WiredWX Hobby Weather ToolsLog in

 


Vista Anti-Virus 2012

2 posters

descriptionVista Anti-Virus 2012 EmptyVista Anti-Virus 2012

more_horiz
Hi, my computer a Windows Vista got attacked by a virus called Vista Anti-Virus 2012, it is preventing me from launching any programs or going online. I am writing this from a Windows XP laptop. What can I do to get rid of this?

descriptionVista Anti-Virus 2012 EmptyRe: Vista Anti-Virus 2012

more_horiz
Update: following the advice from the BleepingComputer [http://www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2012] my computer is up to the point where I can use it to access the internet and such.

Is there anything I need to do to clean it up?

descriptionVista Anti-Virus 2012 EmptyRe: Vista Anti-Virus 2012

more_horiz
Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download SuperAntispyware Free Edition (SAS)
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
******************************************
Vista Anti-Virus 2012 Mbamicontw5 Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
***********************************************
Download DDS from HERE or HERE and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.

Vista Anti-Virus 2012 DDS

1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

•Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE .Then post your DDS logs. (DDS.txt and Attach.txt )

descriptionVista Anti-Virus 2012 EmptyRe: Vista Anti-Virus 2012

more_horiz
part 1 of the logs

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/28/2011 at 07:32 PM

Application Version : 5.0.1136

Core Rules Database Version : 7992
Trace Rules Database Version: 5804

Scan type : Complete Scan
Total Scan Time : 03:14:29

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 698
Memory threats detected : 0
Registry items scanned : 43708
Registry threats detected : 0
File items scanned : 267612
File threats detected : 437

