S&D cannot be deleted. S&D and IE exe cannot be launched

Status
Not open for further replies.
P

psbsubs4

New member
Hello,

My Net Nanny software started acting funny by not letting any browser window I opened to be able to connect to the internet. I tried to run my Avast AV software but it would hang on a scan. I tied to run S&D but it would not launch. I worked with Net Nanny to uninstall and reinstall and I was able to connect to the internet. (BTW, I do not think Net Nanny is doing what it should be doing though because it is not asking me to log into it to get to an internet page.) Perhaps I should just unstall NN for now...?

Anyway, once I was able to get back to the internet, I downloaded a new version of Avast AV but it still hangs up on a scan. I have uninstalled it.

Now my recollection gets fuzzy. I think I tried to uninstall S&D (& Tea Timer). I think S&D was in Add/Remove programs but TT was not. I downloaded a new S&D file and tried to install. It had a lot of warnings about write protection and I selected the option to remove the write protection each time. That worked for most files but not for the S&D nor TT .exe files.

I found the post that talked about manual deletion from the "all users" folder and the programs folder and tried that and was able to delete all except the S&D & TT .exe files.

I then tried another install. I did not get the warning about the write protect for the other files (since there were deleted) but I still got it for the S&D & TT files. I told it to ignore so that it would fininsh the install.

I launched S&D after the install but frankly, I cannot recall for sure just what it did. I think it hung and I cannot recall how I closed out from it (whether it let me cancel or I had to do something more forceful).

Now when I try to launch S&D, It tells me
QUOTE
Windows cannot access the specified device, path, or file. You may not have appropriate permissions to access the item.
END QUOTE

Note: I am running XP (SP3) and I am logged in as the admin so I know it is not a true auth/permissions problem.

Note: As I said before, I was able to launch IE and get to the web but now when I launch IE (IE7) it is giving me the same error message as when I launch S&D.

I had found the posts that talks about sending in attach.txt and DDS.txt. I will include the dds text down below and attach the "attach" file.

I also found a post talking about running Root Analyzer. I ran the quick scan and it came up ok. I ran the deep scan and it flagged some stuff. I scanned what it flagged and nothing jumped out at me but I have not yet compared the entries like it advises.

I followed the steps in this post
http://forums.spybot.info/showthread.php?t=50194
which is why I am now making my own post.

I also read
http://forums.spybot.info/showthread.php?t=288
and have created the ERUNT registry dump.

Here below are the DDS.txt contents.
Note: I am probably being too cautious but I changed some text since this is a public forum. Namely:
maskedname is a corporate website that I saw no need to post.
myxpid~ is masking my xp admin account ID
[my admin id] is also macking my xp admin ID


Thanks for your help.

DDS (Ver_10-12-12.02) - NTFSx86
Run by [my admin id] at 18:46:11.03 on 12/28/2010
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.544 [GMT -6:00]


============== Running Processes ===============

"\\.\globalroot\Device\svchost.exe\svchost.exe"
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ClearPlay\ClearPlay Easy Updates\ClearPlayEasyUpdates.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\FastStone Capture\FSCapture.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Documents and Settings\[my admin id]\My Documents\RCA Detective\RCADetective.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\System32\imapi.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\[my admin id]\Local Settings\Temporary Internet Files\Content.IE5\KX5LHTQ3\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Bar =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Gamevance: {0ed403e8-470a-4a8a-85a4-d7688cfe39a3} - c:\program files\gamevance\gamevancelib32.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: CPrintEnhancer Object: {ae84a6aa-a333-4b92-b276-c11e2212e4fe} - c:\program files\hp\smart web printing\SmartWebPrinting.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: {BEAC7DC8-E106-4C6A-931E-5A42E7362883} - No File
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [nwiz] nwiz.exe /install
mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [cwcptray] c:\program files\contentwatch\internet protection\cwtray.exe
mRun: [BCMSMMSG] BCMSMMSG.exe
StartupFolder: c:\docume~1\myxpid~1\startm~1\programs\startup\clearp~1.lnk - c:\program files\clearplay\clearplay easy updates\ClearPlayEasyUpdates.exe
StartupFolder: c:\docume~1\myxpid~1\startm~1\programs\startup\exifla~1.lnk - c:\program files\finepixviewer\QuickDCF2.exe
StartupFolder: c:\docume~1\myxpid~1\startm~1\programs\startup\fastst~1.lnk - c:\program files\faststone capture\FSCapture.exe
StartupFolder: c:\docume~1\myxpid~1\startm~1\programs\startup\forget~1.lnk - c:\program files\mindscape\agspirit\PMREMIND.EXE
StartupFolder: c:\docume~1\myxpid~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\FINDFAST.EXE
StartupFolder: c:\docume~1\myxpid~1\startm~1\programs\startup\office~1.lnk - c:\program files\microsoft office\office\OSA.EXE
StartupFolder: c:\docume~1\myxpid~1\startm~1\programs\startup\rcadet~1.lnk - c:\documents and settings\[my admin id]\my documents\rca detective\RCADetective.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~2.lnk - c:\program files\adobe\reader 8.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\reader 8.0\reader\AdobeCollabSync.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\eventr~1.lnk - c:\program files\broderbund\printmaster\PMremind.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{6dc47739-3bb0-4494-a43d-193bf54070ae}\Icon3E5562ED7.ico
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
Trusted Zone: ameren.com
Trusted Zone: maskedname.com
Trusted Zone: clearplay.com
Trusted Zone: hp.com
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: VPNJava - hxxps://remote.maskedname.com/CACHE/stc/1/binaries/VPNJava.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxp://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - hxxps://myportfolio.maskedname.com/vdesk/terminal/f5tunsrv.cab#version=6030,2009,626,1841
DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - c:\docume~1\myxpid~1\locals~1\temp\ixp000.tmp\InstallerControl.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://remote.maskedname.com/CACHE/stc/1/binaries/vpnweb.cab
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1202682592866
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC}
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} - hxxps://myportfolio.maskedname.com/vdesk/terminal/vdeskctrl.cab#version=6030,2009,0622,1849
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D}
DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} - hxxps://myportfolio.maskedname.com/vdesk/terminal/urxshost.cab#version=6030,2009,622,1847
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - hxxps://myportfolio.maskedname.com/vdesk/terminal/urxhost.cab#version=6030,2009,622,1843
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1 www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-5-25 88176]
S1 ceaf;ceaf; [x]
S2 CwAltaService20;ContentWatch;c:\program files\contentwatch\internet protection\cwsvc.exe [2010-12-28 2109440]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-20 136176]
S3 pohci13F;pohci13F;\??\c:\docume~1\myxpid~1\locals~1\temp\pohci13f.sys --> c:\docume~1\myxpid~1\locals~1\temp\pohci13F.sys [?]
S3 scsiscan;SCSI Scanner Driver;c:\windows\system32\drivers\scsiscan.sys [2008-2-13 11520]
S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2003-8-28 189792]

