exe [2009-2-16 269824]
Microsoft Office.lnk - e:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\Program Files\\FlashGet\\FlashGet.exe"=
"e:\\Program Files\\LimeWire\\LimeWire.exe"=
"e:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"e:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"e:\\Program Files\\iTunes\\iTunes.exe"=
"e:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"e:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"e:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=
"e:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"e:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"e:\\Program Files\\Steam\\steamapps\\trigon_v\\counter-strike source\\hl2.exe"=
"e:\\Program Files\\Steam\\steamapps\\trigon_v\\condition zero\\hl.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58271:TCP"= 58271:TCPando Media Booster
"58271:UDP"= 58271:UDPando Media Booster
"56454:TCP"= 56454:TCPando Media Booster
"56454:UDP"= 56454:UDPando Media Booster

R0 sptd;sptd;e:\windows\system32\drivers\sptd.sys [2/13/2009 7:49 PM 717296]
R2 LiveUpdate Notice;LiveUpdate Notice;e:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [1/25/2008 6:47 PM 149352]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;e:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [6/9/2010 12:58 AM 102448]
S3 COH_Mon;COH_Mon;e:\windows\system32\drivers\COH_Mon.sys [1/12/2008 7:32 PM 23888]
S3 cpuz130;cpuz130;\??\e:\docume~1\Gregory\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> e:\docume~1\Gregory\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;e:\program files\Google\Google Desktop Search\GoogleDesktop.exe [10/18/2009 9:55 PM 30192]
S3 npggsvc;nProtect GameGuard Service;e:\windows\system32\GameMon.des -service --> e:\windows\system32\GameMon.des -service [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST
.
Contents of the 'Scheduled Tasks' folder

2010-07-15 e:\windows\Tasks\AppleSoftwareUpdate.job
- e:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 19:34]

2010-07-20 e:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1060284298-839522115-1006Core.job
- e:\documents and settings\Gregory\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-22 04:33]

2010-07-20 e:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1060284298-839522115-1006UA.job
- e:\documents and settings\Gregory\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-22 04:33]

2010-07-20 e:\windows\Tasks\Norton Internet Security - Run Full System Scan - Gregory.job
- e:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2008-02-07 14:05]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mSearch Bar = hxxp://start.shaw.ca/start/enca/addons/search/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &Download All with FlashGet - e:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - e:\program files\FlashGet\jc_link.htm
TCP: {6930A6D1-72B8-4FEB-A2F2-FE64A3428F19} = 64.59.144.92,64.59.144.93
FF - ProfilePath - e:\documents and settings\Gregory\Application Data\Mozilla\Firefox\Profiles\nmyduj4o.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=vmn&type=vdio5&p=
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - e:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-SunJavaUpdateSched - e:\program files\Java\jre6\bin\jusched.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-20 15:29
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: error reading MBR 
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A2411F8]<< 
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf765bfc3
\Driver\ACPI -> ACPI.sys @ 0xf7496cb8
\Driver\atapi -> 0x8a2411f8
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->NDIS: 3Com 3C920B-EMB-WNM Integrated Fast Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xba661af9
 PacketIndicateHandler -> NDIS.sys @ 0xba66cb21
 SendHandler -> NDIS.sys @ 0xba661938
Warning: possible MBR rootkit infection !

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="e:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1547161642-1060284298-839522115-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{3f16d8ee-0f46-4ce6-ad79-aedd35e2ae54}]
@Denied: (Full) (Everyone)
"Model"=dword:000000f5
"Therad"=dword:00000013

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):cc,cf,99,a7,e1,f1,12,16,2a,75,05,96,a7,b5,71,6c,b7,47,dd,b0,09,
   b6,70,0c,04,78,73,e2,25,e2,49,1d,68,ff,88,c8,d7,71,3d,db,00,00,00,00,00,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(844)
e:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3668)
e:\program files\Common Files\Symantec Shared\NPC\2.0\NPCEXT.dll
e:\windows\system32\WPDShServiceObj.dll
e:\program files\Nokia\Nokia PC Suite 7\phonebrowser.dll
e:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
e:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
e:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
e:\program files\WinSCP\DragExt.dll
e:\windows\system32\PortableDeviceTypes.dll
e:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
e:\windows\system32\Ati2evxx.exe
e:\windows\system32\Ati2evxx.exe
e:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
e:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
e:\program files\Bonjour\mDNSResponder.exe
e:\program files\Java\jre6\bin\jqs.exe
e:\program files\Analog Devices\SoundMAX\SMAgent.exe
e:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
e:\program files\Windows Media Player\WMPNetwk.exe
e:\program files\iPod\bin\iPodService.exe
e:\program files\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Completion time: 2010-07-20  15:40:28 - machine was rebooted
ComboFix-quarantined-files.txt  2010-07-20 22:40
ComboFix2.txt  2010-07-20 06:35