Adware.Tracking Cookie
C:\Users\Nick F\AppData\Roaming\Microsoft\Windows\Cookies\nick_f@adecn[2].txt [ /adecn ]
C:\Users\Nick F\AppData\Roaming\Microsoft\Windows\Cookies\nick_f@adinterax[1].txt [ /adinterax ]
C:\Users\Nick F\AppData\Roaming\Microsoft\Windows\Cookies\nick_f@adserver.zonemedia[2].txt [ /adserver.zonemedia ]
C:\Users\Nick F\AppData\Roaming\Microsoft\Windows\Cookies\nick_f@eyewonder[1].txt [ /eyewonder ]
C:\Users\Nick F\AppData\Roaming\Microsoft\Windows\Cookies\nick_f@legolas-media[2].txt [ /legolas-media ]
C:\Users\Nick F\AppData\Roaming\Microsoft\Windows\Cookies\ZP2RIDP8.txt [ /pmamedia.sitescout.com ]
C:\Users\Nick F\AppData\Roaming\Microsoft\Windows\Cookies\9JJ53COM.txt [ /atdmt.combing.com ]
C:\Users\Nick F\AppData\Roaming\Microsoft\Windows\Cookies\O1Z1J60G.txt [ /collective-media.net ]
C:\Users\Nick F\AppData\Roaming\Microsoft\Windows\Cookies\BM3MRN5Q.txt [ /yieldmanager.net ]
C:\Users\Nick F\AppData\Roaming\Microsoft\Windows\Cookies\7J8QT145.txt [ /invitemedia.com ]
C:\Users\Nick F\AppData\Roaming\Microsoft\Windows\Cookies\MSHZ9VE4.txt [ /media6degrees.com ]
C:\Users\Nick F\AppData\Roaming\Microsoft\Windows\Cookies\XIXRYHND.txt [ /mediabrandsww.com ]
C:\USERS\NICK F\AppData\Roaming\Microsoft\Windows\Cookies\Low\nick_f@ads.bridgetrack[1].txt [ Cookie:nick f@ads.bridgetrack.com/ ]
C:\USERS\NICK F\AppData\Roaming\Microsoft\Windows\Cookies\Low\nick_f@e-2dj6wjnyomdjieo.stats.esomniture[2].txt [ Cookie:nick f@e-2dj6wjnyomdjieo.stats.esomniture.com/ ]
C:\USERS\NICK F\AppData\Roaming\Microsoft\Windows\Cookies\Low\nick_f@media6degrees[1].txt [ Cookie:nick f@media6degrees.com/ ]
C:\USERS\NICK F\AppData\Roaming\Microsoft\Windows\Cookies\Low\nick_f@segment-pixel.invitemedia[1].txt [ Cookie:nick f@segment-pixel.invitemedia.com/ ]
amatuersexclips.net [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
cdn.eyewonder.com [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
cdn.insights.gravity.com [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
cdn.selectablemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
cdn.tremormedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
content.yieldmanager.edgesuite.net [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
convoad.technoratimedia.net [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
exgirlfriendporn.org [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
ia.media-imdb.com [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
konac.kontera.com [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
media.ign.com [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
media.mtvnservices.com [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
media.scanscout.com [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
media1.break.com [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
objects.tremormedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
s0.2mdn.net [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
secure-us.imrworldwide.com [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
www.porn-amateur.com [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
www.teengfs.com [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
www.watchgfporn.com [ C:\USERS\NICK F\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8376EUZ6 ]
C:\USERS\NICK F\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\NICK_F@INVITEMEDIA[1].TXT [ /INVITEMEDIA ]
.realmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adtechus.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
adserver.adreactor.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.mediaforge.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
s04.flagcounter.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.game-advertising-online.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
ads.react2media.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
imagevenue.advertserve.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
imagevenue.advertserve.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.eyeviewads.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.eyeviewads.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.viacom.adbureau.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.viacom.adbureau.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
www.mediafire.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
www.mediafire.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
upload.wikimedia.org [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
upload.wikimedia.org [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.www.mediafire.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
hpi.rotator.hadj7.adjuggler.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
hpi.rotator.hadj7.adjuggler.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.cdn.eyewonder.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.cdn.eyewonder.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.tracking.dsmmadvantage.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.sexy-toons.org [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.sexy-toons.org [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adnetxchange.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.amtk-media.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.amtk-media.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
adup.rotator.hadj7.adjuggler.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
adup.rotator.hadj7.adjuggler.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.mediabrandsww.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.gsimedia.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.gsimedia.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.traveladvertising.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
perfectadserver.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.intermundomedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.intermundomedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
us.sitestat.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
us.sitestat.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.harrenmedianetwork.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
optimize.indieclick.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.media.contextweb.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.media.contextweb.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
counters.gigya.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.viacom.adbureau.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
pornshareproject.org [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
pornshareproject.org [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
pornshareproject.org [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.whatpornsite.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.whatpornsite.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.watchgfporn.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.watchgfporn.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.exgirlfriendporn.org [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.exgirlfriendporn.org [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.naked.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.porn-amateur.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.porn-amateur.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
adserver.leanmarket.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
ads.react2media.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.akamai.interclickproxy.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
www.burstbeacon.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
www.sexynaked.org [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
freeporn-hd.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
freeporn-hd.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
freeporn-hd.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
freeporn-hd.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
freeporn-hd.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
freeporn-hd.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
freeporn-hd.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
freeporn-hd.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
ads.ventivmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.adxpansion.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.naked.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.naked.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
www.teenink.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.batman-porn.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.batman-porn.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
www.teenink.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.teenink.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.teenink.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.teenink.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.xm.xtendmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.girlfriendpornblog.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.girlfriendpornblog.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.mynakedexgf.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.mynakedexgf.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.realsexygirlfriends.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.realsexygirlfriends.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.teengfs.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.teengfs.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.teengfs.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.xxxmatch.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
www.exposedteengfs.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
adserver.bigcocksyndicate.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
www.watchgfporn.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.teen.preferredconsumer.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.teen.preferredconsumer.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.teen.preferredconsumer.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.revenuemantra.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.rmserve.revenuemantra.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.pagetrackr.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.pagetrackr.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.pagetrackr.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.watchgfporn.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.watchgfporn.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.watchgfporn.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.watchgfporn.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.watchgfporn.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.media.photobucket.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.brandspotmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
pfatracking.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.network.realmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
mediaservices-d.openxenterprise.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
network.realmedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\NICK F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L4FJKKX4.DEFAULT\COOKIES.SQLITE ]