=============== Created Last 30 ================

2010-12-28 23:43:18 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-12-28 22:31:40 -------- d-----w- c:\program files\ContentWatch
2010-12-28 22:31:40 -------- d-----w- c:\docume~1\alluse~1\applic~1\ContentWatch
2010-12-28 00:31:06 75264 ----a-w- c:\windows\system32\dcaf.sys
2010-12-28 00:28:43 75264 ----a-w- c:\windows\system32\ceaf.sys
2010-12-25 20:17:57 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-12-25 20:17:57 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-12-25 20:16:42 -------- d-----w- c:\program files\iPod
2010-12-25 20:16:22 -------- d-----w- c:\program files\iTunes
2010-12-25 20:16:22 -------- d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2010-12-25 20:14:06 -------- d-----w- c:\docume~1\myxpid~1\locals~1\applic~1\Apple
2010-12-25 20:13:07 -------- d-----w- c:\program files\Bonjour
2010-12-25 20:10:09 -------- d-----w- c:\docume~1\myxpid~1\locals~1\applic~1\Apple Computer
2010-11-29 23:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 23:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts

==================== Find3M ====================

2010-12-15 20:37:04 81920 ----a-w- c:\windows\system32\wxcode_msw28u_wxjson_CW.dll
2010-12-15 20:36:56 1073152 ----a-w- c:\windows\system32\wxcode_msw28u_wxcurl_CW.dll
2010-12-15 20:34:40 975872 ----a-w- c:\windows\system32\libxml2_CW.dll
2010-12-15 20:30:44 151552 ----a-w- c:\windows\system32\libexpat.dll
2010-12-15 04:09:50 720384 ----a-w- c:\windows\system32\cwalsp.dll
2010-12-15 04:09:50 1884160 ----a-w- c:\windows\system32\AltaRecovery.exe
2010-11-28 01:52:51 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-10-07 18:23:02 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-10-07 18:23:02 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-10-07 18:23:02 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-10-07 18:23:02 107808 ----a-w- c:\windows\system32\dns-sd.exe

============= FINISH: 18:47:20.00 ===============
 
:snwelcome:


Please read Before You Post
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

Sorry you had to wait, we get very busy most times.

If you read this you can see we just fix home computers, we do not work on corporate ones.

http://forums.spybot.info/showthread.php?t=27710

The intention of this forum is not to replace a company's IT department, nor can we anticipate alterations or configurations that may have been made to a business machine, or how it will interact with the tools commonly used in the removal of malware.

The majority of the tools used in this forum are only free for Home Users and only tested on Home machines, they may well change settings that are required for a Company network. Another consideration is that company information may show in the logs.

More than one machine could be at stake, possibly even the server. If sensitive material has been compromised by an infection, the company could be held liable.

To prevent any possible loss or corruption of company information, please inform your IT department or Supervisor when a workplace computer has been infected, immediately.

It's not that we don't want to help, but there are too many issues that could arise from a networked company machine that malware forum volunteers are not experienced in dealing with.
Thank you for your understanding.
 
But this IS a home computer so please look into the problem

Hi,

Sorry if I confused you on my original post. This IS a home computer that is having the problem.

From time to time, when something blows up at work, I VPN into my work computer to fix the problem but this virus issue is on my home computer, not my work computer.

Since I do not know what all is included in the DSS and Attrach files, I thought it best to mask my work name so that someone could not take info form the Attach or DDS files and cause some mischief.

Please take a look into this virus problem that I am having.

Thanks
 
I need to see the entire log , nothing masked so I can determine whats going on with your system

OTLby OldTimer
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
      Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
 
OLT got hit by the virus too

Hi,

I followed your instructions for downloading and running OLT. When I clicked the Run Scan button, the screen just closed. I assumed it was just running "behind the scenes" and waited 5 minutes. When nothing happened, I looked for c:\otl and it did not exist. I looked in task manager and did not see an otl entry. I tried launching the application again but nothing happened. I rebooted and tried launching and now I get the same error message for otl that I get for SpyBotSD. That is,

Windows cannot access the specified device, path, or file. You may not have appropriate permissions to access the item.

I therefore regenerated the DDS and Attach files (with no masking this time) hoping that they can be of help. The DDS text follows and the Attached file is Attached.

Thanks & Regards

DDS (Ver_10-12-12.02) - NTFSx86
Run by Paul Brown at 6:03:03.81 on 01/03/2011
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.505 [GMT -6:00]


============== Running Processes ===============

"\\.\globalroot\Device\svchost.exe\svchost.exe"
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ClearPlay\ClearPlay Easy Updates\ClearPlayEasyUpdates.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\FastStone Capture\FSCapture.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Documents and Settings\Paul Brown\My Documents\RCA Detective\RCADetective.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\System32\imapi.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Z-SOFT~1\WINZIP\wzqkpick.exe
C:\Documents and Settings\Paul Brown\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Bar =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Gamevance: {0ed403e8-470a-4a8a-85a4-d7688cfe39a3} - c:\program files\gamevance\gamevancelib32.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: CPrintEnhancer Object: {ae84a6aa-a333-4b92-b276-c11e2212e4fe} - c:\program files\hp\smart web printing\SmartWebPrinting.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: {BEAC7DC8-E106-4C6A-931E-5A42E7362883} - No File
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [nwiz] nwiz.exe /install
mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [cwcptray] c:\program files\contentwatch\internet protection\cwtray.exe
mRun: [BCMSMMSG] BCMSMMSG.exe
StartupFolder: c:\docume~1\paulbr~1\startm~1\programs\startup\clearp~1.lnk - c:\program files\clearplay\clearplay easy updates\ClearPlayEasyUpdates.exe
StartupFolder: c:\docume~1\paulbr~1\startm~1\programs\startup\exifla~1.lnk - c:\program files\finepixviewer\QuickDCF2.exe
StartupFolder: c:\docume~1\paulbr~1\startm~1\programs\startup\fastst~1.lnk - c:\program files\faststone capture\FSCapture.exe
StartupFolder: c:\docume~1\paulbr~1\startm~1\programs\startup\forget~1.lnk - c:\program files\mindscape\agspirit\PMREMIND.EXE
StartupFolder: c:\docume~1\paulbr~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\FINDFAST.EXE
StartupFolder: c:\docume~1\paulbr~1\startm~1\programs\startup\office~1.lnk - c:\program files\microsoft office\office\OSA.EXE
StartupFolder: c:\docume~1\paulbr~1\startm~1\programs\startup\rcadet~1.lnk - c:\documents and settings\paul brown\my documents\rca detective\RCADetective.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~2.lnk - c:\program files\adobe\reader 8.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\reader 8.0\reader\AdobeCollabSync.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\eventr~1.lnk - c:\program files\broderbund\printmaster\PMremind.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{6dc47739-3bb0-4494-a43d-193bf54070ae}\Icon3E5562ED7.ico
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\z-software-for-installs\winzip\WZQKPICK.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
Trusted Zone: ameren.com
Trusted Zone: brownshoe.com
Trusted Zone: clearplay.com
Trusted Zone: hp.com
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: VPNJava - hxxps://remote.brownshoe.com/CACHE/stc/1/binaries/VPNJava.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxp://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - hxxps://myportfolio.brownshoe.com/vdesk/terminal/f5tunsrv.cab#version=6030,2009,626,1841
DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - c:\docume~1\paulbr~1\locals~1\temp\ixp000.tmp\InstallerControl.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://remote.brownshoe.com/CACHE/stc/1/binaries/vpnweb.cab
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1202682592866
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC}
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} - hxxps://myportfolio.brownshoe.com/vdesk/terminal/vdeskctrl.cab#version=6030,2009,0622,1849
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D}
DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} - hxxps://myportfolio.brownshoe.com/vdesk/terminal/urxshost.cab#version=6030,2009,622,1847
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - hxxps://myportfolio.brownshoe.com/vdesk/terminal/urxhost.cab#version=6030,2009,622,1843
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1 www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-5-25 88176]
S1 ceaf;ceaf; [x]
S2 CwAltaService20;ContentWatch;c:\program files\contentwatch\internet protection\cwsvc.exe [2010-12-28 2109440]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-20 136176]
S3 pohci13F;pohci13F;\??\c:\docume~1\paulbr~1\locals~1\temp\pohci13f.sys --> c:\docume~1\paulbr~1\locals~1\temp\pohci13F.sys [?]
S3 scsiscan;SCSI Scanner Driver;c:\windows\system32\drivers\scsiscan.sys [2008-2-13 11520]
S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2003-8-28 189792]