Pre-Run: 5,231,431,680 bytes free
Post-Run: 5,206,421,504 bytes free

- - End Of File - - 6415D60F3E8229A1D4175A7A4ED4948F



*Here is a fresh HijackThis log*


Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Analog Devices\SoundMAX\SMTray.exe
E:\Program Files\Microsoft Hardware\Keyboard\type32.exe
E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
E:\Program Files\Pando Networks\Media Booster\PMB.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\WINDOWS\explorer.exe
E:\WINDOWS\system32\notepad.exe
E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://start.shaw.ca/start/enca/addons/search/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - E:\Program Files\FlashGet\jccatch.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - E:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - E:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - E:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - E:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [Smapp] E:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [IntelliType] "E:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "E:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [ATIPTA] E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [ISUSPM] "E:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Microsoft Works Update Detection] E:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKCU\..\Run: [AdobeUpdater] E:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [Google Update] "E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AlcoholAutomount] "E:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Pando Media Booster] E:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Air Mouse.lnk = E:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Download All with FlashGet - E:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - E:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6930A6D1-72B8-4FEB-A2F2-FE64A3428F19}: Domain = vc.shawcable.net
O17 - HKLM\System\CCS\Services\Tcpip\..\{6930A6D1-72B8-4FEB-A2F2-FE64A3428F19}: NameServer = 64.59.144.92,64.59.144.93
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - E:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.909.30391 (GoogleDesktopManager-093009-130223) - Google - E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - E:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - E:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - E:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 10187 bytes


Thanks for the help you've been giving by the way!


----------



## johnb35

Please download MBR.exe to your desktop and run it.  When its done running, it will produce a log located on your desktop labeled mbr.txt.  Please open that log and then copy and paste it back here.


----------



## Mess

*I don't get a .txt file. All I get is a mbr.log.*


Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: error reading MBR 
kernel: MBR read successfully

*I have redownloaded and tried it again. Still get the same thing.*


----------



## johnb35

Download and run rootrepeal 

1.  Extract the RootRepeal.exe file from the ZIP and save the EXE file to your Desktop. 
2.  Disable your antivirus, antispyware, and firewalls before continuing or they may block RootRepeal from running properly. 
3.  Now run the RootRepeal.exe program by double clicking on it. 
4.  On the botton click the Files tab and then click the Scan button 
5.  A Select Drives form will open. Select all of your drives by checking the boxes and then click OK. 
6.  It will start scanning. Wait for it to finish. It can take awhile depending on how many drives, how many files, how many folders...etc. Be patient.  
7.  When it finishes, click Save Report and save it somewhere you can easily find it (like your Desktop) so that you can attach it to a message in the forum. Give it a useful name like RRlog.txt 
8.  Copy and paste the log as requested to your next message.. 
__________________


----------



## i6turbo

I thought iexplore.exe was your current internet browser that is opened......(Internet Explorer)

Should reflect how many you have opened....correct?


----------



## Mess

*Here is the RootRepeal log*


ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time:		2010/07/21 14:46
Program Version:		Version 1.3.5.0
Windows Version:		Windows XP SP2
==================================================

Hidden/Locked Files
-------------------
Path: E:\hiberfil.sys
Status: Locked to the Windows API!


iexplore.exe normally is just an internet explorer window that is open. However, I haven't used internet explorer in a couple of years, ever since I switched to Firefox and then Chrome. Also, there is no window actually open, so to have that process there means there is something wrong, especially if ending the process causes it to reappear again.


----------



## Mess

Well, the iexplore.exe has stopped showing up on the processes. 