Rogue.AVProtection2011
C:\USERS\NICK F\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\XGR4RJ1K\FILE[1].EXE
C:\USERS\NICK F\APPDATA\LOCALLOW\SUN\JAVA\DEPLOYMENT\CACHE\6.0\19\67B4C953-26194852
C:\USERS\NICK F\APPDATA\LOCALLOW\SUN\JAVA\DEPLOYMENT\CACHE\6.0\7\6A8E5947-6AF544EA
C:\USERS\NICK F\DOCUMENTS\6D8TML.EXE
C:\USERS\NICK F\DOCUMENTS\OXHQ.EXE
C:\WINDOWS\TEMP\GKMJSHDXBS
C:\Windows\Prefetch\6D8TML.EXE-85952D14.pf

descriptionVista Anti-Virus 2012 EmptyRe: Vista Anti-Virus 2012

more_horiz
part 2

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8263

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

11/28/2011 9:20:07 PM
mbam-log-2011-11-28 (21-20-07).txt

Scan type: Quick scan
Objects scanned: 184699
Time elapsed: 12 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

next logs are coming up

descriptionVista Anti-Virus 2012 EmptyRe: Vista Anti-Virus 2012

more_horiz
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_26
Run by Nick F at 21:24:39 on 2011-11-28
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2814.1384 [GMT -8:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\lxdmcoms.exe
C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
C:\Program Files\Cisco\Cisco NAC Agent\NACAgent.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\SMINST\BLService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\NCH Swift Sound\VRS\vrs.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\WINDOWS\Philips\SPC230NC\Monitor.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Lexmark 5000 Series\lxdmmon.exe
C:\Program Files\Lexmark 5000 Series\lxdmamon.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Cisco\Cisco NAC Agent\NACAgentUI.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Nick F\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Users\Nick F\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
TB: {C0FBA15F-7424-4DF0-8195-CAC3D6CFA44B} - No File
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Cookienator] "c:\program files\cookienator\cookienator.exe" /auto
uRun: [Akamai NetSession Interface] c:\users\nick f\appdata\local\akamai\netsession_win.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [SPC_Monitor] c:\windows\philips\spc230nc\Monitor.exe
mRun: [SPC230NC_Monitor] c:\windows\philips\spc230nc\Monitor.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [lxdmmon.exe] "c:\program files\lexmark 5000 series\lxdmmon.exe"
mRun: [lxdmamon] "c:\program files\lexmark 5000 series\lxdmamon.exe"
mRun: [Lexmark 5000 Series Fax Server] "c:\program files\lexmark 5000 series\fm3032.exe" /s
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [NACAgentUI] c:\program files\cisco\cisco nac agent\NACAgentUI.exe
mRun: [PlusService] c:\program files\yuna software\messenger plus!\PlusService.exe
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.10.1
TCP: Interfaces\{A954DE27-F7EC-4389-8169-E84D1098E16D} : DhcpNameServer = 192.168.10.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\nick f\appdata\roaming\mozilla\firefox\profiles\l4fjkkx4.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (en)
FF - prefs.js: browser.startup.homepage - hxxp://www2.cscc.edu/
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nppanda3d.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-15 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-7-19 320856]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-20 21504]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-7-19 20568]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-7-19 54616]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-9-7 44768]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 NACAgent;Cisco NAC Agent;c:\program files\cisco\cisco nac agent\NACAgent.exe [2011-3-9 1104608]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\sminst\BLService.exe [2008-6-24 361808]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-3-5 24652]
R2 VRSService;VRS Recording System;c:\program files\nch swift sound\vrs\vrs.exe [2011-10-13 1206276]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-6-24 193840]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-5-3 42528]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [2011-3-18 17792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 MP4ConverterAudio;MP4ConverterAudio;c:\windows\system32\drivers\MP4ConverterAudio.sys [2011-6-26 23608]
S3 PAEAFLT.sys;USB Composite Device;c:\windows\system32\drivers\PAEAFLT.sys [2009-7-8 8576]
S3 SPC230NC;Philips SPC230NC Webcam;c:\windows\system32\drivers\SPC230NC.SYS [2009-7-8 461056]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-11-29 00:15:18 -------- d-----w- c:\users\nick f\appdata\roaming\SUPERAntiSpyware.com
2011-11-29 00:14:41 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-11-29 00:14:41 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-11-22 08:58:42 -------- d-----w- c:\users\nick f\Toolbar
2011-11-20 20:51:14 -------- d-----w- c:\program files\iPod
2011-11-15 19:36:23 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{1cc1cbcb-c0d3-49b1-9e6a-38f911fe443f}\mpengine.dll