=============== Created Last 30 ================

2010-12-28 23:43:18 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-12-28 22:31:40 -------- d-----w- c:\program files\ContentWatch
2010-12-28 22:31:40 -------- d-----w- c:\docume~1\alluse~1\applic~1\ContentWatch
2010-12-28 00:31:06 75264 ----a-w- c:\windows\system32\dcaf.sys
2010-12-28 00:28:43 75264 ----a-w- c:\windows\system32\ceaf.sys
2010-12-25 20:17:57 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-12-25 20:17:57 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-12-25 20:16:42 -------- d-----w- c:\program files\iPod
2010-12-25 20:16:22 -------- d-----w- c:\program files\iTunes
2010-12-25 20:16:22 -------- d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2010-12-25 20:15:34 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2010-12-25 20:14:06 -------- d-----w- c:\docume~1\paulbr~1\locals~1\applic~1\Apple
2010-12-25 20:13:07 -------- d-----w- c:\program files\Bonjour
2010-12-25 20:10:09 -------- d-----w- c:\docume~1\paulbr~1\locals~1\applic~1\Apple Computer

==================== Find3M ====================

2010-12-15 20:37:04 81920 ----a-w- c:\windows\system32\wxcode_msw28u_wxjson_CW.dll
2010-12-15 20:36:56 1073152 ----a-w- c:\windows\system32\wxcode_msw28u_wxcurl_CW.dll
2010-12-15 20:34:40 975872 ----a-w- c:\windows\system32\libxml2_CW.dll
2010-12-15 20:30:44 151552 ----a-w- c:\windows\system32\libexpat.dll
2010-12-15 04:09:50 720384 ----a-w- c:\windows\system32\cwalsp.dll
2010-12-15 04:09:50 1884160 ----a-w- c:\windows\system32\AltaRecovery.exe
2010-11-29 23:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 23:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-28 01:52:51 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-10-07 18:23:02 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-10-07 18:23:02 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-10-07 18:23:02 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-10-07 18:23:02 107808 ----a-w- c:\windows\system32\dns-sd.exe

============= FINISH: 6:04:11.96 ===============
 
First go to Add Remove Programs in the control panel and uninstall Spybot and thenSee if you can run this program

Please download Malwarebytes from Here or Here

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
    MBAMCapture.jpg
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected .
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
  • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please
 
Last edited:
Still having trouble

The Virus whacked this scanner program also. That is, I uninstalled SB S&D per your instructions, then downloaded, installed and ran the new scanner that you pointed me to. It started to run and then the screen closed. I tried to launch the program again and got this

Windows cannot access the specified device, path, or file. You may not have appropriate permissions to access the item.
 
Run this quick program , do not reboot when its done and then give Malwarebytes another run

Please download exeHelper to your desktop.

Double-click on exeHelper.com to run the fix.
A black window should pop up, press any key to close once the fix is completed.
Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).
 
Still a problem after exehelper

Hi,

I tried exehelper. Here is the log

exeHelper by Raktor
Build 20100414
Run at 20:59:11 on 01/03/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

I did not reboot.

I tried to run the Malwarebytes program but got

Windows cannot access the specified device, path, or file. You may not have appropriate permissions to access the item.

I relaunched the install (mbam-setup-1.50.1.1100.exe) to do an over-the-top install, executed the program but got the same results. That is, It started to run and then the screen closed.
 
Lets try this one instead

Please download SuperAntiSpyware Free
Install the program
  • Run SuperAntiSpyware and click: Check for updates
  • Once the update is finished, on the main screen, click: Scan your computer
  • Check: Perform Complete Scan
  • Click Next to start the scan.
Superantispyware scans the computer, and when finished, lists all the infections found.
Make sure everything found has a check next to it, and press: Next <-- Important
Then, click Finish

It is possible that the program asks to reboot in order to delete some files.

Obtain the SuperAntiSpyware log as follows:
  • Click: Preferences
  • Click the Statistics/Logs tab
  • Under Scanner Logs, double-click SuperAntiSpyware Scan Log
It opens in your default text editor (such as Notepad)

Please provide the SuperAntiSpyware log in your next reply
 
Got a little bit of traction but still having trouble

Hi,

I did the install and started the scanner. The good news is that it did not shut down right away. The bad news is that it did shut down after a while like the others. I will try to recall what I saw before the screen shut down...

The scan started running. I left the room for a bit and when I came back it had found one problem. I think "trojan" was in the name and it had a count of 2 next to it. I do not know if that showed up as part of the memory scan or the registry scan. I noticed that it was then scanning the registry. I left and came back later and saw that another problem had been found. I think it had "advgamer" in the name. I saw that it was still scanning the registry. I left the room and when I came back, the window had closed. I tried launching it in hopes of getting to the logs but got the error message that I have been getting. That is,

Windows cannot access the specified device, path, or file. You may not have appropriate permissions to access the item.

I tried an re-install over-the-top hoping to get to any log that might have been created. It notified me that it would have to uninstall the old version and I told it to proceed. Very shortly after that, the screen went blank. I waited several minutes and but nothing happened so I powered off the machine. I waited a bit and powered up again and was able to log on and then I powered back down.

More on the blank screen. My desktop already had no picture (The picture dissapeared a day or two ago) but it did have desktop icons. So, when I say that the screen went blank, it was that all of the desktop icons dissapeared.
 
See if it will run in Safemode

To Enter Safemode
  • Go to Start> Shut off your Computer> Restart
  • As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly,
    this will bring up a menu.
  • Use the Up and Down Arrow Keys to scroll up to Safemode with Networking
  • Then press the Enter Key on your Keyboard
Tutorial if you need it How to boot into Safemode
 
Still having trouble

Hi, I booted in safe mode. It looks like the prior uninstall (because I was going to try to reinstall after the screen closed (see last post)), even though the screen went blank, was at least partially successful because when I tried to run the program under Start -> Progams -> ... the folder was empty.

While still in safe mode, I installed the software, downloaded the update and started the scan. I made notes of the scan to collect as much as I could before it closed the screen.

In the window on the left, it listed
Trojan.Dropper/SVCHOST-Fake and had a 2 in the column to the right of the listing. Under that was
Adware.Gamevance with a 6.

On the panel on the right it showed
Mem - 1 problem
Registry - 5 problems
File - 2 problems
Total - 8 problems

I rebooted (regular mode this time) and looked in

C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\AppLogs

and found

SUPERANTISPYWARE-1-4-2011( 17-55-49 ).SDB

so I am attaching that in case it may help.
 
PART 1 OF A TWO PART POST

(This part is done from an old Win98 machine that I can get to the forum on to type in what I am doing as I do it. The 2nd part of the post will be from the problem machine so that I can get to the log files.)