However, it will still make that clicking sound as if I am opening something. This causes the window I am on to be unselected, as if there is another window on top of it that I am on. Obviously, this isn't the case. This also causes programs that are ran full screen to either shrink or minimize, which is quite annoying and makes doing certain things impossible.

Also, ads will pop up from time to time. This does not happen often though.


----------



## johnb35

Rerun hijackthis and place checks next to the following entries

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM] "E:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Microsoft Works Update Detection] E:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKCU\..\Run: [AdobeUpdater] E:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [Google Update] "E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE

Then click on fix checked.

The only other thing I can suggest is to run superantispyware and see what it finds.

http://download.cnet.com/SuperAntiSpyware-Free-Edition/3000-8022_4-10523889.html

make sure you update it before running it.

To find the log, click on preferences on the main page and the click on statistics/logs tab, then open the log and copy and paste it back here.


----------



## Mess

*Here is the log. I kind of laughed when I saw the size of the list.*

Core Rules Database Version : 5266
Trace Rules Database Version: 3078

Scan type       : Quick Scan
Total Scan Time : 00:31:14

Memory items scanned      : 582
Memory threats detected   : 0
Registry items scanned    : 1777
Registry threats detected : 0
File items scanned        : 7605
File threats detected     : 897

Adware.Tracking Cookie
	E:\Documents and Settings\Gregory\Cookies\gregory@ads.networldmedia[2].txt
	macromedia.com [ E:\Documents and Settings\Chris\Application Data\Macromedia\Flash Player\#SharedObjects\W68T3KGX ]
	media.tattomedia.com [ E:\Documents and Settings\Chris\Application Data\Macromedia\Flash Player\#SharedObjects\W68T3KGX ]
	media.y8.com [ E:\Documents and Settings\Chris\Application Data\Macromedia\Flash Player\#SharedObjects\W68T3KGX ]
	media1.clubpenguin.com [ E:\Documents and Settings\Chris\Application Data\Macromedia\Flash Player\#SharedObjects\W68T3KGX ]
	vitamine.networldmedia.net [ E:\Documents and Settings\Chris\Application Data\Macromedia\Flash Player\#SharedObjects\W68T3KGX ]
	.msnportal.112.2o7.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.2o7.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.2o7.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.2o7.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.2o7.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.2o7.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.2o7.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.atdmt.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.atdmt.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.bluestreak.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.casalemedia.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.serving-sys.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.serving-sys.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.serving-sys.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.serving-sys.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.serving-sys.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.bs.serving-sys.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.hitbox.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.mediaplex.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.mediaplex.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.advertising.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.advertising.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.advertising.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.advertising.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.advertising.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.ehg-hollywoodmedia.hitbox.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	ad.yieldmanager.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	ad.yieldmanager.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.247realmedia.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	media.adrevolver.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.adcentriconline.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.img.mediaplex.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.questionmarket.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.adopt.euroclick.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	statse.webtrendslive.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.manulife.122.2o7.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.fastclick.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.fastclick.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	server.cpmstar.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.apmebf.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	rotator.adjuggler.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	rotator.adjuggler.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.videoegg.adbureau.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.imrworldwide.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.imrworldwide.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.zedo.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.revsci.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.revsci.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.overture.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.overture.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.adserver.adtechus.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.veohnetwork.122.2o7.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.cbs.112.2o7.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.atdmt.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.adlegend.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.bellcan.adbureau.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.mediaplex.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	ad.yieldmanager.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.dmtracker.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.charmingshoppes.112.2o7.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	tracking.foundry42.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	tracking.foundry42.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.bizrate.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.revsci.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.revsci.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.game-advertising-online.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.247realmedia.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.kontera.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.kontera.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.kontera.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.sympatico.112.2o7.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.casalemedia.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.casalemedia.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.doubleclick.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.media6degrees.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.media6degrees.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.fastclick.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.chitika.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.recruit.112.2o7.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.adbrite.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.adbrite.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.adbrite.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	ads.gamesbannernet.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	ads.gamesbannernet.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	ad.yieldmanager.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.tribalfusion.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.bellcan.adbureau.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.atdmt.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.atdmt.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.serving-sys.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.serving-sys.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	ads.networldmedia.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	ads.networldmedia.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.vitamine.networldmedia.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	ads.networldmedia.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.vitamine.networldmedia.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	vitamine.networldmedia.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	vitamine.networldmedia.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.vitamine.networldmedia.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.adlegend.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.questionmarket.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.media6degrees.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.media6degrees.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.media6degrees.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.media6degrees.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	cdn4.specificclick.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	cdn4.specificclick.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.specificclick.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	cdn4.specificclick.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	cdn4.specificclick.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.fastclick.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.fastclick.net [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	.adtech.de [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	fl01.ct2.comclick.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	fl01.ct2.comclick.com [ E:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\xe4rvewk.default\cookies.sqlite ]
	E:\Documents and Settings\Chris\Cookies\chris@casalemedia[2].txt