2011-11-09 18:01:32 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-11-09 18:00:28 913280 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 18:00:28 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2011-11-09 18:00:26 707584 ----a-w- c:\program files\common files\system\wab32.dll
2011-11-04 04:42:34 -------- d-----w- c:\users\nick f\appdata\local\Akamai
.
==================== Find3M ====================
.
2011-10-24 21:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 21:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-24 17:21:23 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-06 20:45:29 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:38:05 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:36:26 54616 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 13:30:12 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-09-02 13:39:07 1383424 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-01 00:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-31 06:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 06:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll
.
============= FINISH: 21:33:46.38 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/11/2009 10:45:22 AM
System Uptime: 11/28/2011 8:36:20 PM (1 hours ago)
.
Motherboard: Wistron | | 360A
Processor: AMD Athlon Dual-Core QL-60 | Socket A | 1000/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 139 GiB total, 14.52 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 1.68 GiB free.
E: is CDROM ()
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
7-Zip 4.65
ABBYY FineReader 6.0 Sprint
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Audition CS5.5
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1)
Adobe Shockwave Player
Adobe Shockwave Player 11.5
Akamai NetSession Interface
Akamai NetSession Interface Service
Amazon MP3 Downloader 1.0.12
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Magic-i 3
ArcSoft VideoImpression 2
ArcSoft WebCam Companion 2
Atheros Driver Installation Program
Audacity 1.3.13 (Unicode)
avast! Free Antivirus
Blaine's Custom Blends (Translucency and Compositing)
Bonjour
Cards_Calendar_OrderGift_DoMorePlugout
CCleaner
Celtx (2.9.1)
Champions Online
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco NAC Agent
Cisco PEAP Module
Clouded Horizons Character Creation Utility
Conexant HD Audio
Cookienator
CyberLink DVD Suite
Download Updater (AOL LLC)
ESET Online Scanner v3
FFmpeg v0.6.2 for Audacity
GIMP 2.6.11
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Button Manager
HP Customer Experience Enhancements
HP Doc Viewer
HP DVD Play 3.7
HP Help and Support
HP Photosmart Essential 2.5
HP Quick Launch Buttons 6.40 D3
HP Smart Web Printing 4.60
HP Total Care Advisor
HP Update
HP User Guides 0110
HP Webcam User's Guide
HP Wireless Assistant
HPAsset component for HP Active Support Library
HPNetworkAssistant
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabel_Tattoo
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotoSmartPhotobookHolidayPack1
HPPhotoSmartPhotobookModernPack1
HPPhotoSmartPhotobookPlayfulPack1
HPPhotoSmartPhotobookScrapbookPack1
HPPhotoSmartPhotobookWebPack1
HPTCSSetup
iTunes
Java Auto Updater
Java(TM) 6 Update 26
Junk Mail filter update
K-Lite Mega Codec Pack 5.2.0
Lexmark 5000 Series
Malwarebytes' Anti-Malware version 1.51.2.1300
Messenger Plus! 5
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft UI Engine
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Microsoft® PowerPoint® Animation Player
MobileMe Control Panel
Movavi Video Converter 11
Mozilla Firefox 8.0 (x86 en-US)
MSVCRT
MSVCRT Redists
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My HP Games
NetWaiting
NVIDIA Drivers
OGA Notifier 2.0.0048.0
OpenOffice.org 3.3
Panda3D Game Engine
Philips Intelligent Agent
Philips SPC230NC Webcam
Power2Go
PowerDirector
Prince of Persia Warrior Within
PSSWCORE
PVSonyDll
QuickPlay SlingPlayer 0.4.6
QuickTime
RecordPad Sound Recorder
Safari
Screenshot Utility version 1.0
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Skype Click to Call
Skype™ 5.5
SmartWebPrinting
SpywareBlaster 4.4
SUPERAntiSpyware
Switch Sound File Converter
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Vegas Movie Studio HD 11.0
Vegas Pro 10.0
VideoToolkit01
VoiceOver Kit
VRS Recording System
Webcam Video Viewer
Winamp
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
WinRAR archiver
Yahoo! Messenger
Yahoo! Software Update
YouTube Downloader 3.4
.
==== Event Viewer Messages From Past Week ========
.
11/28/2011 8:38:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxdmCATSCustConnectService service to connect.
11/28/2011 8:38:25 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
11/28/2011 8:38:25 PM, Error: Service Control Manager [7000] - The lxdmCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/28/2011 8:35:20 PM, Error: Service Control Manager [7016] - The MgiSvr service has reported an invalid current state 32.
.
==== End Of File ===========================

descriptionVista Anti-Virus 2012 EmptyRe: Vista Anti-Virus 2012

more_horiz
You have Viewpoint installed.

