Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vista machine randomly freezes


  • This topic is locked This topic is locked
9 replies to this topic

#1 Bruce Phillips

Bruce Phillips

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:27 AM

Posted 26 June 2010 - 10:33 AM

Over the past couple of years, my Vista media PC would randomly freeze, with no mouse/keyboard function. My only option would be to do a hard shutdown/reboot. This has persisted over 3 different video cards and numerous driver updates. The problem is the frequency has picked up in the last few months. The most obvious source of the problem, I guess, would be overheating. I have taken steps to correct this, and there have been no freezes since then, so hopefully that was it. However, in the course of troubleshooting, another issue came up: I was told the trouble might stem from RAID drivers (I do not use RAID), so to change the SATA setting in the BIOS from "RAID" to "IDE." Doing so, caused my machine to BSOD with the following STOP: 0x0000007B (0x80599BB0, 0xC0000034, 0x00000000, 0x00000000). This happens also when trying to boot into SafeMode. When I change the BIOS SATA setting back to "RAID" the machine boots normally. So because of all these symptoms, I was told to do a rootkit check in order to (hopefully) rule that out.

BTW, I notice on the DDS log that it shows NIS being "enabled." I no longer have NIS installed (uninstalled about 3 years ago).

EDIT: I have Virtual Clone Drive installed. I ran Defogger. This is what the log shows:

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 05:53 on 26/06/2010 (Bruce)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

I was not instructed to reboot the machine as was expected. Is this correct?


DDS (Ver_10-03-17.01) - NTFSx86
Run by Bruce at 5:55:25.95 on Sat 06/26/2010
Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_20
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6002.2.1252.1.1033.18.3582.1904 [GMT -7:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Norton Internet Security *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Windows\system32\lsm.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\PROGRA~1\DATAAP~1\BEYOND~1\BRServer.exe
C:\PROGRA~1\DATAAP~1\BEYOND~1\BRServer.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\HippoVNC\WinVNC.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TwonkyMedia\twonkymediaserverwatchdog.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HippoVNC\WinVNC.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Binnerup Consult\My Movies for Windows Media Center\My Movies Tray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\TwonkyMedia\twonkymediaserverconfig.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\ehome\ehsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\ehome\ehRecvr.exe
C:\Windows\explorer.exe
C:\Program Files\TwonkyMedia\TwonkyMediaServer.exe
C:\Users\Bruce\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://cm.my.yahoo.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uWindow Title =
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll
mURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
BHO: PDF-XChange Viewer IE-Plugin: {c5d07eb6-bbce-4dae-acbb-d13a8d28cb1f} - c:\program files\tracker software\pdf-xchange viewer\pdf-viewer\PDFXCviewIEPlugin.dll
BHO: TwonkyMediaContextMenuHandler: {d6e0063b-7b09-45c9-a51d-1fb51840ebe0} - c:\program files\packetvideo\twonkybeam\internet explorer\TwonkyIEPlugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSoft.dll
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [AnyDVD] c:\program files\slysoft\anydvd\AnyDVDtray.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [CCUTRAYICON] FactoryMode
mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimagehome\TrueImageMonitor.exe
mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [VirtualCloneDrive] "c:\program files\elaborate bytes\virtualclonedrive\VCDDaemon.exe" /s
mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [My Movies Tray] "c:\program files\binnerup consult\my movies for windows media center\My Movies Tray.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
dRun: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
StartupFolder: c:\users\bruce\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\twonky~1.lnk - c:\program files\twonkymedia\twonkymediaserverconfig.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: SoftwareSASGeneration = 1 (0x1)
IE: Add to Playlist - c:\program files\packetvideo\twonkybeam\internet explorer\TwonkyIEPlugin.dll/314
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: TwonkyBeam to - c:\program files\packetvideo\twonkybeam\internet explorer\TwonkyIEPlugin.dll/231
IE: {339E0A0F-ACAE-408f-AAD7-4E9158FFDE7C} - {BE8D0059-D24D-4919-B76F-99F4A2203647} {BE8D0059-D24D-4919-B76F-99F4A2203647} - {be8d0059-d24d-4919-b76f-99f4a2203647}\inprocserver32 does not exist!
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
AppInit_DLLs: avgrsstx.dll
LSA: Authentication Packages = msv1_0 relog_ap