----------



## Mess

E:\Documents and Settings\Chris\Cookies\chris@bellcan.adbureau[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@tribalfusion[2].txt
	E:\Documents and Settings\Chris\Cookies\chris@serving-sys[2].txt
	E:\Documents and Settings\Chris\Cookies\chris@ehg-dig.hitbox[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@2o7[2].txt
	E:\Documents and Settings\Chris\Cookies\chris@adopt.euroclick[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@bs.serving-sys[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@richmedia.yahoo[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@rbc.bridgetrack[2].txt
	E:\Documents and Settings\Chris\Cookies\chris@mediaplex[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@hitbox[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@ehg-hollywoodmedia.hitbox[2].txt
	E:\Documents and Settings\Chris\Cookies\chris@doubleclick[2].txt
	E:\Documents and Settings\Chris\Cookies\chris@content.yieldmanager[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@bluestreak[2].txt
	E:\Documents and Settings\Chris\Cookies\chris@ehg-bestbuy.hitbox[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@ads.pointroll[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@bp.specificclick[2].txt
	E:\Documents and Settings\Chris\Cookies\chris@statse.webtrendslive[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@atdmt[2].txt
	E:\Documents and Settings\Chris\Cookies\chris@questionmarket[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@statcounter[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@ad.yieldmanager[2].txt
	E:\Documents and Settings\Chris\Cookies\chris@specificclick[2].txt
	E:\Documents and Settings\Chris\Cookies\chris@adbrite[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@ad.wsod[2].txt
	E:\Documents and Settings\Chris\Cookies\chris@oasc05.247realmedia[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@advertising[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@247realmedia[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@ehg-foxmovies.hitbox[1].txt
	E:\Documents and Settings\Chris\Cookies\chris@adcentriconline[2].txt
	E:\Documents and Settings\Chris\Cookies\chris@revenue[2].txt
	E:\Documents and Settings\Chris\Cookies\chris@msnportal.112.2o7[1].txt
	media.tattomedia.com [ E:\Documents and Settings\Grandpa\Application Data\Macromedia\Flash Player\#SharedObjects\JDU22X6K ]
	msnbcmedia.msn.com [ E:\Documents and Settings\Grandpa\Application Data\Macromedia\Flash Player\#SharedObjects\JDU22X6K ]
	.specificclick.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.specificclick.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.specificclick.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.specificclick.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.specificclick.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.specificclick.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	bp.specificclick.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.questionmarket.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.questionmarket.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.2o7.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.2o7.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.2o7.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.2o7.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.2o7.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.2o7.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.2o7.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.msnportal.112.2o7.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.2o7.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.atdmt.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.doubleclick.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.tacoda.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.tacoda.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.tacoda.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.tacoda.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.advertising.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.advertising.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.advertising.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.advertising.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.advertising.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.casalemedia.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.casalemedia.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.casalemedia.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.casalemedia.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.casalemedia.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.casalemedia.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.ehg-aarp.hitbox.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.ehg-aarp.hitbox.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.hitbox.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.hitbox.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.zedo.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.adcentriconline.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.adopt.euroclick.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.adopt.euroclick.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.adopt.euroclick.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.ad.yieldmanager.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	ad.yieldmanager.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.ad.yieldmanager.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.ad.yieldmanager.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.ad.yieldmanager.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	ad.yieldmanager.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	ad.yieldmanager.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	ad.yieldmanager.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	ad.yieldmanager.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.ad.yieldmanager.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	ad.yieldmanager.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.imrworldwide.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.imrworldwide.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.overture.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.richmedia.yahoo.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.tribalfusion.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.serving-sys.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.serving-sys.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.bs.serving-sys.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.serving-sys.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.serving-sys.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.serving-sys.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.serving-sys.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	stats2.reliablestats.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	stats2.reliablestats.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	stats2.reliablestats.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	stats2.reliablestats.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	stats2.reliablestats.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.adnetserver.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	adredired.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.umedia.nddaily.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.umedia.nddaily.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.pro-market.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.pro-market.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.revsci.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.revsci.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.revsci.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.revsci.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	ads.revsci.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.adecn.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.mmstat.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.mmstat.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.msnportalbeetsearchapr2007.112.2o7.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.atwola.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.adtech.de [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.popularscreensavers.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.popularscreensavers.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.azjmp.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	rm.yieldmanager.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.xiti.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.statcounter.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	statse.webtrendslive.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	statse.webtrendslive.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.statse.webtrendslive.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.bsch.serving-sys.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.eyewonder.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.love****k.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.love****k.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.toplist.sk [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.adultfriendfinder.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.adultfriendfinder.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	image.masterstats.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.toplist.cz [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.partner2profit.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.partner2profit.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.partner2profit.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.partner2profit.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.partner2profit.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.revenue.net [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.insightexpressai.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.insightexpressai.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.insightexpressai.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.insightexpressai.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.insightexpressai.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.bluestreak.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	media.adrevolver.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	.ehg-shoppersdrugmart.hitbox.com [ E:\Documents and Settings\Grandpa\Application Data\Mozilla\Firefox\Profiles\66cfgigc.default\cookies.txt ]
	E:\Documents and Settings\Grandpa\Cookies\grandpa@atdmt[2].txt


----------



## Mess

E:\Documents and Settings\Grandpa\Cookies\grandpa@ad.yieldmanager[2].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@tacoda[2].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@ads.pointroll[1].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@popularscreensavers[2].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@overture[1].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@specificclick[1].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@advertising[1].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@bsch.serving-sys[1].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@richmedia.yahoo[1].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@2o7[2].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@adtech[1].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@bs.serving-sys[1].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@doubleclick[1].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@ehg-shoppersdrugmart.hitbox[2].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@hitbox[2].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@msnportal.112.2o7[1].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@questionmarket[2].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@serving-sys[1].txt
	E:\Documents and Settings\Grandpa\Cookies\grandpa@statse.webtrendslive[2].txt
	.statcounter.com [ E:\Documents and Settings\Gregory\Application Data\MozillaControl\profiles\MozillaControl\gea16a7u.slt\cookies.txt ]
	.doubleclick.net [ E:\Documents and Settings\Gregory\Application Data\MozillaControl\profiles\MozillaControl\gea16a7u.slt\cookies.txt ]
	cdn4.specificclick.net [ E:\Documents and Settings\Gregory\Application Data\Macromedia\Flash Player\#SharedObjects\HRYPBFGP ]
	ia.media-imdb.com [ E:\Documents and Settings\Gregory\Application Data\Macromedia\Flash Player\#SharedObjects\HRYPBFGP ]
	vitamine.networldmedia.net [ E:\Documents and Settings\Gregory\Application Data\Macromedia\Flash Player\#SharedObjects\HRYPBFGP ]
	.doubleclick.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.invitemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.atdmt.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.atdmt.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.atdmt.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.atdmt.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.tacoda.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.kontera.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	ad.yieldmanager.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.247realmedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.zedo.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.advertising.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.media6degrees.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.legolas-media.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.legolas-media.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.legolas-media.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.content.yieldmanager.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.www.burstnet.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.burstnet.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adserver.adtechus.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.videoegg.adbureau.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.revsci.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.revsci.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.ehg-viacom.hitbox.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.ehg-viacom.hitbox.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.hitbox.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.hitbox.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.ehg-viacom.hitbox.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.ad-g.doubleclick.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	adserver.adpredictive.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.apmebf.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.mediaplex.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.ads.pointroll.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.pointroll.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adbrite.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adecn.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	cdn4.specificclick.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.havamedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.havamedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.myroitracking.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.clicksor.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.clicksor.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.clicksor.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.clicksor.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.clicksor.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.clicksor.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.havamedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.admse012.adbureau.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	adserver.duetads.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.zedo.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.zedo.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	ads.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.vitamine.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.game-advertising-online.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.vitamine.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.statcounter.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	adserver.adreactor.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.bellcan.adbureau.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.pointroll.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.ads.pointroll.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.ads.pointroll.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.ads.pointroll.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.ads.pointroll.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.ads.pointroll.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.ads.pointroll.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.im.banner.t-online.de [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.zanox-affiliate.de [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	tracking.mlsat02.de [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.tracking.quisma.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.unitymedia.de [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.unitymedia.de [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.tracking.quisma.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	ad.zanox.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.zanox.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adfarm1.adition.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.tracking.hannoversche.de [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	network.alluremedia.com.au [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.imrworldwide.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.imrworldwide.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adultfriendfinder.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adbrite.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adbrite.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adultfriendfinder.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adultfriendfinder.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adultfriendfinder.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adultfriendfinder.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adultfriendfinder.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adultfriendfinder.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adultfriendfinder.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adcentriconline.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.smartadserver.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.smartadserver.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.smartadserver.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	ext-us.bestofmedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.xiti.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.invitemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adbrite.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.invitemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.revsci.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.media6degrees.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.media6degrees.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.media6degrees.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.media6degrees.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.media6degrees.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.invitemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.invitemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.invitemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.intermundomedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.intermundomedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.intermundomedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.zedo.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.casalemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.casalemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.casalemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.pro-market.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.pro-market.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.pro-market.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	cdn4.specificclick.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	cdn4.specificclick.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.specificclick.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.specificclick.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	cdn4.specificclick.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.specificclick.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	cdn4.specificclick.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	cdn4.specificclick.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.pro-market.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.pro-market.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.kontera.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.kontera.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.kontera.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.mediaplex.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.content.yieldmanager.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.advertising.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.advertising.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.advertising.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.advertising.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.yieldmanager.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.revsci.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	statse.webtrendslive.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.fastclick.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	d.mediadakine.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	ad.yieldmanager.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.2o7.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.tacoda.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.tacoda.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.tacoda.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.tacoda.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.advertising.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.advertising.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.at.atwola.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.at.atwola.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.collective-media.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.collective-media.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.collective-media.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adtech.de [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.chitika.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.zedo.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.zedo.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.zedo.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adbrite.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.revsci.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.casalemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.revsci.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.casalemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.casalemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.casalemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.casalemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.casalemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.casalemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.fastclick.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.fastclick.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.fastclick.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	ad.yieldmanager.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.blogstandmedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.blogstandmedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	ads.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	vitamine.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.blogstandmedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.blogstandmedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.vitamine.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.media.defaultimg.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.media.defaultimg.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.media.defaultimg.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	ad.yieldmanager.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	ad.yieldmanager.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.revsci.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.vitamine.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]


----------



## Mess

.vitamine.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	vitamine.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	vitamine.networldmedia.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.invitemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	segment-pixel.invitemedia.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	ad.yieldmanager.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	ad.yieldmanager.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	gr.burstnet.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.adserver.adtechus.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.revsci.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.revsci.net [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.bs.serving-sys.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.serving-sys.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.serving-sys.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.serving-sys.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.serving-sys.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.serving-sys.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.serving-sys.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.serving-sys.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.burstnet.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.burstnet.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	.tribalfusion.com [ E:\Documents and Settings\Gregory\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
	vitamine.networldmedia.net [ E:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\F8GG87BD ]
	E:\Documents and Settings\LocalService\Cookies\system@adtechus[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@seth.avazutracking[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@www.socialtrack[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@ads.pointroll[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@doubleclick[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@mediametrics.mpsa[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@adecn[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@atdmt[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@adx.bidsystem[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@azjmp[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@ads.us.e-planning[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@popularscreensavers[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@vitamine.networldmedia[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@jumbamediagroup[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@statcounter[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@adtech[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@apmebf[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@www3.smartadserver[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@insightexpressai[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@adbrite[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@invitemedia[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@media6degrees[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@mediaplex[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@adserver.adtechus[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@ads.networldmedia[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@bs.serving-sys[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@content.yieldmanager[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@fastclick[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@account.frogster-america[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@ads.horyzon-media[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@xm.xtendmedia[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@zedo[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@rotator.adjuggler[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@adsby.aim4media[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@game-advertising-online[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@tribalfusion[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@ww251.smartadserver[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@serving-sys[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@serving-sys[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@tradedoubler[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@networldmedia[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@americanheart.122.2o7[1].txt
	E:\Documents and Settings\LocalService\Cookies\system@advertising[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@pointroll[2].txt
	E:\Documents and Settings\LocalService\Cookies\system@fidelity.rotator.hadj7.adjuggler[1].txt
	142.memecounter.com [ E:\Documents and Settings\Nicholas\Application Data\Macromedia\Flash Player\#SharedObjects\NSZJBDFN ]
	googleads.g.doubleclick.net [ E:\Documents and Settings\Nicholas\Application Data\Macromedia\Flash Player\#SharedObjects\NSZJBDFN ]
	media.tattomedia.com [ E:\Documents and Settings\Nicholas\Application Data\Macromedia\Flash Player\#SharedObjects\NSZJBDFN ]
	media.y8.com [ E:\Documents and Settings\Nicholas\Application Data\Macromedia\Flash Player\#SharedObjects\NSZJBDFN ]
	media1.clubpenguin.com [ E:\Documents and Settings\Nicholas\Application Data\Macromedia\Flash Player\#SharedObjects\NSZJBDFN ]
	mediacloud.whirled.com [ E:\Documents and Settings\Nicholas\Application Data\Macromedia\Flash Player\#SharedObjects\NSZJBDFN ]
	memecounter.com [ E:\Documents and Settings\Nicholas\Application Data\Macromedia\Flash Player\#SharedObjects\NSZJBDFN ]
	s0.2mdn.net [ E:\Documents and Settings\Nicholas\Application Data\Macromedia\Flash Player\#SharedObjects\NSZJBDFN ]
	vhss-a.oddcast.com [ E:\Documents and Settings\Nicholas\Application Data\Macromedia\Flash Player\#SharedObjects\NSZJBDFN ]
	.adbrite.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adbrite.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.fishadultgames.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
www.fishadultgames.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adultfriendfinder.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.partypoker.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	ad.yieldmanager.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	ad.yieldmanager.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	ad.yieldmanager.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	ad.yieldmanager.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.atdmt.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.videoegg.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.casalemedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.casalemedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.casalemedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.casalemedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.kontera.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.kontera.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.fastclick.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.fastclick.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.fastclick.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.advertising.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.advertising.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]


----------



## Mess

.advertising.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.advertising.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.advertising.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adcentriconline.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.serving-sys.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.serving-sys.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.bs.serving-sys.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.serving-sys.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.serving-sys.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.serving-sys.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.tribalfusion.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.viacom.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.viacom.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.viacom.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.viacom.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.viacom.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	server.cpmstar.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	mediamgr.ugo.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	statse.webtrendslive.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.questionmarket.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adlegend.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	ads.gamesbannernet.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	ads.gamesbannernet.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.cgm.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.cgm.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.cgm.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.cgm.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.zedo.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.zedo.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.imrworldwide.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.imrworldwide.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.gjacket.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.www.smileycentral.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	media.mtvnservices.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.overture.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.overture.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.overture.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.overture.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adopt.euroclick.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.burstnet.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.burstnet.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	media.adrevolver.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adrevolver.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adrevolver.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adrevolver.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adrevolver.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	media.adrevolver.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	media.adrevolver.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.gaiainteractive.112.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.game-advertising-online.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.trafficmp.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.msnportal.112.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.realmedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.microsoftwlcashback.112.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.revsci.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.prospect.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.apmebf.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.nintendo.112.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.viacom.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.bluestreak.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.msnaccountservices.112.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.atdmt.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.cgm.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	webads.hookedmediagroup.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.cgm.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.cgm.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.2adultflashgames.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adultadworld.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.tacoda.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.tacoda.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.advertising.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.at.atwola.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.bellcan.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.teendestruction.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.mywebsearch.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.stats.adbrite.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	media.adrevolver.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	ad.yieldmanager.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adtech.de [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.ehg-newscientist.hitbox.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.ehg-newscientist.hitbox.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.hitbox.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.burstnet.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adserver.adtechus.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.chitika.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.knowledgeadventure.122.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.insightexpressai.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.pointroll.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.pointroll.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.atdmt.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.atdmt.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	ads.networldmedia.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	ads.networldmedia.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.vitamine.networldmedia.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.advertiseyourgame.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.advertiseyourgame.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.specificclick.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.specificclick.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.specificclick.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.sonyonlineentertainment.112.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.kontera.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	us.sitestat.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	us.sitestat.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.eaeacom.112.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	media.quakelive.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.stats.adbrite.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.collective-media.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.vitamine.networldmedia.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	vitamine.networldmedia.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	vitamine.networldmedia.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.lfstmedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.lfstmedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.media6degrees.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.media6degrees.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.media6degrees.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.trafficmp.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.trafficmp.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	adserver.qplaygames.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.mediaplex.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.atdmt.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	vc-mvt-pixel-80.ak-networks.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.ads.pointroll.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.popcapgames.122.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.invitemedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.invitemedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.invitemedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.invitemedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.invitemedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.xm.xtendmedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.media.photobucket.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.statcounter.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.112.2o7.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	dc.tremormedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.media6degrees.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.media6degrees.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.invitemedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adbrite.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adecn.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.indiads.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.trvlnet.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.revsci.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.pro-market.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.pro-market.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.pro-market.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.pro-market.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.interclick.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.interclick.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.mediaplex.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.doubleclick.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	statse.webtrendslive.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.adbrite.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.247realmedia.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.trvlnet.adbureau.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.serving-sys.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.serving-sys.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.questionmarket.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.atdmt.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	counter.surfcounters.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.revsci.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.revsci.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.media6degrees.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.revsci.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.revsci.net [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.ru4.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]
	.ru4.com [ E:\Documents and Settings\Nicholas\Application Data\Mozilla\Firefox\Profiles\9oapeva7.default\cookies.sqlite ]


----------



## Mess

E:\Documents and Settings\Nicholas\Cookies\nicholas@ad.wsod[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@casalemedia[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@specificclick[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@msnportal.112.2o7[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@server.cpmstar[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@2o7[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@ads.adbrite[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@msnaccountservices.112.2o7[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@tacoda[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@pornbb[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@adlegend[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@www.abelwongsanimeporn[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@www.burstnet[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@serving-sys[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@bannertgt[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@overture[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@kontera[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@content.yieldmanager[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@advertising[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@burstnet[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@imagevenue.advertserve[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@chitika[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@adbrite[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@doubleclick[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@atdmt[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@fastclick[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@media6degrees[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@www.pornbb[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@apmebf[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@ad.yieldmanager[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@statse.webtrendslive[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@statcounter[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@adultfriendfinder[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@abelwongsanimeporn[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@atwola[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@ads.svx.adbrite[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@at.atwola[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@bs.serving-sys[2].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@legolas-media[1].txt
	E:\Documents and Settings\Nicholas\Cookies\nicholas@mediaplex[1].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@hitbox[2].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@2o7[2].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@tracking.foundry42[2].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@tribalfusion[2].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@ad.yieldmanager[2].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@pro-market[2].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@casalemedia[2].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@toplist[1].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@track.asus[1].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@ehg-superwarehouse.hitbox[2].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@clickbank[1].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@revenue[2].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@statcounter[1].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@rbc.bridgetrack[2].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@counter.surfcounters[1].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@doubleclick[1].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@specificclick[2].txt
	E:\Documents and Settings\Vitus\Cookies\vitus@statse.webtrendslive[1].txt

Adware.Flash Tracking Cookie
	E:\Documents and Settings\Gregory\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HRYPBFGP\IA.MEDIA-IMDB.COM
	E:\Documents and Settings\Gregory\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HRYPBFGP\VITAMINE.NETWORLDMEDIA.NET


*The last of it, I could have missed a bit or put something in twice. It found 800+ adware type things so hopefully, this fixes the issue for me. *


----------



## johnb35

All those were cookies but hopefully that will stop the ads from popping up.  But as far as your other issue goes, you may have to repair the OS as its not from the infections you had.


----------