Viewpoint Media Player/Manager/Toolbar is considered as Foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad".

More information:

* ViewMgr.exe - Useless
* Viewpoint to Plunge Into Adware

It is suggested to remove the program now. Go to Start > Control Panel > Add/Remove Programs - (Vista & Win7 is Programs and Features) and remove the following programs if present.

* Viewpoint
* Viewpoint Manager
* Viewpoint Media Player
* Viewpoint Toolbar
* Viewpoint Experience Technology

*************************************************
The log shows that you only have 14.52 Gb of free space on your harddrive. Windows requires at least 15% (21 Gb) to operate properly. You will need to free up some space.

Download ComboFix by sUBs from one of the below links. Be sure to save it to the Desktop.

link # 1
Link # 2
If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

Close any open web browsers (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your anti-virus, and any anti-spyware real-time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

Right-click combofix.exe and select Run as Administrator and follow the prompts.
When finished, ComboFix will produce a log for you.
Post the ComboFix login your next reply.

NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.

descriptionVista Anti-Virus 2012 EmptyRe: Vista Anti-Virus 2012

more_horiz
ComboFix 11-11-29.04 - Nick F 11/29/2011 16:24:08.6.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2814.1873 [GMT -8:00]
Running from: c:\users\Nick F\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-10-28 to 2011-11-30 )))))))))))))))))))))))))))))))
.
.
2011-11-30 00:40 . 2011-11-30 00:41 -------- d-----w- c:\users\Nick F\AppData\Local\temp
2011-11-30 00:40 . 2011-11-30 00:40 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2011-11-30 00:40 . 2011-11-30 00:40 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-11-30 00:40 . 2011-11-30 00:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-29 00:15 . 2011-11-29 00:15 -------- d-----w- c:\users\Nick F\AppData\Roaming\SUPERAntiSpyware.com
2011-11-29 00:14 . 2011-11-29 00:15 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-11-29 00:14 . 2011-11-29 00:14 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-11-22 08:58 . 2011-11-22 09:00 -------- d-----w- c:\users\Nick F\Toolbar
2011-11-20 20:51 . 2011-11-20 20:51 -------- d-----w- c:\program files\iPod
2011-11-15 19:36 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1CC1CBCB-C0D3-49B1-9E6A-38F911FE443F}\mpengine.dll
2011-11-09 18:01 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-11-09 18:00 . 2011-09-20 21:02 913280 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 18:00 . 2011-09-20 13:44 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2011-11-09 18:00 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-04 04:42 . 2011-11-18 06:42 -------- d-----w- c:\users\Nick F\AppData\Local\Akamai
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-24 21:29 . 2011-10-24 21:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 21:29 . 2011-10-24 21:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-24 17:21 . 2011-05-15 17:50 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-06 20:45 . 2010-09-07 10:20 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2009-07-19 16:58 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-03-16 02:15 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2009-07-19 16:59 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2009-07-19 16:59 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2009-07-19 16:59 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2009-07-19 16:58 54616 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2009-07-19 16:59 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-06 13:30 . 2011-10-12 17:06 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-09-02 13:39 . 2011-10-12 17:04 1383424 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-15 14:44 . 2011-06-18 21:23 568832 ----a-w- c:\program files\mozilla firefox\plugins\msvcp90.dll
2011-03-15 14:44 . 2011-06-18 21:23 655872 ----a-w- c:\program files\mozilla firefox\plugins\msvcr90.dll
2011-11-09 02:13 . 2011-04-21 23:23 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cookienator"="c:\program files\Cookienator\cookienator.exe" [2009-10-19 1333472]