Could not get app to open in regular mode. Rebooted to safe mode + networking. Did an uninstall and a reinstall. Went to the panel to open log and nothing was there.

Remembered that it could do part of the scan without dying so told app to only scan memory which it did and created a log. I could open that in the tool. Found where that was. Made a discovery.

The path that I previously posted was for application logs

C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\AppLogs

so not sure that that log file would have in it anyway. The log file that was created from the memory scan went to another location. That location was

C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Logs

Anyway, since I had done the memory scan, it wanted me to reboot to finish things out. I wanted to try and gather more info so I said not to reboot.

Remembering that the registry scan completed part way before the app died, I thought I could perhaps do a partial scan and then pause it to collect what I could there. After it started I decided it might be better to just let it do its reboot so I aborted the registry scan and rebooted. I unstalled (selecting to retain log files) and reinstalled. I told it to do the memory scan and it found the memory problem again. So, either it came back or what I did caused the delete to not really go all the way through.

Anyway, select custom scan, I checked memory and register and paused it once it got to the afore mentioned 8 problems but before the app died. After pausing it, I clicked next and followed the steps that fixed the problem and wanted a reboot. I did the reboot.

Second part of this post to follow in a few minutes.
 
PART TWO OF A TWO PART POST. PLEASE SEE PART ONE JUST ABOVE

Rebooted in safe mode. App would not launch. (Not getting the error like I was getting before of file not found... just that the app never launches...)

I uninstalled (retaining log files) and reinstalled. Here is the log file from the scan that was paused:


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/04/2011 at 08:59 PM

Application Version : 4.47.1000

Core Rules Database Version : 6137
Trace Rules Database Version: 3949

Scan type : Custom Scan
Total Scan Time : 00:00:51

Memory items scanned : 269
Memory threats detected : 1
Registry items scanned : 588
Registry threats detected : 5
File items scanned : 0
File threats detected : 2

Trojan.Dropper/SVCHost-Fake
\.\GLOBALROOT\DEVICE\SVCHOST.EXE\SVCHOST.EXE
\.\GLOBALROOT\DEVICE\SVCHOST.EXE\SVCHOST.EXE

Adware.Gamevance
HKLM\Software\Classes\CLSID\{0ED403E8-470A-4a8a-85A4-D7688CFE39A3}
HKCR\CLSID\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3}
HKCR\CLSID\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3}
HKCR\CLSID\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3}\InprocServer32
HKCR\CLSID\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\GAMEVANCE\GAMEVANCELIB32.DLL

While I had the app open, I told it to do the mem and reg scan again and it found the memory / trojan and 4 of the 6 registry problems before the app closed so the prior scan either did not remove it or it is reinstalling/reinitializing itself with the reboot.

Without anymore rebooting, I did an uninstall and a reinstall thinking that I could have it look at
Startup
Cookies
Selected Folders (told it to do c:\)
The scan is running. I want to complete this second post. Once get some information on the scan that is running now (finished or app dies) I will post that.
 
PART THREE OF POST. PLEASE SEE PRIOR TWO PARTS
ALSO THIS POST IS TOO LONG SO I WILL HAVE TO CHOP IT INTO TWO PARTS

The scan of
Startup
Cookies
Selected Folders (told it to do c:\)
completed. 34 minutes and 19.5K files checked. It found
Adware.Tracking Cookie - 816
Trojan.Agent/Gen-Kryptic - 19
Trojan.Agent/Gen-Frauder - 2

After repairing, when I said to reboot to did. I was wondering if rebooting to safe mode might be what stopped the prior repairs from happening so this time I rebooted into normal mode.

After rebooting, the app did would not run so I uninstalled and reinstalled so that I could get to the log file. The log file did not show in the app. Note: A the time of the scan, I was in safe mode using the native admin id but at the time I was in the app, I was under my admin id so perhaps the two do not line up somehow? Anyway, I just went through window explorer and got the log file that way.

Here is the contents of the log

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/04/2011 at 09:53 PM

Application Version : 4.47.1000

Core Rules Database Version : 6137
Trace Rules Database Version: 3949

Scan type : Custom Scan
Total Scan Time : 00:34:06

Memory items scanned : 0
Memory threats detected : 0
Registry items scanned : 59
Registry threats detected : 0
File items scanned : 19574
File threats detected : 837

Adware.Tracking Cookie
cdn4.specificclick.net [ C:\Documents and Settings\Abigail\Application Data\Macromedia\Flash Player\#SharedObjects\DWJSUP2L ]
objects.tremormedia.com [ C:\Documents and Settings\Abigail\Application Data\Macromedia\Flash Player\#SharedObjects\DWJSUP2L ]
udn.specificclick.net [ C:\Documents and Settings\Abigail\Application Data\Macromedia\Flash Player\#SharedObjects\DWJSUP2L ]
C:\Documents and Settings\Abigail\Cookies\abigail@mediaplex[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@tribalfusion[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@atdmt[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@banners.battleon[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@realmedia[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@insightexpressai[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@serving-sys[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@ads.webkinz[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@server.cpmstar[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@lego.112.2o7[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@media6degrees[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@2o7[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@ru4[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@ads.addynamix[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@uol.realmedia[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@collective-media[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@cdn1.trafficmp[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@doubleclick[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@statse.webtrendslive[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@cgm.adbureau[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@bs.serving-sys[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@content.yieldmanager[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@content.yieldmanager[3].txt
C:\Documents and Settings\Abigail\Cookies\abigail@interclick[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@pointroll[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@ads.pointroll[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@adlegend[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@adbrite[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@adxpose[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@megabrands.122.2o7[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@revsci[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@questionmarket[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@ads.intergi[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@ad.yieldmanager[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@user.lucidmedia[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@specificclick[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@specificmedia[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@invitemedia[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@eas.apm.emediate[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@apmebf[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@oasn03.247realmedia[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@247realmedia[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@trafficmp[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@adserver.adtechus[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@network.realmedia[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@ads.pubmatic[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@dc.tremormedia[2].txt
C:\Documents and Settings\Abigail\Cookies\abigail@banners2.battleon[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@adecn[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@cdn4.specificclick[1].txt
C:\Documents and Settings\Abigail\Cookies\abigail@msnportal.112.2o7[1].txt
139.memecounter.com [ C:\Documents and Settings\Benjamin\Application Data\Macromedia\Flash Player\#SharedObjects\GYHHW2RH ]
cdn4.specificclick.net [ C:\Documents and Settings\Benjamin\Application Data\Macromedia\Flash Player\#SharedObjects\GYHHW2RH ]
memecounter.com [ C:\Documents and Settings\Benjamin\Application Data\Macromedia\Flash Player\#SharedObjects\GYHHW2RH ]
udn.specificclick.net [ C:\Documents and Settings\Benjamin\Application Data\Macromedia\Flash Player\#SharedObjects\GYHHW2RH ]
C:\Documents and Settings\Benjamin\Cookies\benjamin@cgm.adbureau[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@a1.interclick[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@content.yieldmanager[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@cdn4.specificclick[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@cdn1.trafficmp[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@ads.webkinz[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@questionmarket[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@insightexpressai[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@adserver.adtechus[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@specificclick[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@ads.bridgetrack[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@pointroll[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@ads.intergi[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@ad.yieldmanager[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@ads.addynamix[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@oasn04.247realmedia[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@cms.trafficmp[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@tribalfusion[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@lucidmedia[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@www.burstbeacon[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@statse.webtrendslive[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@dc.tremormedia[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@serving-sys[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@ads.pointroll[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@interclick[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@overture[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@doubleclick[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@specificmedia[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@eyewonder[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@247realmedia[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@collective-media[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@mediaplex[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@media6degrees[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@lego.112.2o7[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@network.realmedia[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@adbrite[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@ru4[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@realmedia[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@megabrands.122.2o7[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@bs.serving-sys[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@invitemedia[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@trafficmp[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@intermundomedia[2].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@apmebf[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@msnportal.112.2o7[1].txt
C:\Documents and Settings\Elizabeth\Cookies\elizabeth@trafficmp[2].txt
C:\Documents and Settings\Elizabeth\Cookies\elizabeth@apmebf[1].txt
C:\Documents and Settings\Elizabeth\Cookies\elizabeth@ads.webkinz[1].txt
C:\Documents and Settings\Elizabeth\Cookies\elizabeth@edge.ru4[1].txt
C:\Documents and Settings\Elizabeth\Cookies\elizabeth@realmedia[2].txt
C:\Documents and Settings\Elizabeth\Cookies\elizabeth@mediaplex[2].txt
C:\Documents and Settings\Elizabeth\Cookies\elizabeth@doubleclick[2].txt
C:\Documents and Settings\Elizabeth\Cookies\elizabeth@ad.yieldmanager[2].txt
C:\Documents and Settings\Elizabeth\Cookies\elizabeth@advertising[2].txt
C:\Documents and Settings\Elizabeth\Cookies\elizabeth@network.realmedia[1].txt
C:\Documents and Settings\Elizabeth\Cookies\elizabeth@lego.112.2o7[1].txt
ads2.msads.net [ C:\Documents and Settings\Paul Brown\Application Data\Macromedia\Flash Player\#SharedObjects\Y7F3NFSF ]
ia.media-imdb.com [ C:\Documents and Settings\Paul Brown\Application Data\Macromedia\Flash Player\#SharedObjects\Y7F3NFSF ]
.www.googleadservices.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.247realmedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.247realmedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.account.juno.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.account.netzero.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ad.yieldmanager.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ad.yieldmanager.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ad.yieldmanager.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ad.yieldmanager.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ad.yieldmanager.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adopt.euroclick.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adopt.euroclick.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adopt.euroclick.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adopt.euroclick.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adopt.euroclick.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adopt.euroclick.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adopt.specificclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adopt.specificclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adopt.specificclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adopt.specificclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adopt.specificclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adrevolver.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.media.adrevolver.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.media.adrevolver.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ads.addynamix.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adserver.adtechus.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.adserver.toptenreviews.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ads.revsci.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.apmebf.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.apmebf.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.atwola.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.bluestreak.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.burstnet.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.clickbank.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.doubleclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ehg-chartercommunications.hitbox.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ehg-legonewyorkinc.hitbox.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.ehg-legonewyorkinc.hitbox.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.hitbox.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.hitbox.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.legobrandretail.112.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.media.adrevolver.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.media.adrevolver.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.msnportal.112.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.philips.112.2o7.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.revenue.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.s.clickability.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.s.clickability.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.specificmedia.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.statse.webtrendslive.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.tradedoubler.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.tradedoubler.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.tribalfusion.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.www.halstats.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Paul Brown\Application Data\Mozilla\Firefox\Profiles\x1n2x1mv.default\cookies.sqlite ]
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@media6degrees[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@revsci[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@adserver.adreactor[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@serving-sys[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@realmedia[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@liveperson[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@walmart.112.2o7[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@liveperson[3].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@bs.serving-sys[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@stlouisdiscountmattress[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@www.windowsmedia[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@at.atwola[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@ads.undertone[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@pro-market[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@247realmedia[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@tacoda.at.atwola[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@lfstmedia[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@ad.yieldmanager[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@trafficmp[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@a1.interclick[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@adecn[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@user.lucidmedia[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@ad.yieldmanager[3].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@adserver.adtechus[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@cdn1.trafficmp[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@surveymonkey.122.2o7[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@questionmarket[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@adbrite[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@winzip.122.2o7[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@specificclick[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@adxpose[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@pointroll[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@mediabrandsww[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@content.yieldmanager[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@invitemedia[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@content.yieldmanager[3].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@lucidmedia[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@adinterax[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@findajobalready[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@www.googleadservices[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@2o7[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@ads.webkinz[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@uol.realmedia[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@ads.pointroll[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@oasn04.247realmedia[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@collective-media[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@network.realmedia[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@interclick[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@ads.pubmatic[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@www.qsstats[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@www.qsstats[2].txt
 
LAST AND FINAL PART OF A FOUR PART POST. PLEASE SEE THE PRIOR THREE PARTS.

C:\Documents and Settings\Paul Brown\Cookies\paul_brown@ru4[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@specificmedia[1].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@media.adfrontiers[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@tribalfusion[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@ad.wsod[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@liveperson[2].txt
C:\Documents and Settings\Paul Brown\Cookies\paul_brown@sales.liveperson[2].txt
.apmebf.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adxpose.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.pointroll.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.247realmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.paypal.112.2o7.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stats.paypal.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.liveperson.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.leeenterprises.112.2o7.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.yieldmanager.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
user.lucidmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.traveladvertising.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.traveladvertising.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.msnbc.112.2o7.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.uol.realmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
in.getclicky.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.yadro.ru [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.yadro.ru [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.addynamix.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.pointroll.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.traveladvertising.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.addynamix.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.addynamix.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.addynamix.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.addynamix.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.addynamix.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.qsstats.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.qsstats.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.dealtime.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.dealtime.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.dealtime.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
stat.dealtime.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.dealtime.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.walmart.112.2o7.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
statse.webtrendslive.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
sales.liveperson.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.liveperson.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.w3counter.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.doubleclick.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.oreck.112.2o7.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.www.burstnet.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adecn.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.network.realmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.pointroll.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adserver.adtechus.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
uol.realmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
network.realmedia.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
banners.battleon.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
banners.battleon.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
banners.battleon.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.server.cpmstar.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.server.cpmstar.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.server.cpmstar.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.server.cpmstar.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adlegend.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adlegend.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bs.serving-sys.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Paul Brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
C:\Documents and Settings\Rachel\Cookies\rachel@adecn[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@2o7[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@ru4[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@invitemedia[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@specificmedia[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@ads.webkinz[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@banners2.battleon[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@media6degrees[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@network.realmedia[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@realmedia[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@content.yieldmanager[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@cgm.adbureau[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@www.googleadservices[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@www.windowsmedia[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@at.atwola[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@insightexpressai[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@bs.serving-sys[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@ads.intergi[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@trafficmp[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@legolas-media[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@adlegend[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@triseptsolutions.122.2o7[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@tribalfusion[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@serving-sys[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@ad.yieldmanager[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@www.burstbeacon[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@a1.interclick[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@pointroll[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@cdn4.specificclick[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@tacoda[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@cdn1.trafficmp[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@questionmarket[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@specificclick[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@server.cpmstar[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@lucidmedia[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@247realmedia[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@adbrite[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@ads.pointroll[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@adserver.adtechus[1].txt
C:\Documents and Settings\Rachel\Cookies\rachel@banners.battleon[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@interclick[2].txt
C:\Documents and Settings\Rachel\Cookies\rachel@lfstmedia[2].txt
cdn4.specificclick.net [ C:\Documents and Settings\Star Wars 1's\Application Data\Macromedia\Flash Player\#SharedObjects\2RWQEJE6 ]
objects.tremormedia.com [ C:\Documents and Settings\Star Wars 1's\Application Data\Macromedia\Flash Player\#SharedObjects\2RWQEJE6 ]
udn.specificclick.net [ C:\Documents and Settings\Star Wars 1's\Application Data\Macromedia\Flash Player\#SharedObjects\2RWQEJE6 ]
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@pointroll[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@revsci[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@ad.wsod[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@adbrite[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@adxpose[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@adecn[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@ads.pointroll[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@oasn03.247realmedia[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@www.burstbeacon[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@eyewonder[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@invitemedia[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@intermundomedia[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@adlegend[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@ru4[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@dc.tremormedia[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@pro-market[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@cdn4.specificclick[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@tacoda.at.atwola[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@neoedge.adbureau[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@specificclick[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@serving-sys[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@specificmedia[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star wars 1's@ehg-legonewyorkinc.hitbox[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@247realmedia[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@server.cpmstar[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@content.yieldmanager[3].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@adserver.adtechus[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@ads.webkinz[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@trafficmp[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@hitbox[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@network.realmedia[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@ads.pubmatic[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@banners2.battleon[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star wars 1's@mediaplex[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@bs.serving-sys[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star wars 1's@megabrands.122.2o7[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star wars 1's@apmebf[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star wars 1's@msnportal.112.2o7[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@a1.interclick[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@ad.yieldmanager[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@ads.addynamix[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@ads.bridgetrack[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@ads.intergi[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@aws.112.2o7[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@banners.battleon[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@cgm.adbureau[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@collective-media[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@content.yieldmanager[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@insightexpressai[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@interclick[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@lego.112.2o7[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@lucidmedia[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@media6degrees[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@mediabrandsww[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@questionmarket[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@realmedia[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@tribalfusion[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@uol.realmedia[2].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@www.googleadservices[1].txt
C:\Documents and Settings\Star Wars 1's\Cookies\star_wars_1's@www.googleadservices[2].txt
139.memecounter.com [ C:\Documents and Settings\Stephen\Application Data\Macromedia\Flash Player\#SharedObjects\Z5H5KVB8 ]
cdn4.specificclick.net [ C:\Documents and Settings\Stephen\Application Data\Macromedia\Flash Player\#SharedObjects\Z5H5KVB8 ]
memecounter.com [ C:\Documents and Settings\Stephen\Application Data\Macromedia\Flash Player\#SharedObjects\Z5H5KVB8 ]
udn.specificclick.net [ C:\Documents and Settings\Stephen\Application Data\Macromedia\Flash Player\#SharedObjects\Z5H5KVB8 ]
C:\Documents and Settings\Stephen\Cookies\stephen@tribalfusion[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@lego.112.2o7[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@server.cpmstar[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@trafficmp[2].txt
C:\Documents and Settings\Stephen\Cookies\stephen@serving-sys[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@apmebf[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@ads.webkinz[2].txt
C:\Documents and Settings\Stephen\Cookies\stephen@adserver.adtechus[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@bs.serving-sys[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@a1.interclick[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@legobrandretail.112.2o7[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@overture[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@realmedia[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@network.realmedia[2].txt
C:\Documents and Settings\Stephen\Cookies\stephen@ads.pointroll[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@megabrands.122.2o7[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@interclick[2].txt
C:\Documents and Settings\Stephen\Cookies\stephen@banners.battleon[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@mediaplex[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@2o7[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@insightexpressai[2].txt
C:\Documents and Settings\Stephen\Cookies\stephen@account.lego[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@questionmarket[2].txt
C:\Documents and Settings\Stephen\Cookies\stephen@ad.yieldmanager[2].txt
C:\Documents and Settings\Stephen\Cookies\stephen@pointroll[2].txt
C:\Documents and Settings\Stephen\Cookies\stephen@cdn4.specificclick[2].txt
C:\Documents and Settings\Stephen\Cookies\stephen@specificclick[2].txt
C:\Documents and Settings\Stephen\Cookies\stephen@ehg-legonewyorkinc.hitbox[2].txt
C:\Documents and Settings\Stephen\Cookies\stephen@ads.intergi[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@adlegend[2].txt
C:\Documents and Settings\Stephen\Cookies\stephen@eyewonder[2].txt
C:\Documents and Settings\Stephen\Cookies\stephen@247realmedia[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@hitbox[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@intermundomedia[2].txt
C:\Documents and Settings\Stephen\Cookies\stephen@msnportal.112.2o7[1].txt
C:\Documents and Settings\Stephen\Cookies\stephen@specificmedia[1].txt
cdn4.specificclick.net [ C:\Documents and Settings\True Foundations\Application Data\Macromedia\Flash Player\#SharedObjects\VJ5AFMJW ]
ia.media-imdb.com [ C:\Documents and Settings\True Foundations\Application Data\Macromedia\Flash Player\#SharedObjects\VJ5AFMJW ]
udn.specificclick.net [ C:\Documents and Settings\True Foundations\Application Data\Macromedia\Flash Player\#SharedObjects\VJ5AFMJW ]
C:\Documents and Settings\True Foundations\Cookies\true_foundations@insightexpressai[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@pointroll[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@ads.pubmatic[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@hitbox[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@revsci[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@questionmarket[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@www.windowsmedia[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@specificclick[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@network.realmedia[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@lucidmedia[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@trvlnet.adbureau[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@zedo[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@overture[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@kontera[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@hearstugo.112.2o7[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@tribalfusion[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@ads.addynamix[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@ad.yieldmanager[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@user.lucidmedia[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@ads.pointroll[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@interclick[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@content.yieldmanager[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@www.burstnet[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@serving-sys[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@content.yieldmanager[3].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@www.googleadservices[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@adecn[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@atdmt[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@uol.realmedia[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@oasn04.247realmedia[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@burstnet[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@collective-media[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@apmebf[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@cdn4.specificclick[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@advertising[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@ehg-chartercommunications.hitbox[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@mediaplex[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@247realmedia[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@adxpose[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@specificmedia[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@yieldmanager[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@statse.webtrendslive[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@www7.addfreestats[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@doubleclick[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@lego.112.2o7[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@bs.serving-sys[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@2o7[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@realmedia[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@media6degrees[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@data.coremetrics[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@statcounter[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@pro-market[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@ehg-legonewyorkinc.hitbox[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@ru4[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@msnportal.112.2o7[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@invitemedia[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@legolas-media[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@ads.undertone[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@account.juno[1].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@ads.webkinz[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@a1.interclick[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@ad.wsod[2].txt
C:\Documents and Settings\True Foundations\Cookies\true_foundations@traveladvertising[1].txt
C:\Documents and Settings\Z Games\Cookies\z_games@a1.interclick[2].txt
C:\Documents and Settings\Z Games\Cookies\z_games@server.cpmstar[1].txt
C:\Documents and Settings\Z Games\Cookies\z_games@cgm.adbureau[2].txt
C:\Documents and Settings\Z Games\Cookies\z_games@ads.intergi[1].txt
C:\Documents and Settings\Z Games\Cookies\z_games@ads.pointroll[2].txt
C:\Documents and Settings\Z Games\Cookies\z_games@bs.serving-sys[1].txt
C:\Documents and Settings\Z Games\Cookies\z_games@advertising[2].txt
C:\Documents and Settings\Z Games\Cookies\z_games@pointroll[1].txt
C:\Documents and Settings\Z Games\Cookies\z_games@adlegend[2].txt
C:\Documents and Settings\Z Games\Cookies\z_games@247realmedia[1].txt
C:\Documents and Settings\Z Games\Cookies\z_games@serving-sys[2].txt
C:\Documents and Settings\Z Games\Cookies\z_games@awana.findlocation[2].txt
C:\Documents and Settings\Z Games\Cookies\z_games@doubleclick[2].txt
C:\Documents and Settings\Z Games\Cookies\z_games@network.realmedia[1].txt
C:\Documents and Settings\Z Games\Cookies\z_games@interclick[2].txt
C:\Documents and Settings\Z Games\Cookies\z_games@media6degrees[1].txt
C:\Documents and Settings\Z Games\Cookies\z_games@banners.battleon[2].txt
C:\Documents and Settings\Z Games\Cookies\z_games@realmedia[2].txt
C:\Documents and Settings\Z Games\Cookies\z_games@atdmt[2].txt

Trojan.Agent/Gen-Kryptic
C:\WINDOWS\TEMP\FFFADA7E.TMP
C:\WINDOWS\TEMP\FFFA850B.TMP
C:\WINDOWS\TEMP\FFFA8634.TMP
C:\WINDOWS\TEMP\FFFABA25.TMP
C:\WINDOWS\TEMP\FFFABFA3.TMP
C:\WINDOWS\TEMP\FFFAC5FC.TMP
C:\WINDOWS\TEMP\FFFAC977.TMP
C:\WINDOWS\TEMP\FFFACAA0.TMP
C:\WINDOWS\TEMP\FFFACC74.TMP
C:\WINDOWS\TEMP\FFFACF24.TMP
C:\WINDOWS\TEMP\FFFACF62.TMP
C:\WINDOWS\TEMP\FFFACFA1.TMP
C:\WINDOWS\TEMP\FFFAD416.TMP
C:\WINDOWS\TEMP\FFFAD425.TMP
C:\WINDOWS\TEMP\FFFAD6C5.TMP
C:\WINDOWS\TEMP\FFFAD752.TMP
C:\WINDOWS\TEMP\FFFAD771.TMP
C:\WINDOWS\TEMP\FFFAD7AF.TMP
C:\WINDOWS\TEMP\FFFADD9B.TMP

Trojan.Agent/Gen-Frauder
C:\WINDOWS\TEMP\FFFACF72.TMP
C:\WINDOWS\TEMP\FFFAD195.TMP

While I had the app up, I went ahead and told it to do a scan of memory and register items in case the above repair might allow the mem/reg scan to be able to complete this time.

No such luck, it found the same two mem and 6 reg items that it has been previously finding and then the app closed.

Okay, I am done posting now. :-)
 
About 95% of what SAS found where cookies but it also removed some bad stuff.

Scan With RootKitUnHooker

  • Please choose one link and download Rootkit Unhooker and save it to your desktop.
    Link 1
    Link 2
    Link 3
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers and Stealth
  • Uncheck the rest. then click OK
  • When prompted to Select Disks for Scan, make sure C:\ is checked and click OK
  • Wait till the scanner has finished and then click File > Save Report.
  • Save the report somewhere where you can find it. Click Close.
  • Copy the entire contents of the report and paste it in your next reply.

Note** you may get the following warning, just click OK and continue.

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"
 
Thanks. Here is the report from the rootkit unhook tool


RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #1
==============================================
>Drivers
==============================================
0xF4996000 C:\WINDOWS\system32\DRIVERS\lvuvc.sys 6750208 bytes (Logitech Inc., Logitech USB Video Class Driver)
0xBF012000 C:\WINDOWS\System32\nv4_disp.dll 4247552 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Display driver, Version 52.16 )
0x804D7000 C:\WINDOWS\system32\ntoskrnl.exe 2189056 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2189056 bytes
0x804D7000 RAW 2189056 bytes
0x804D7000 WMIxWDM 2189056 bytes
0xBF800000 Win32k 1847296 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1847296 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF6C04000 C:\WINDOWS\System32\DRIVERS\nv4_mini.sys 1466368 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Miniport Driver, Version 52.16 )
0xF6ABF000 C:\WINDOWS\system32\DRIVERS\BCMSM.sys 1101824 bytes (Broadcom Corporation, Modem Device Driver)
0xF758D000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xF2B89000 C:\WINDOWS\system32\Drivers\CVPNDRVA.sys 503808 bytes (Cisco Systems, Inc., Cisco Systems VPN Client IPSec Driver)
0xF50CC000 C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF6955000 C:\WINDOWS\System32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xF51D9000 C:\WINDOWS\System32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xF2A47000 C:\WINDOWS\System32\DRIVERS\srv.sys 335872 bytes (Microsoft Corporation, Server driver)
0xF6A56000 C:\WINDOWS\system32\drivers\emu10k1m.sys 286720 bytes (Creative Technology Ltd., Creative SB Live! Adapter Driver)
0xF1DE3000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xF76D4000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xF2CF4000 C:\WINDOWS\System32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF7560000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xF2584000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xF5164000 C:\WINDOWS\System32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xF51B1000 C:\WINDOWS\System32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xF50A6000 C:\WINDOWS\System32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xF6A32000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF6BCC000 C:\WINDOWS\System32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF25AF000 C:\WINDOWS\system32\drivers\aec.sys 143360 bytes (Microsoft Corporation, Microsoft Acoustic Echo Canceller)
0xF6A9C000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xF518F000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x806EE000 ACPI_HAL 131840 bytes
0x806EE000 C:\WINDOWS\system32\hal.dll 131840 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF766C000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF76A4000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF6A03000 C:\WINDOWS\system32\DRIVERS\dne2000.sys 110592 bytes (Deterministic Networks, Inc., Deterministic Network Enhancer)
0xF7546000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF768C000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xF3767000 C:\WINDOWS\System32\DLA\DLAUDFAM.SYS 98304 bytes (Sonic Solutions, Drive Letter Access Component)
0xF497E000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xF762D000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF69EC000 C:\WINDOWS\System32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xF377F000 C:\WINDOWS\System32\DLA\DLAIFS_M.SYS 90112 bytes (Sonic Solutions, Drive Letter Access Component)
0xF3751000 C:\WINDOWS\System32\DLA\DLAUDF_M.SYS 90112 bytes (Sonic Solutions, Drive Letter Access Component)
0xF7644000 DRVMCDB.SYS 90112 bytes (Sonic Solutions, Device Driver)
0xF25D2000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF6A1E000 C:\WINDOWS\System32\DRIVERS\parport.sys 81920 bytes (Microsoft Corporation, Parallel Port Driver)
0xF6BF0000 C:\WINDOWS\System32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xF5232000 C:\WINDOWS\System32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xF761A000 WudfPf.sys 77824 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF765A000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF76C3000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF69DB000 C:\WINDOWS\System32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xF6D9A000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF78C3000 C:\WINDOWS\System32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF7893000 C:\WINDOWS\System32\DRIVERS\serial.sys 65536 bytes (Microsoft Corporation, Serial Device Driver)
0xF7873000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF78D3000 C:\WINDOWS\System32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xF5026000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF7953000 C:\WINDOWS\System32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF28EF000 C:\WINDOWS\system32\drivers\swmidi.sys 57344 bytes (Microsoft Corporation, Microsoft GS Wavetable Synthesizer)
0xF7763000 C:\WINDOWS\System32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF28DF000 C:\WINDOWS\system32\drivers\DMusic.sys 53248 bytes (Microsoft Corporation, Microsoft Kernel DLS Synthesizer)
0xF6D8A000 C:\WINDOWS\System32\DRIVERS\HPZid412.sys 53248 bytes (HP, IEEE-1284.4-1999 Driver (Windows 2000))
0xF78A3000 C:\WINDOWS\System32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF78E3000 C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF7743000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF7903000 C:\WINDOWS\System32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF7783000 agp440.sys 45056 bytes (Microsoft Corporation, 440 NT AGP Filter)
0xF7993000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF78B3000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF7733000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF78F3000 C:\WINDOWS\System32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF5006000 C:\WINDOWS\System32\Drivers\DRVNDDM.SYS 40960 bytes (Sonic Solutions, Device Driver Manager)
0xF7723000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF7943000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF299F000 C:\WINDOWS\System32\DRIVERS\secdrv.sys 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0xF7923000 C:\WINDOWS\System32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF7843000 C:\WINDOWS\System32\Drivers\vbma3a2b.SYS 40960 bytes
0xF7863000 C:\WINDOWS\System32\DRIVERS\AN983.sys 36864 bytes (ADMtek Incorporated., ADMtek AN983/AN985/ADM951X NDIS5 Driver)
0xF7753000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF7853000 C:\WINDOWS\System32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
0xF7913000 C:\WINDOWS\System32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF7973000 C:\WINDOWS\System32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xF1C3B000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xF7773000 PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF7883000 C:\WINDOWS\system32\drivers\sfmanm.sys 36864 bytes (Creative Technology Ltd., SoundFont(R) Manager)
0xF77B3000 C:\WINDOWS\System32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF7ADB000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xF79E3000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF79EB000 C:\WINDOWS\System32\DRIVERS\usbccgp.sys 32768 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0xF7AD3000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF7A63000 C:\WINDOWS\System32\DLA\DLABOIOM.SYS 28672 bytes (Sonic Solutions, Drive Letter Access Component)
0xF7AE3000 C:\WINDOWS\System32\DRIVERS\fdc.sys 28672 bytes (Microsoft Corporation, Floppy Disk Controller Driver)
0xF79A3000 C:\WINDOWS\System32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF79FB000 C:\WINDOWS\System32\DRIVERS\usbprint.sys 28672 bytes (Microsoft Corporation, USB Printer driver)
0xF7A0B000 C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS 28672 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0xF79CB000 C:\WINDOWS\System32\Drivers\DLARTL_N.SYS 24576 bytes (Sonic Solutions, Shared Driver Component)
0xF7AFB000 C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xF7A03000 C:\WINDOWS\System32\DRIVERS\HPZius12.sys 24576 bytes (HP, 1284.4<->Usb Datalink Driver (Windows 2000))
0xF7AEB000 C:\WINDOWS\System32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF7AF3000 C:\WINDOWS\System32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF7ACB000 C:\WINDOWS\System32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xF79D3000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF7B2B000 C:\WINDOWS\System32\DRIVERS\flpydisk.sys 20480 bytes (Microsoft Corporation, Floppy Driver)
0xF7A1B000 C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys 20480 bytes (-, -)
0xF79DB000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF79AB000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF7B0B000 C:\WINDOWS\System32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF7B13000 C:\WINDOWS\System32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel(R) mini-port/call-manager driver)
0xF7B03000 C:\WINDOWS\System32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF7A23000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF37F9000 C:\WINDOWS\System32\DLA\DLAOPIOM.SYS 16384 bytes (Sonic Solutions, Drive Letter Access Component)
0xF69BB000 C:\WINDOWS\System32\DRIVERS\HPZipr12.sys 16384 bytes (HP, IEEE-1284.4-1999 Print Class Driver)
0xF7BB7000 C:\WINDOWS\system32\drivers\MODEMCSA.sys 16384 bytes (Microsoft Corporation, Unimodem CSA Filter)
0xF747E000 C:\WINDOWS\System32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xF374D000 C:\WINDOWS\System32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF7C13000 C:\WINDOWS\System32\DRIVERS\serenum.sys 16384 bytes (Microsoft Corporation, Serial Port Enumerator)
0xF7BFF000 C:\WINDOWS\System32\DRIVERS\usbscan.sys 16384 bytes (Microsoft Corporation, USB Scanner Driver)
0xF7B33000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF527D000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xF7C0F000 C:\WINDOWS\System32\DRIVERS\gameenum.sys 12288 bytes (Microsoft Corporation, Game Port Enumerator)
0xF7C1B000 C:\WINDOWS\System32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF7BD7000 C:\WINDOWS\System32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF7BBB000 C:\WINDOWS\System32\Drivers\vulfntr.sys 12288 bytes (VIA Technologies, Inc., VIA USB Roothub Lower Filter Driver)
0xF7BDF000 C:\WINDOWS\System32\drivers\ws2ifsl.sys 12288 bytes (Microsoft Corporation, Winsock2 IFS Layer)
0xF7C97000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF7C87000 C:\WINDOWS\system32\drivers\ctlfacem.sys 8192 bytes (Creative Technology Ltd., Creative SB Live! Interface Driver)
0xF7C89000 C:\WINDOWS\System32\Drivers\DLACDBHM.SYS 8192 bytes (Sonic Solutions, Shared Driver Component)
0xF7C43000 C:\WINDOWS\System32\DLA\DLAPoolM.SYS 8192 bytes (Sonic Solutions, Drive Letter Access Component)
0xF7CCB000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF7C95000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7C23000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF7C99000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF7CDF000 C:\WINDOWS\System32\Drivers\ParVdm.SYS 8192 bytes (Microsoft Corporation, VDM Parallel Driver)
0xF7C9B000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF7CB9000 C:\WINDOWS\system32\drivers\splitter.sys 8192 bytes (Microsoft Corporation, Microsoft Kernel Audio Splitter)
0xF7C8B000 C:\WINDOWS\System32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF7C93000 C:\WINDOWS\System32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7C85000 C:\WINDOWS\System32\Drivers\vulfnth.sys 8192 bytes (VIA Technologies, Inc., VIA USB Host Controller Lower Filter Driver)
0xF7C25000 C:\WINDOWS\System32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7D5C000 C:\WINDOWS\System32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF7D58000 C:\WINDOWS\System32\DRIVERS\ctljystk.sys 4096 bytes (Creative Technology Ltd., Creative Joyport Enabler)
0xF7DFB000 C:\WINDOWS\System32\DLA\DLADResN.SYS 4096 bytes (Sonic Solutions, Drive Letter Access Component)
0xF7CF9000 C:\WINDOWS\system32\drivers\drmkaud.sys 4096 bytes (Microsoft Corporation, Microsoft Kernel DRM Audio Descrambler Filter)
0xF7D13000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7D0B000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7CEB000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0x86E4F109 unknown_irp_handler 3831 bytes
==============================================
>Stealth
==============================================
WARNING: File locked for read access [C:\WINDOWS\system32\drivers\vbma3a2b.sys]
 
Status
Not open for further replies.
Back
Top