================= FIREFOX ===================

FF - ProfilePath - c:\users\bruce\appdata\roaming\mozilla\firefox\profiles\2jw1im9f.default\
FF - prefs.js: browser.startup.homepage - hxxp://cm.my.yahoo.com/
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 archlp;archlp;c:\windows\system32\drivers\ArcHlp.sys [2009-8-13 89728]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-4-19 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-4-19 29584]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-4-19 242896]
R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};Power Control [2010/03/21 09:43:26];c:\program files\hp\dvdplay\000.fcl [2010-3-21 87536]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-5-27 172032]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-3-13 916760]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-3-13 308064]
R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2006-9-3 208896]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-9-26 189736]
R2 hippovnc_service;hippovnc_service;c:\program files\hippovnc\WinVNC.exe [2010-4-29 1692160]
R2 MSSQL$MYMOVIES;SQL Server (MYMOVIES);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2009-5-27 29262680]
R2 TwonkyMedia;TwonkyMedia;c:\program files\twonkymedia\twonkymediaserverwatchdog.exe -serviceversion 0 --> c:\program files\twonkymedia\twonkymediaserverwatchdog.exe -serviceversion 0 [?]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-5-27 5550592]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-5-27 176128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [2010-6-22 20072]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-25 135664]
S2 IntelDHSvcConf;Intel DH Service;c:\program files\intel\inteldh\intel media server\tools\IntelDHSvcConf.exe [2006-5-10 29696]
S3 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2009-5-12 12672]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-3-18 21504]
S3 hcw18bda;Hauppauge WinTV 418 Driver;c:\windows\system32\drivers\hcw18bda.sys [2009-3-19 391168]
S3 MCLServiceATL;Intel® Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2006-9-11 167936]
S3 MEISTRM;MEI AVC Streaming Filter Driver;c:\windows\system32\drivers\meistrm.sys [2003-11-11 13195]
S3 MEITUNER;FireBus MPEG2TS Tuner Subunit Device;c:\windows\system32\drivers\meistb.sys [2003-11-11 22891]
S3 MSPANEL;AVC Panel Device;c:\windows\system32\drivers\mstapeo.sys [2005-4-24 49024]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2010-06-26 12:53:45 0 ----a-w- c:\users\bruce\defogger_reenable
2010-06-24 13:38:37 0 ----a-w- C:\clients.data
2010-06-24 13:37:36 0 d-----w- c:\programdata\TwonkyMedia
2010-06-23 13:24:57 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-23 13:24:57 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-23 13:24:57 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-23 13:24:57 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-23 13:24:57 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-23 13:23:42 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-23 13:23:42 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-06-22 13:37:18 20072 ----a-w- c:\windows\system32\drivers\cpuz133_x32.sys
2010-06-21 17:37:35 45 ----a-w- c:\windows\system32\initdebug.nfo
2010-06-20 15:54:33 0 d-----w- c:\program files\ASUS
2010-06-20 15:54:25 1769 ----a-w- c:\windows\Language_trs.ini
2010-06-19 21:12:42 0 d-----w- c:\programdata\ATI
2010-06-19 21:07:29 0 d-----w- c:\program files\ATI Technologies
2010-06-13 21:58:53 0 d-----w- c:\program files\Binnerup Consult
2010-06-09 20:41:03 106432 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2010-05-29 03:24:32 1870848 ----a-w- c:\windows\system32\drivers\athr.sys
2010-05-27 17:38:24 5550592 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-05-27 17:05:28 15024128 ----a-w- c:\windows\system32\atioglxx.dll
2010-05-27 17:03:08 42640 ----a-w- c:\windows\system32\atiapfxx.blb
2010-05-27 17:02:58 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-05-27 17:00:20 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-05-27 16:59:54 372736 ----a-w- c:\windows\system32\atieclxx.exe
2010-05-27 16:59:30 172032 ----a-w- c:\windows\system32\atiesrxx.exe
2010-05-27 16:58:32 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-05-27 16:58:18 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-05-27 16:58:10 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-05-27 16:58:04 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-05-27 16:57:58 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-05-27 16:54:56 3611648 ----a-w- c:\windows\system32\atidxx32.dll
2010-05-27 16:41:10 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-05-27 16:41:04 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-05-27 16:39:54 4022272 ----a-w- c:\windows\system32\aticaldd.dll
2010-05-27 16:31:14 531632 ----a-w- c:\windows\system32\atiumdva.cap
2010-05-27 16:25:52 237568 ----a-w- c:\windows\system32\atiadlxx.dll
2010-05-27 16:25:44 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-05-27 16:25:38 15360 ----a-w- c:\windows\system32\atigktxx.dll
2010-05-27 16:25:18 176128 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-05-27 16:24:56 28160 ----a-w- c:\windows\system32\atiuxpag.dll
2010-05-27 16:24:16 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-05-27 16:20:46 52224 ----a-w- c:\windows\system32\atimpc32.dll
2010-05-27 16:20:46 52224 ----a-w- c:\windows\system32\amdpcom32.dll

==================== Find3M ====================

2010-06-19 21:08:26 51200 ----a-w- c:\windows\inf\infpub.dat
2010-06-19 21:08:26 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-06-19 20:59:35 143360 ----a-w- c:\windows\inf\infstor.dat
2010-06-02 16:10:16 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-05-26 17:06:41 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47:41 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-05 02:19:38 506880 ----a-w- c:\windows\system32\aticfx32.dll
2010-05-05 01:41:48 3788288 ----a-w- c:\windows\system32\atiumdag.dll
2010-05-05 01:34:58 50176 ----a-w- c:\windows\system32\coinst.dll
2010-05-05 01:22:12 20480 ----a-w- c:\windows\system32\atiu9pag.dll
2010-05-05 01:21:48 23040 ----a-w- c:\windows\system32\atitmpxx.dll
2010-05-05 01:19:16 3015680 ----a-w- c:\windows\system32\atiumdva.dll
2010-05-04 05:59:21 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55:42 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 05:55:42 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 04:31:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 14:13:48 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 13:51:59 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-28 21:17:50 2110 ----a-w- c:\windows\system32\atipblag.dat
2010-04-23 14:13:55 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-15 16:23:07 3365 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
2010-04-15 16:22:51 3283 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Musepack Codec.dat
2010-04-15 16:21:41 3007 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp WavPack Codec.dat
2010-04-15 16:21:34 3030 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat
2010-04-15 16:21:27 3117 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp mp3 (Fraunhofer IIS) Codec.dat
2010-04-15 16:21:20 3107 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat
2010-04-15 16:21:13 2951 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp FLAC Codec.dat
2010-04-15 16:21:04 3494 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Mp2 and BwfMp2 codec.dat
2010-04-15 16:21:03 2843 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp [Calculate Audio CRC] Codec.dat
2010-04-15 16:21:01 14187 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2010-04-05 17:01:01 67072 ----a-w- c:\windows\system32\asycfilt.dll
2009-11-19 00:53:58 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-03-19 02:20:32 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2006-06-23 21:59:42 108 --sha-r- c:\windows\neoqaz2.dll
2009-10-13 23:39:55 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-09-26 14:27:58 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\feeds cache\index.dat
2008-03-20 10:33:02 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012008032020080321\index.dat
2008-03-22 10:33:04 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012008032220080323\index.dat
2008-03-22 10:33:04 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\internet explorer\userdata\index.dat
2009-09-26 14:27:58 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\privacie\index.dat
2009-10-24 13:31:56 16384 --sha-w- c:\windows\temp\cookies\index.dat
2009-10-24 13:31:56 16384 --sha-w- c:\windows\temp\history\history.ie5\index.dat
2009-10-24 13:31:56 32768 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat

============= FINISH: 5:56:16.51 ===============

Attached Files


Edited by Bruce Phillips, 26 June 2010 - 10:40 AM.


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:27 PM

Posted 01 July 2010 - 05:21 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#3 Bruce Phillips

Bruce Phillips
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:27 AM

Posted 01 July 2010 - 05:27 PM

Still here. thumbup2.gif

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:27 PM

Posted 01 July 2010 - 05:44 PM

Okay Bruce, well initially this doesn't look like a malware issue but we can do some checks for you to eliminate it.


Please run MBAM

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application or, if you are using Vista, right-click and select Run As Administrator on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.


And then Superantispyware

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

Posted Image
m0le is a proud member of UNITE

#5 Bruce Phillips

Bruce Phillips
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:27 AM

Posted 01 July 2010 - 09:20 PM

OK. Here are the scan results:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4265

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

7/1/2010 5:24:23 PM
mbam-log-2010-07-01 (17-24-23).txt

Scan type: Full scan (C:\|D:\|J:\|K:\|L:\|M:\|N:\|P:\|Q:\|R:\|S:\|U:\|)
Objects scanned: 316313
Time elapsed: 1 hour(s), 9 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/01/2010 at 07:03 PM

Application Version : 4.40.1002

Core Rules Database Version : 5147
Trace Rules Database Version: 2959

Scan type : Complete Scan
Total Scan Time : 01:28:16

Memory items scanned : 817
Memory threats detected : 0
Registry items scanned : 8268
Registry threats detected : 24
File items scanned : 170658
File threats detected : 376

Adware.EliteSideBar
HKLM\Software\Classes\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647}
HKCR\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647}
HKCR\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647}
HKCR\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647}\Implemented Categories
HKCR\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
HKCR\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647}\InprocServer32
HKCR\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647}\InprocServer32#ThreadingModel
HKCR\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647}\MiscStatus
HKCR\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647}\MiscStatus\1
HKCR\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647}\ProgID
HKCR\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647}\ToolboxBitmap32
HKCR\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647}\TypeLib
HKCR\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647}\Version
HKCR\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647}\VersionIndependentProgID
HKCR\TwonkyIEPlugin.TwonkyIEPluginObj.1
HKCR\TwonkyIEPlugin.TwonkyIEPluginObj.1\CLSID
HKCR\TwonkyIEPlugin.TwonkyIEPluginObj
HKCR\TwonkyIEPlugin.TwonkyIEPluginObj\CLSID
HKCR\TwonkyIEPlugin.TwonkyIEPluginObj\CurVer
HKCR\TypeLib\{8AA59E15-6E81-415C-B299-1ADFB50C8E1A}
HKCR\TypeLib\{8AA59E15-6E81-415C-B299-1ADFB50C8E1A}\1.0
HKCR\TypeLib\{8AA59E15-6E81-415C-B299-1ADFB50C8E1A}\1.0\0
HKCR\TypeLib\{8AA59E15-6E81-415C-B299-1ADFB50C8E1A}\1.0\0\win32
HKCR\TypeLib\{8AA59E15-6E81-415C-B299-1ADFB50C8E1A}\1.0\FLAGS
C:\PROGRAM FILES\PACKETVIDEO\TWONKYBEAM\INTERNET EXPLORER\TWONKYIEPLUGIN.DLL

Adware.Tracking Cookie
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@ad1.clickhype[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@fastclick[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@ad.yieldmanager[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@apmebf[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@bluestreak[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@avgtechnologies.112.2o7[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@www.halstats[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@adinterax[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@media.adrevolver[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@adopt.euroclick[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@www.burstbeacon[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@toplist[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@msnportal.112.2o7[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@specificmedia[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@invitemedia[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@mediaarea[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@advertising[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@questionmarket[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@zedo[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@ads.bridgetrack[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@revenue[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@deepdiscount[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@atwola[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@click.interactivebrands[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@banners.decisionmark[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@ehg-zoomerang.hitbox[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@advertisechoice[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@paypal.112.2o7[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@microsoftinternetexplorer.112.2o7[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@statcounter[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@cdn4.specificclick[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@warnerbros.112.2o7[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@chitika[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@tribalfusion[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@content.yieldmanager[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@uac.advertising[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@at.atwola[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@casalemedia[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@code.mediatext[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@perf.overture[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@serving-sys[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@tripod[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@reduxads.valuead[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@mediainfo.sourceforge[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@bs.serving-sys[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@247realmedia[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@acronis.122.2o7[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@doubleclick[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@imrworldwide[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@insightexpressai[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@fortunecity[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@adtech[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@media6degrees[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@mediaplex[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@adserver.easyad[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@adrevolver[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@xiti[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@www.burstnet[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@revsci[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@a1.interclick[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@tacoda[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@ads.pointroll[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@atdmt[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@adbrite[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@media.adrevolver[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@ads.addynamix[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@search.deepdiscount[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@deluxedigitalstudios.112.2o7[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@e-2dj6wgmiehdjgcp.stats.esomniture[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@interclick[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@microsoftwindows.112.2o7[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@dynamic.media.adrevolver[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@adopt.specificclick[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@microsoftconsumermarketing.112.2o7[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@euroclick[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@www.googleadservices[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@cbs.112.2o7[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@adlegend[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@trafficmp[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@hulu.112.2o7[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@docu-track[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@richmedia.yahoo[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@2o7[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@specificclick[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@adserver.toptenreviews[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@www.googleadservices[3].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@kontera[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@hitbox[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@realmedia[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@burstnet[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\bruce@www.deepdiscount[1].txt
cdn4.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LAXGMFKX ]
ia.media-imdb.com [ C:\Users\Bruce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LAXGMFKX ]
interclick.com [ C:\Users\Bruce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LAXGMFKX ]
m1.2mdn.net [ C:\Users\Bruce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LAXGMFKX ]
media.thewb.com [ C:\Users\Bruce\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LAXGMFKX ]
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\Low\bruce@2o7[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\Low\bruce@advertising[2].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\Low\bruce@atwola[1].txt
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Cookies\Low\bruce@doubleclick[1].txt
.247realmedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.247realmedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.247realmedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.a1.interclick.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.acronis.122.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.ad.yieldmanager.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.ad.yieldmanager.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.ad.yieldmanager.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.adinterax.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.adinterax.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.adlegend.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.adopt.euroclick.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.adopt.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.adserver.easyad.info [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.adserver.easyad.info [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.adtech.de [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.advertising.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.advertising.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.advertising.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.advertising.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.advertising.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.advertising.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.at.atwola.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.atdmt.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.atdmt.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.atdmt.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.atdmt.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.avgtechnologies.112.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.bluestreak.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.cbs.112.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.chitika.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.deepdiscount.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.docu-track.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.doubleclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.e-2dj6wgmiehdjgcp.stats.esomniture.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.euroclick.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.fortunecity.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.hitbox.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.hulu.112.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.interclick.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.interclick.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.kontera.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.kontera.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.media.adrevolver.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.media.adrevolver.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.mediaarea.eu [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.mediaarea.eu [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.mediaarea.eu [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.mediaplex.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.mediaplex.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.microsoftconsumermarketing.112.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.microsoftinternetexplorer.112.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.microsoftwindows.112.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.msnportal.112.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.paypal.112.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.perf.overture.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.questionmarket.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.realmedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.reduxads.valuead.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.reduxads.valuead.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.reduxads.valuead.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.reduxads.valuead.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.reduxads.valuead.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.revenue.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.revsci.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.search.deepdiscount.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.specificmedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.statcounter.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.statcounter.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.tacoda.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.tacoda.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.warnerbros.112.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.www.deepdiscount.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.xiti.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.zedo.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.realmedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.kontera.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.at.atwola.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.highbeam.122.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.overture.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.overture.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.adserver.adtechus.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.statcounter.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.collective-media.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.smartadserver.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.smartadserver.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.smartadserver.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.advertising.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.tribalfusion.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.tribalfusion.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.tribalfusion.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.tribalfusion.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.tribalfusion.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.stats.paypal.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
ext-us.bestofmedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.statcounter.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
www.findtherightschool.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.qnsr.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.qnsr.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.smartadserver.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.tacoda.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
statse.webtrendslive.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.pointroll.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.pointroll.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.realmedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.realmedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
dc.tremormedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.ehg-seagate.hitbox.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.ehg-seagate.hitbox.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.adecn.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.tradedoubler.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.tradedoubler.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.tradedoubler.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.yieldmanager.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.winzip.122.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.legolas-media.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.legolas-media.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
stat.onestat.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
stat.onestat.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.andomedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.questionmarket.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.interclick.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
mediainfo.sourceforge.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
mediaarea.eu [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
mediaarea.eu [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
mediaarea.eu [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.lgelectronics.122.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.oasn04.247realmedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.at.atwola.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
in.getclicky.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.microsoftsto.112.2o7.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.revsci.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.pro-market.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.pro-market.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.revsci.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.pro-market.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.apmebf.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.hotlog.ru [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
www.twonkymedia.com [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.collective-media.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.revsci.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.revsci.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.revsci.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
.revsci.net [ C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\2jw1im9f.default\cookies.sqlite ]
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ad.yieldmanager[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@atdmt[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@fastclick[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@interclick[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@microsoftwindows.112.2o7[1].txt

Adware.Flash Tracking Cookie
C:\Users\Bruce\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\LAXGMFKX\IA.MEDIA-IMDB.COM
C:\Users\Bruce\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\LAXGMFKX\INTERCLICK.COM
C:\Users\Bruce\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\LAXGMFKX\M1.2MDN.NET

Adware.Unknown Origin
C:\PROGRAM FILES\HEWLETT-PACKARD\HP ADVISOR\COMPSHOP\TEMPLATES\AD.HTML



#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:27 PM

Posted 02 July 2010 - 04:53 PM

Adware, not sure that would be causing all the problem you have.


Can you run the PC through the ESET online scanner

I'd like us to scan your machine with ESET OnlineScan
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the icon on your desktop.
  4. Check
  5. Click the button.
  6. Accept any security warnings from your browser.
  7. Leave the top box checked and then check
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
  11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  12. Push the button.
  13. Push
NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
Posted Image
m0le is a proud member of UNITE

#7 Bruce Phillips

Bruce Phillips
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:27 AM

Posted 02 July 2010 - 07:50 PM

Here's the ESET report:

J:\Backups\Setups - HTPC\Codecs\CoreAVC v.1.60.rar probably a variant of Win32/Agent trojan deleted - quarantined
J:\Backups\Setups - HTPC\Utilities\unlocker1.8.6.rar a variant of Win32/Adware.ADON application deleted - quarantined
J:\Backups\Setups - HTPC\Utilities\WinRAR 3.20 and Crack.zip probably a variant of Win32/Adware.Virtumonde application deleted - quarantined

These are (were) all setup files. CoreAVC and WinRAR have been uninstalled for over a year. I do use Unlocker -- it comes in handy. AVS scan of its program folder shows it as being clean.

I'm thinking maybe the problem was my first hunch -- overheating. I created more space inside the box by removing a TV tuner card I don't need. I also now have the machine sitting up off the carpeted floor and have moved it further away from my media cabinet, so I think the air flow, inside and out, is better. Since I did that almost 2 weeks ago, I haven't had a lockup.


#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:27 PM

Posted 03 July 2010 - 07:44 PM

Your PC is certainly clean of malware and it sounds like you've solved it now anyway.

I will keep this open for five days unless you would like it closed now?
Posted Image
m0le is a proud member of UNITE

#9 Bruce Phillips

Bruce Phillips
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:27 AM

Posted 03 July 2010 - 08:08 PM

Go ahead and close now. I appreciate your help very much. Thanks.

#10 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:27 PM

Posted 03 July 2010 - 08:55 PM

thumbup2.gif

--------------------------------------

Since this issue appears to be resolved ... this topic has been closed. Glad we could help. smile.gif

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users