"Akamai NetSession Interface"="c:\users\Nick F\AppData\Local\Akamai\netsession_win.exe" [2011-11-17 3303000]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-11-07 4617600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-04-02 468264]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"SPC_Monitor"="c:\windows\Philips\SPC230NC\Monitor.exe" [2007-12-10 323584]
"SPC230NC_Monitor"="c:\windows\Philips\SPC230NC\Monitor.exe" [2007-12-10 323584]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"lxdmmon.exe"="c:\program files\Lexmark 5000 Series\lxdmmon.exe" [2007-12-14 455336]
"lxdmamon"="c:\program files\Lexmark 5000 Series\lxdmamon.exe" [2007-12-14 25256]
"Lexmark 5000 Series Fax Server"="c:\program files\Lexmark 5000 Series\fm3032.exe" [2007-12-14 307880]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-23 13797920]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-02-18 49208]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-09-06 3722416]
"NACAgentUI"="c:\program files\Cisco\Cisco NAC Agent\NACAgentUI.exe" [2011-03-10 524512]
"PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-09-20 801792]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-11-13 421736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Button Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Button Manager.lnk
backup=c:\windows\pss\HP Button Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-12-15 01:17 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2008-06-16 15:03 75008 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-11-13 08:24 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2011-08-22 08:18 6276408 ----a-w- c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 21:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recordpad]
2011-10-13 18:23 1240068 ----a-w- c:\program files\NCH Software\Recordpad\recordpad.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VRS]
2011-10-13 18:20 1206276 ----a-w- c:\program files\NCH Swift Sound\VRS\vrs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 MP4ConverterAudio;MP4ConverterAudio;c:\windows\system32\drivers\MP4ConverterAudio.sys [2011-04-01 23608]
R3 PAEAFLT.sys;USB Composite Device;c:\windows\system32\DRIVERS\PAEAFLT.sys [2007-09-26 8576]
R3 SPC230NC;Philips SPC230NC Webcam;c:\windows\system32\DRIVERS\SPC230NC.SYS [2007-12-31 461056]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616]
S2 NACAgent;Cisco NAC Agent;c:\program files\Cisco\Cisco NAC Agent\NACAgent.exe [2011-03-10 1104608]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-04-25 361808]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
S2 VRSService;VRS Recording System;c:\program files\NCH Swift Sound\VRS\vrs.exe [2011-10-13 1206276]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-05-03 42528]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-16 c:\windows\Tasks\HPCeeScheduleForNick F.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-06-25 03:03]
.
2011-11-29 c:\windows\Tasks\User_Feed_Synchronization-{0C8D02E5-EE49-4906-BB76-3FD2EAF72B59}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:24]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.10.1
FF - ProfilePath - c:\users\Nick F\AppData\Roaming\Mozilla\Firefox\Profiles\l4fjkkx4.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (en)
FF - prefs.js: browser.startup.homepage - hxxp://www2.cscc.edu/
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.homepage.dontask - true
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{c0fba15f-7424-4df0-8195-cac3d6cfa44b} - (no file)
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
WebBrowser-{C0FBA15F-7424-4DF0-8195-CAC3D6CFA44B} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - c:\users\NICKF~1\AppData\Local\Temp\anj.dll
MSConfigStartUp-MSN Toolbar - c:\program files\MSN Toolbar\Platform\4.0.0316.3\mswinext.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-29 16:41
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_d768ebc.dll"
.
Completion time: 2011-11-29 16:50:26
ComboFix-quarantined-files.txt 2011-11-30 00:50
ComboFix2.txt 2011-01-02 23:27
.
Pre-Run: 29,154,254,848 bytes free
Post-Run: 29,302,005,760 bytes free
.
- - End Of File - - 830AB35A65BB30D432D295868A4045F4

descriptionVista Anti-Virus 2012 EmptyRe: Vista Anti-Virus 2012

more_horiz
SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

http://sites.google.com/site/sysprotantirootkit/

Unzip it into a folder on your desktop.

  • Double click Sysprot.exe to start the program.
  • Click on the Log tab.
  • In the Write to log box select the following items.

    • Process << Selected
    • Kernel Modules << Selected
    • SSDT << Selected
    • Kernel Hooks << Selected
    • IRP Hooks << NOT Selected
    • Ports << NOT Selected
    • Hidden Files << Selected

  • At the bottom of the page

    • Hidden Objects Only << Selected

  • Click on the Create Log button on the bottom right.
  • After a few seconds a new window should appear.
  • Select Scan Root Drive. Click on the Start button.
  • When it is complete a new window will appear to indicate that the scan is finished.
  • The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

descriptionVista Anti-Virus 2012 EmptyRe: Vista Anti-Virus 2012

more_horiz
SysProt AntiRootkit v1.0.1.0
by swatkat

******************************************************************************************
******************************************************************************************

No Hidden Processes found

******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: \SystemRoot\System32\Drivers\dump_dumpata.sys
Service Name: ---
Module Base: 914BF000
Module End: 914CA000
Hidden: Yes

Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys
Service Name: ---
Module Base: 914CA000
Module End: 914D2000
Hidden: Yes

******************************************************************************************
******************************************************************************************
SSDT:
Function Name: ZwAddBootEntry
Address: 90E13374
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateEvent
Address: 90E15996
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateEventPair
Address: 90E159EE
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateIoCompletion
Address: 90E15B04
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateMutant
Address: 90E158EC
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateSection
Address: 90E15A3E
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateSemaphore
Address: 90E15940
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateTimer
Address: 90E15AB2
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwDeleteBootEntry
Address: 90E13398
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwLoadDriver
Address: 90E13162
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwModifyBootEntry
Address: 90E133BC
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwNotifyChangeKey
Address: 90E15EFC
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwNotifyChangeMultipleKeys
Address: 90E13E54
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenEvent
Address: 90E159C6
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenEventPair
Address: 90E15A16
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenIoCompletion
Address: 90E15B2E
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenMutant
Address: 90E15918
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenSection
Address: 90E15A7E
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenSemaphore
Address: 90E1596E
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenTimer
Address: 90E15ADC
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwQueryObject
Address: 90E13D1A
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSetBootEntryOrder
Address: 90E133E0
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSetBootOptions
Address: 90E13404
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSetSystemInformation
Address: 90E131BC
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSetSystemPowerState
Address: 90E132F8
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwShutdownSystem
Address: 90E132D4
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSystemDebugControl
Address: 90E1331C
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwTerminateProcess
Address: 807E7640
Driver Base: 807DD000
Driver End: 807FF000
Driver Name: \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

Function Name: ZwVdmControl
Address: 90E13428
Driver Base: 90E00000
Driver End: 90E70000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

******************************************************************************************
******************************************************************************************
Kernel Hooks:
Hooked Function: ZwCreateProcessEx
At Address: 83299DCA
Jump To: 914849AA
Module Name: C:\Windows\System32\Drivers\aswSP.SYS

Hooked Function: ObMakeTemporaryObject
At Address: 831DF62F
Jump To: 914803DE
Module Name: C:\Windows\System32\Drivers\aswSP.SYS

Hooked Function: ObInsertObject
At Address: 83238543
Jump To: 91481E84
Module Name: C:\Windows\System32\Drivers\aswSP.SYS

******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: C:\Qoobox\BackEnv\AppData.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Cache.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Cookies.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Desktop.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Favorites.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\History.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\LocalAppData.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\LocalSettings.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Music.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\NetHood.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Personal.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Pictures.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\PrintHood.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Profiles.Folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Profiles.Folder.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Programs.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Recent.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SendTo.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SetPath.bat
Status: Access denied

Object: C:\Qoobox\BackEnv\StartMenu.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\StartUp.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SysPath.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Templates.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\VikPev00
Status: Access denied

Object: C:\Users\Nick F\Music\Darker than Black Ryusei no Gemini
Status: Hidden

Object: C:\Users\Nick F\Music\Dissidia Final Fantasy\202 One Winged Angel-orchestra version-?from FINAL FANTASY ?.mp3
Status: Hidden

Object: C:\Users\Nick F\Music\Dissidia Final Fantasy\202 One Winged Angel-orchestra version-?from FINAL FANTASY ?.mp3.sfk
Status: Hidden

Object: C:\Users\Nick F\Pictures\Ryusei_no_Gemini_DVD_cover.jpg
Status: Hidden

Object: C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl
Status: Access denied

Object: C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl
Status: Access denied

Object: C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl
Status: Access denied

Object: C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl
Status: Access denied

descriptionVista Anti-Virus 2012 EmptyRe: Vista Anti-Virus 2012

more_horiz
I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the Vista Anti-Virus 2012 EsetOnline button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on Vista Anti-Virus 2012 EsetSmartInstall to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the Vista Anti-Virus 2012 EsetSmartInstallDesktopIcon-1 icon on your desktop.

•Check Vista Anti-Virus 2012 EsetAcceptTerms
•Click the Vista Anti-Virus 2012 EsetStart button.
•Accept any security warnings from your browser.
•Check Vista Anti-Virus 2012 EsetScanArchives
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push Vista Anti-Virus 2012 EsetListThreats
•Push Vista Anti-Virus 2012 EsetExport, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the Vista Anti-Virus 2012 EsetBack button.
•Push Vista Anti-Virus 2012 EsetFinish
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

descriptionVista Anti-Virus 2012 EmptyRe: Vista Anti-Virus 2012

more_horiz
here

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.16386 (vista_rtm.061101-2205)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=5d509933f5efd04e8f96c92a0cfa33b2
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-17 03:49:01
# local_time=2011-11-16 07:49:01 (-0800, Pacific Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=768 16777215 100 0 36703469 36703469 0 0
# compatibility_mode=1024 16777215 100 0 59633424 59633424 0 0
# compatibility_mode=5892 16776574 100 100 0 158087422 0 0
# compatibility_mode=8192 67108863 100 0 38977076 38977076 0 0
# scanned=244088
# found=5
# cleaned=5
# scan_time=21847
C:\Users\Nick F\AppData\Local\temp\{B3121411-7B4C-BDC0-5F2B-336E68F136E7}\zugo.exe a variant of Win32/Toolbar.Zugo application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Nick F\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\58630b2b-71313c85 Java/TrojanDownloader.OpenStream.NCM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Nick F\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\4b6dd006-651085da Java/TrojanDownloader.OpenStream.NCA trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Nick F\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\7788bc6-76153424 Java/TrojanDownloader.OpenStream.NCA trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Nick F\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\5c684afc-70c2d594 Java/TrojanDownloader.OpenStream.NCA trojan (deleted - quarantined) 00000000000000000000000000000000 C
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=5d509933f5efd04e8f96c92a0cfa33b2
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-17 10:53:03
# local_time=2011-12-17 02:53:03 (-0800, Pacific Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=768 16777215 100 0 39370950 39370950 0 0
# compatibility_mode=1024 16777215 100 0 62300905 62300905 0 0
# compatibility_mode=5892 16776574 100 100 2584835 160754903 0 0
# compatibility_mode=8192 67108863 100 0 41644557 41644557 0 0
# scanned=194244
# found=8
# cleaned=8
# scan_time=15007
C:\ProgramData\YouTube Downloader\ytd_installer.exe a variant of Win32/Adware.Toolbar.Dealio application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Nick F\AppData\Local\temp\ICReinstall\cnet2_FreeSoundRecorder_exe.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Nick F\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\1a767440-32d97653 a variant of Win32/Kryptik.WQZ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Nick F\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\28c00235-2f25f01c multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Nick F\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\1855393c-4fb6a4e7 a variant of Java/Exploit.CVE-2011-3544.B trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Nick F\Downloads\cnet2_FreeSoundRecorder_exe.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Nick F\Downloads\YouTubeDownloaderSetup33.exe a variant of Win32/Adware.Toolbar.Dealio application (deleted - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\temp\szmdrorhwo a variant of Win32/Kryptik.XMW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

descriptionVista Anti-Virus 2012 EmptyRe: Vista Anti-Virus 2012

more_horiz
That looks good. Are there any other issues?

descriptionVista Anti-Virus 2012 EmptyRe: Vista Anti-Virus 2012

more_horiz
yes, it keeps coming back. It came back twice, and twice I got rid of it the same way. I noticed several things that happen when it does:

My control panel says it needs my permission and won't go away till I hit "yes", and Adobe keeps wanting to a download an update JUST as the virus hits and even now it keeps wanting to come back.

descriptionVista Anti-Virus 2012 EmptyRe: Vista Anti-Virus 2012

more_horiz
Let's run a few more scans to see what turns up.

Please download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Vista Anti-Virus 2012 AswMBR_Scan

Click the "Scan" button to start scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

Vista Anti-Virus 2012 AswMBR_SaveLog

On completion of the scan click save log, save it to your desktop and post in your next reply

descriptionVista Anti-Virus 2012 EmptyRe: Vista Anti-Virus 2012

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum