Incredibar/my start

Good New year morning,
My husband loaded a blackberry IPD file on the computer, but I think a virus was attached. Firefox has been hijacked and it is now this INcredibar/Mystart thing. I am currently running an eset free scanner and it is coming up with some warnings already. My plan is to run Malaware as well. We have the free Avast on the computer. It is a desktop Dell. I looked in the add/remove programs and see nothing different at this point. I could use some help in finding and removing this thing.
thank you for your time.

Brick
I am on a virus free computer now writing this post.

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

Download SuperAntispyware Free Edition (SAS)
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
•Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
***********************************************
Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• Please save the log to a location you will remember.
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy and paste the entire report in your next reply.
  

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
*************************************************
Download DDS from HERE or HERE and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.



1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

•Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE .Then post your DDS logs. (DDS.txt and Attach.txt )

here is the first set of scan logs:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/01/2012 at 04:59 PM

Application Version : 5.0.1142

Core Rules Database Version : 8091
Trace Rules Database Version: 5903

Scan type : Complete Scan
Total Scan Time : 01:50:26

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 552
Memory threats detected : 0
Registry items scanned : 38233
Registry threats detected : 4
File items scanned : 213724
File threats detected : 420

Adware.Tracking Cookie
C:\Documents and Settings\fritsch family\Cookies\517EZU99.txt [ /pmamedia.sitescout.com ]
C:\Documents and Settings\fritsch family\Cookies\KR71KNZP.txt [ /revsci.net ]
C:\Documents and Settings\fritsch family\Cookies\TLDGYORL.txt [ /atdmt.com ]
C:\Documents and Settings\fritsch family\Cookies\I0G3ZBSC.txt [ /media6degrees.com ]
C:\Documents and Settings\fritsch family\Cookies\VKZOLRUU.txt [ /invitemedia.com ]
C:\Documents and Settings\fritsch family\Cookies\FGLEQTFR.txt [ /mediabrandsww.com ]
C:\Documents and Settings\fritsch family\Cookies\TV0YDVLT.txt [ /yieldmanager.net ]
C:\Documents and Settings\fritsch family\Cookies\4YXZQI2Z.txt [ /atdmt.combing.com ]
C:\Documents and Settings\fritsch family\Cookies\LNDDWVF4.txt [ /ads.cnn.com ]
C:\Documents and Settings\fritsch family\Cookies\LO69XPT6.txt [ /macromedia.com ]
C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\Cookies\WKLXYU4G.txt [ Cookie:fritsch family@adsonar.com/adserving ]
cdn.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KC6CGMAF ]
cdn.insights.gravity.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KC6CGMAF ]
cdn.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KC6CGMAF ]
cdn1.image.freeporn.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KC6CGMAF ]
ia.media-imdb.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KC6CGMAF ]
media.ign.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KC6CGMAF ]
media.mtvnservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KC6CGMAF ]
media1.break.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KC6CGMAF ]
objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KC6CGMAF ]
s0.2mdn.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KC6CGMAF ]
secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KC6CGMAF ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
segment-pixel.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.adtechus.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.viacom.adbureau.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.game-advertising-online.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.p6.mediamolecule.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.cdn.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.cdn.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
adserver.twitpic.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aelogocpglp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wgkoggcpabo.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.autopartsexpress.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.autopartsexpress.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.autopartsexpress.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.autopartsexpress.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
gotacha.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjnyqjdjghq.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6whkogkdzwlo.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.viacom.adbureau.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfl4qidpclq.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6whlyomdjcep.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlicpczafo.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
ox-d.yadomedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfl4wpd5afp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjmyakc5ico.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfmikidpcfo.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.findthebest.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.findthebest.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wbkoggazeeo.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.martiniadnetwork.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.martiniadnetwork.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.martiniadnetwork.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wmlouiazcgp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.media.contextweb.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.media.contextweb.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.trackimizer.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aeloopajmfq.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wmloujazwgp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjkoahcjwlq.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wblyogdpefq.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
flagcounter.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjny-1mcpog.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfkyojcjecp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.megaclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.f.megaclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.f.megaclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
natimedia.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.tracking.dsmmadvantage.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.traveladvertising.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
mediaservices-d.openxenterprise.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.homebizfinder.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.homebizfinder.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.clickmanage.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.clickmanage.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
ads.saymedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.akamai.interclickproxy.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjk4umajaao.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjnysjc5shp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wgkigicpefq.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjkywhdpaeq.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfmiepdzgko.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.bizrate.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aelocjdpsbo.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aelycoc5geo.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aelycndzaeo.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjmyggdzogo.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
auth.breakmedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.www.mediafire.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.tradatracker.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6ael4cod5gcp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlighcpwbo.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.media2.legacy.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.traveladvertising.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.traveladvertising.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlyanc5geq.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aekiugdjalp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfliagcjihp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.legendaryfinds.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.legendaryfinds.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.legendaryfinds.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.legendaryfinds.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
adserver.lawnsite.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
stats.webstarts.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnmysgcjcap.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wmmychcjklp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wbkoohdjifp.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\FRITSCH FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GZY47FSK.DEFAULT\COOKIES.SQLITE ]

Adware.Zugo
HKU\S-1-5-21-2353383158-389931355-32074981-1011\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{9D425283-D487-4337-BAB6-AB8354A81457}
HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}
HKU\S-1-5-21-2353383158-389931355-32074981-1011\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{9D425283-D487-4337-BAB6-AB8354A81457}

here is the malware report:

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.01.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
fritsch family :: FRITSCHFAMILY [administrator]

1/1/2012 5:10:56 PM
mbam-log-2012-01-01 (17-10-56).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 350913
Time elapsed: 1 hour(s), 42 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

the dds logs:


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 2/27/2007 9:25:35 PM
System Uptime: 1/1/2012 5:12:03 PM (3 hours ago)
.
Motherboard: Dell Inc | | 0CT103
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ | Socket M2 | 2204/1000mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 146 GiB total, 52.054 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP455: 10/23/2011 12:50:57 PM - System Checkpoint
RP456: 10/24/2011 2:19:22 PM - System Checkpoint
RP457: 10/25/2011 5:58:53 PM - System Checkpoint
RP458: 10/26/2011 7:35:31 PM - System Checkpoint
RP459: 10/27/2011 8:30:09 PM - System Checkpoint
RP460: 10/29/2011 8:04:47 AM - System Checkpoint
RP461: 10/30/2011 10:37:51 AM - System Checkpoint
RP462: 10/31/2011 12:47:29 PM - System Checkpoint
RP463: 11/1/2011 3:15:37 PM - System Checkpoint
RP464: 11/2/2011 9:51:07 PM - System Checkpoint
RP465: 11/3/2011 10:31:08 PM - System Checkpoint
RP466: 11/6/2011 6:53:28 AM - System Checkpoint
RP467: 11/7/2011 9:02:10 AM - Software Distribution Service 3.0
RP468: 11/8/2011 7:36:44 PM - System Checkpoint
RP469: 11/9/2011 11:00:20 AM - Software Distribution Service 3.0
RP470: 11/10/2011 11:46:03 AM - System Checkpoint
RP471: 11/11/2011 11:00:16 AM - Software Distribution Service 3.0
RP472: 11/11/2011 4:34:21 PM - Removed Ace of Spades
RP473: 11/13/2011 10:12:03 AM - System Checkpoint
RP474: 11/14/2011 5:09:02 PM - System Checkpoint
RP475: 11/15/2011 12:14:56 PM - Removed Paint.NET v3.5.10
RP476: 11/15/2011 12:18:28 PM - Configured Age of Empires III
RP477: 11/15/2011 12:19:31 PM - Installed Age of Empires III
RP478: 11/15/2011 12:25:57 PM - Configured Age of Empires III
RP479: 11/15/2011 12:26:32 PM - Configured Age of Empires III
RP480: 11/16/2011 10:26:36 AM - Software Distribution Service 3.0
RP481: 11/16/2011 10:01:54 PM - Installed Age of Empires III
RP482: 11/17/2011 10:03:21 PM - System Checkpoint
RP483: 11/18/2011 10:48:01 PM - System Checkpoint
RP484: 11/19/2011 4:03:04 PM - Installed The Sims 3
RP485: 11/20/2011 12:21:44 AM - Installed The Sims 3
RP486: 11/21/2011 5:02:04 PM - System Checkpoint
RP487: 11/23/2011 8:50:32 AM - System Checkpoint
RP488: 11/25/2011 4:57:52 PM - System Checkpoint
RP489: 11/27/2011 3:10:39 PM - System Checkpoint
RP490: 11/28/2011 9:27:31 PM - System Checkpoint
RP491: 11/30/2011 6:30:42 AM - System Checkpoint
RP492: 12/3/2011 9:48:25 AM - Software Distribution Service 3.0
RP493: 12/4/2011 9:51:45 PM - System Checkpoint
RP494: 12/5/2011 11:21:30 AM - Software Distribution Service 3.0
RP495: 12/5/2011 11:40:04 AM - Software Distribution Service 3.0
RP496: 12/6/2011 11:00:16 AM - Software Distribution Service 3.0
RP497: 12/7/2011 8:31:01 PM - System Checkpoint
RP498: 12/9/2011 8:04:29 PM - System Checkpoint
RP499: 12/10/2011 3:14:40 PM - Installed DirectX
RP500: 12/11/2011 1:20:20 PM - Installed DirectX
RP501: 12/12/2011 7:19:09 PM - System Checkpoint
RP502: 12/13/2011 8:50:31 PM - System Checkpoint
RP503: 12/14/2011 11:00:27 AM - Software Distribution Service 3.0
RP504: 12/14/2011 1:58:21 PM - Installed Java(TM) 6 Update 30
RP505: 12/14/2011 6:53:16 PM - Installed The Sims 3
RP506: 12/15/2011 9:30:47 PM - System Checkpoint
RP507: 12/16/2011 6:23:45 PM - Software Distribution Service 3.0
RP508: 12/18/2011 2:24:09 PM - System Checkpoint
RP509: 12/20/2011 8:46:14 AM - System Checkpoint
RP510: 12/21/2011 11:45:05 AM - System Checkpoint
RP511: 12/23/2011 10:30:21 AM - System Checkpoint
RP512: 12/24/2011 10:30:29 PM - System Checkpoint
RP513: 12/26/2011 7:09:20 AM - System Checkpoint
RP514: 12/27/2011 11:02:09 AM - System Checkpoint
RP515: 12/28/2011 11:18:49 AM - System Checkpoint
RP516: 12/29/2011 5:20:52 PM - System Checkpoint
RP517: 12/31/2011 1:53:54 PM - System Checkpoint
RP518: 12/31/2011 10:39:16 PM - Installed BlackBerry USB Drivers.
RP519: 12/31/2011 10:59:06 PM - Installed BlackBerry Desktop Software 5.0.1.
RP520: 12/31/2011 11:30:10 PM - Installed MagicBerry
RP521: 1/1/2012 12:39:25 PM - Software Distribution Service 3.0
RP522: 1/1/2012 1:51:22 PM - Software Distribution Service 3.0
RP523: 1/1/2012 2:26:53 PM - Removed Java(TM) 6 Update 20
RP524: 1/1/2012 2:30:03 PM - Installed Java(TM) 6 Update 30
RP525: 1/1/2012 2:53:27 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Download Manager
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 8.2.5
Adobe Shockwave Player 11.6
Age of Empires III
Age of Empires Online
AOLIcon
Apple Application Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
avast! Free Antivirus
AVS4YOU Software Navigator 1.3
BlackBerry Desktop Software 5.0.1
BlackBerry USB Drivers
BlackBerry® Media Sync
Broadcom Management Programs
BroadJump Client Foundation
BufferChm
CCleaner
Champions Online
Compatibility Pack for the 2007 Office system
Cookienator
CP_AtenaShokunin1Config
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CreativeProjectsTemplates
CueTour
Dell CinePlayer
Dell Driver Download Manager
Dell Support 3.2.1
Dell Support Center (Support Software)
Dell System Restore
Digital Content Portal
DocumentViewer
EarthLink Setup Files
ESET Online Scanner
ESET Online Scanner v3
Eusing Free Registry Cleaner
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows Media Format SDK (KB910998)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB981793)
HP Image Zone 4.7
HP Update
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 22
Junk Mail filter update
Lexmark 5000 Series
Magic ISO Maker v5.5 (build 0281)
MagicBerry
Malwarebytes Anti-Malware version 1.60.0.1800
Math 7 Teaching Textbook
MB Service Manual
Messenger Plus! Live
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook Connector
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Small Business Edition 2003
Microsoft Office Standard Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft WSE 3.0 Runtime
Mozilla Firefox 9.0.1 (x86 en-US)
MSN
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
Nuance PDF Reader
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA nView Desktop Manager
NVIDIA PhysX
Origin
Panda3D Game Engine
PanoStandAlone
PhotoScape
PowerDVD
QuickTime
RGSS-RTP Standard
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
ScannerCopy
Secunia PSI (2.0.0.3003)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Sid Meier's Civilization 4 - Beyond the Sword
Sid Meier's Civilization 4 Complete
Sid Meier's Civilization V
Sonic Activation Module
Spore
SpywareBlaster 4.4
Steam
SUPERAntiSpyware
swMSM
System Requirements Lab
The Sims™ 3
tools-windows
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB2362765)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VMware Player
WeatherBug
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Search 4.0
Windows XP Service Pack 3
WinRAR 4.01 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
1/1/2012 8:10:59 PM, error: Service Control Manager [7000] - The Secunia Update Agent service failed to start due to the following error: The system cannot find the path specified.
.
==== End Of File ===========================

Registry cleaners are extremely powerful applications and their potential for harming your OS far outweighs any small potential for improving your computer's performance.
Eusing Free Registry Cleaner
There are a number of them available and some are more safe than others. Keep in mind that no two registry cleaners work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad" entry. One cleaner may find entries on your system that will not cause a problem when removed, another may not find the same entries, and still another may want to remove entries required for a program to work. Without research into what the registry entry selected for deletion is, a registry cleaner can end up being an automated method to cause problems with the registry.

For routine use by those not familiar with the registry, the benefits to your computer are negligible while the potential risks are great.

Further reading: XP Fixes Myth #1: Registry Cleaners
************************************************************
One of the DDS logs is missing. Please post it.

The dds logs that was posted was the only thing that came up. Would you like me to rescan the dds one again and see? I should have waited for my son to confirm I copied and pasted the right stuff....LOL!

Thanks for the link on the registry cleaner...I must say I was not aware of the potential problems.

Will remove that promptly.

Brick

Would you like me to rescan the dds one again and see?

Yes, please. Run it again and post the logs.

second run dds logs:
the first one:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 2/27/2007 9:25:35 PM
System Uptime: 1/2/2012 12:12:37 PM (3 hours ago)
.
Motherboard: Dell Inc | | 0CT103
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ | Socket M2 | 2204/1000mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 146 GiB total, 51.997 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP455: 10/23/2011 12:50:57 PM - System Checkpoint
RP456: 10/24/2011 2:19:22 PM - System Checkpoint
RP457: 10/25/2011 5:58:53 PM - System Checkpoint
RP458: 10/26/2011 7:35:31 PM - System Checkpoint
RP459: 10/27/2011 8:30:09 PM - System Checkpoint
RP460: 10/29/2011 8:04:47 AM - System Checkpoint
RP461: 10/30/2011 10:37:51 AM - System Checkpoint
RP462: 10/31/2011 12:47:29 PM - System Checkpoint
RP463: 11/1/2011 3:15:37 PM - System Checkpoint
RP464: 11/2/2011 9:51:07 PM - System Checkpoint
RP465: 11/3/2011 10:31:08 PM - System Checkpoint
RP466: 11/6/2011 6:53:28 AM - System Checkpoint
RP467: 11/7/2011 9:02:10 AM - Software Distribution Service 3.0
RP468: 11/8/2011 7:36:44 PM - System Checkpoint
RP469: 11/9/2011 11:00:20 AM - Software Distribution Service 3.0
RP470: 11/10/2011 11:46:03 AM - System Checkpoint
RP471: 11/11/2011 11:00:16 AM - Software Distribution Service 3.0
RP472: 11/11/2011 4:34:21 PM - Removed Ace of Spades
RP473: 11/13/2011 10:12:03 AM - System Checkpoint
RP474: 11/14/2011 5:09:02 PM - System Checkpoint
RP475: 11/15/2011 12:14:56 PM - Removed Paint.NET v3.5.10
RP476: 11/15/2011 12:18:28 PM - Configured Age of Empires III
RP477: 11/15/2011 12:19:31 PM - Installed Age of Empires III
RP478: 11/15/2011 12:25:57 PM - Configured Age of Empires III
RP479: 11/15/2011 12:26:32 PM - Configured Age of Empires III
RP480: 11/16/2011 10:26:36 AM - Software Distribution Service 3.0
RP481: 11/16/2011 10:01:54 PM - Installed Age of Empires III
RP482: 11/17/2011 10:03:21 PM - System Checkpoint
RP483: 11/18/2011 10:48:01 PM - System Checkpoint
RP484: 11/19/2011 4:03:04 PM - Installed The Sims 3
RP485: 11/20/2011 12:21:44 AM - Installed The Sims 3
RP486: 11/21/2011 5:02:04 PM - System Checkpoint
RP487: 11/23/2011 8:50:32 AM - System Checkpoint
RP488: 11/25/2011 4:57:52 PM - System Checkpoint
RP489: 11/27/2011 3:10:39 PM - System Checkpoint
RP490: 11/28/2011 9:27:31 PM - System Checkpoint
RP491: 11/30/2011 6:30:42 AM - System Checkpoint
RP492: 12/3/2011 9:48:25 AM - Software Distribution Service 3.0
RP493: 12/4/2011 9:51:45 PM - System Checkpoint
RP494: 12/5/2011 11:21:30 AM - Software Distribution Service 3.0
RP495: 12/5/2011 11:40:04 AM - Software Distribution Service 3.0
RP496: 12/6/2011 11:00:16 AM - Software Distribution Service 3.0
RP497: 12/7/2011 8:31:01 PM - System Checkpoint
RP498: 12/9/2011 8:04:29 PM - System Checkpoint
RP499: 12/10/2011 3:14:40 PM - Installed DirectX
RP500: 12/11/2011 1:20:20 PM - Installed DirectX
RP501: 12/12/2011 7:19:09 PM - System Checkpoint
RP502: 12/13/2011 8:50:31 PM - System Checkpoint
RP503: 12/14/2011 11:00:27 AM - Software Distribution Service 3.0
RP504: 12/14/2011 1:58:21 PM - Installed Java(TM) 6 Update 30
RP505: 12/14/2011 6:53:16 PM - Installed The Sims 3
RP506: 12/15/2011 9:30:47 PM - System Checkpoint
RP507: 12/16/2011 6:23:45 PM - Software Distribution Service 3.0
RP508: 12/18/2011 2:24:09 PM - System Checkpoint
RP509: 12/20/2011 8:46:14 AM - System Checkpoint
RP510: 12/21/2011 11:45:05 AM - System Checkpoint
RP511: 12/23/2011 10:30:21 AM - System Checkpoint
RP512: 12/24/2011 10:30:29 PM - System Checkpoint
RP513: 12/26/2011 7:09:20 AM - System Checkpoint
RP514: 12/27/2011 11:02:09 AM - System Checkpoint
RP515: 12/28/2011 11:18:49 AM - System Checkpoint
RP516: 12/29/2011 5:20:52 PM - System Checkpoint
RP517: 12/31/2011 1:53:54 PM - System Checkpoint
RP518: 12/31/2011 10:39:16 PM - Installed BlackBerry USB Drivers.
RP519: 12/31/2011 10:59:06 PM - Installed BlackBerry Desktop Software 5.0.1.
RP520: 12/31/2011 11:30:10 PM - Installed MagicBerry
RP521: 1/1/2012 12:39:25 PM - Software Distribution Service 3.0
RP522: 1/1/2012 1:51:22 PM - Software Distribution Service 3.0
RP523: 1/1/2012 2:26:53 PM - Removed Java(TM) 6 Update 20
RP524: 1/1/2012 2:30:03 PM - Installed Java(TM) 6 Update 30
RP525: 1/1/2012 2:53:27 PM - Software Distribution Service 3.0
RP526: 1/1/2012 9:04:33 PM - Installed QuickTime
RP527: 1/1/2012 9:13:11 PM - Removed Google Earth.
RP528: 1/1/2012 9:17:07 PM - Removed Age of Empires Online
RP529: 1/1/2012 9:18:28 PM - Configured Age of Empires III
.
==== Installed Programs ======================
.
Adobe Download Manager
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 8.2.5
Adobe Shockwave Player 11.6
Age of Empires III
AOLIcon
Apple Application Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
avast! Free Antivirus
AVS4YOU Software Navigator 1.3
BlackBerry Desktop Software 5.0.1
BlackBerry USB Drivers
BlackBerry® Media Sync
Broadcom Management Programs
BroadJump Client Foundation
BufferChm
Champions Online
Compatibility Pack for the 2007 Office system
Cookienator
CP_AtenaShokunin1Config
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CreativeProjectsTemplates
CueTour
Dell CinePlayer
Dell Driver Download Manager
Dell Support 3.2.1
Dell Support Center (Support Software)
Dell System Restore
Digital Content Portal
DocumentViewer
EarthLink Setup Files
ESET Online Scanner
Google Update Helper
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows Media Format SDK (KB910998)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB981793)
HP Image Zone 4.7
HP Update
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 22
Junk Mail filter update
Lexmark 5000 Series
Magic ISO Maker v5.5 (build 0281)
MagicBerry
Malwarebytes Anti-Malware version 1.60.0.1800
Math 7 Teaching Textbook
MB Service Manual
Messenger Plus! Live
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook Connector
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Small Business Edition 2003
Microsoft Office Standard Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft WSE 3.0 Runtime
Mozilla Firefox 9.0.1 (x86 en-US)
MSN
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
Nuance PDF Reader
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA nView Desktop Manager
NVIDIA PhysX
Origin
Panda3D Game Engine
PanoStandAlone
PhotoScape
PowerDVD
QuickTime
RGSS-RTP Standard
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
ScannerCopy
Secunia PSI (2.0.0.3003)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Sid Meier's Civilization 4 - Beyond the Sword
Sid Meier's Civilization 4 Complete
Sid Meier's Civilization V
Sonic Activation Module
Spore
Steam
SUPERAntiSpyware
swMSM
System Requirements Lab
The Sims™ 3
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB2362765)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WeatherBug
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Search 4.0
Windows XP Service Pack 3
WinRAR 4.01 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
1/2/2012 3:27:33 PM, error: Service Control Manager [7000] - The Secunia Update Agent service failed to start due to the following error: The system cannot find the path specified.
.
==== End Of File ===========================

second run of dds logs
second log:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Run by fritsch family at 15:38:56 on 2012-01-02
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2262 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\DLA\DLACTRLW.EXE
svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Lexmark 5000 Series\lxdmmon.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Lexmark 5000 Series\lxdmamon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\WINDOWS\system32\lxdmcoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.foxnews.com/
uSearch Page = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
uSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = hxxp://www.winpatrol.com/cgi-bin/plusinfo.pl?program=CTFMON.EXE&vendor=Microsoft%20Corporation&version=5.1.2600.5512&userid=&build=18.1.2010.0:18.1.2010.0&Type=1011&Loc=en&ext=EXE&verify=
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
uRun: [Cookienator] "c:\program files\cookienator\cookienator.exe" /auto
uRun: [EADM] "c:\program files\origin\Origin.exe" -AutoStart
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [lxdmmon.exe] "c:\program files\lexmark 5000 series\lxdmmon.exe"
mRun: [lxdmamon] "c:\program files\lexmark 5000 series\lxdmamon.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [BlackBerryAutoUpdate] c:\program files\common files\research in motion\auto update\RIMAutoUpdate.exe /background
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\deskto~1.lnk - c:\program files\research in motion\blackberry\DesktopMgr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: secunia.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1176164460964
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1257093277500
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.10.1
TCP: Interfaces\{C9F267CE-50FA-41F5-9CE2-A6CA0899D102} : DhcpNameServer = 192.168.10.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\fritsch family\application data\mozilla\firefox\profiles\gzy47fsk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2866295&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.cnn.com
FF - prefs.js: keyword.URL - hxxp://mystart.incredibar.com/mb110/?loc=IB_DS&a=6PQjXGde6N&&i=26&search=
FF - plugin: c:\documents and settings\fritsch family\application data\mozilla\firefox\profiles\gzy47fsk.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\documents and settings\fritsch family\application data\mozilla\firefox\profiles\gzy47fsk.default\extensions\battlefieldheroespatcher@ea.com\plugins\npBFHUpdater.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nppanda3d.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPSFDMGR.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\nuance\pdf reader\bin\nppdf.dll
FF - plugin: c:\program files\nuance\pdf reader\bin\nppdf.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6PQjXGde6N&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - acbf2e0200000000000000188b79174a
FF - user.js: extensions.incredibar_i.hardId - acbf2e0200000000000000188b79174a
FF - user.js: extensions.incredibar_i.instlDay - 15340
FF - user.js: extensions.incredibar_i.vrsn - 1.5.3.27
FF - user.js: extensions.incredibar_i.vrsni - 1.5.3.27
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.3.2723:24:58
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6PQjXGde6N
FF - user.js: extensions.incredibar_i.upn2n - 92542122502005621
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10556
FF - user.js: extensions.incredibar_i.ppd - 1000
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-8 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-6-8 314456]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-6-8 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-8 44768]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-4-19 993848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2011-1-24 57320]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S0 $sys$cor;$sys$cor;c:\windows\system32\drivers\$sys$cor.sys --> c:\windows\system32\drivers\$sys$cor.sys [?]
S0 04029632;04029632 Boot Guard Driver;c:\windows\system32\drivers\04029632.sys --> c:\windows\system32\drivers\04029632.sys [?]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S1 $sys$crater;$sys$crater;\??\c:\windows\system32\$sys$filesystem\crater.sys --> c:\windows\system32\$sys$filesystem\crater.sys [?]
S1 04029631;04029631;c:\windows\system32\drivers\04029631.sys --> c:\windows\system32\drivers\04029631.sys [?]
S1 setup_9.0.0.722_25.03.2011_16-20drv;setup_9.0.0.722_25.03.2011_16-20drv;c:\windows\system32\drivers\0402963.sys --> c:\windows\system32\drivers\0402963.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-6 136176]
S2 Secunia Update Agent;Secunia Update Agent; [x]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-6-6 136176]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-10 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 AMPingService;AMPingService; [x]
.
=============== Created Last 30 ================
.
2012-01-01 20:04:59 -------- d-----w- c:\documents and settings\fritsch family\application data\SUPERAntiSpyware.com
2012-01-01 20:04:06 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2012-01-01 20:03:51 -------- d-----w- c:\documents and settings\all users\application data\SUPERSetup
2012-01-01 19:40:28 -------- d--h--w- c:\program files\WindowsUpdate
2012-01-01 04:30:13 -------- d-----w- c:\program files\MagicBerry
2012-01-01 04:22:33 -------- d-----w- c:\program files\ADLSoft UnCompressor
2012-01-01 04:03:58 256 ----a-w- c:\windows\system32\pool.bin
2012-01-01 04:03:51 -------- d-----w- c:\documents and settings\fritsch family\application data\Research In Motion
2012-01-01 04:00:12 -------- d-----w- c:\documents and settings\all users\application data\Research In Motion
2012-01-01 03:59:20 -------- d-----w- c:\program files\Research In Motion
2012-01-01 03:39:25 27136 ----a-r- c:\windows\system32\drivers\RimSerial.sys
2012-01-01 03:39:18 -------- d-----w- c:\program files\common files\Research in Motion
2011-12-27 16:32:32 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll
2011-12-27 16:32:32 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll
2011-12-27 16:32:32 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll
2011-12-27 16:32:32 43992 ----a-w- c:\program files\mozilla firefox\mozutils.dll
2011-12-14 23:38:05 -------- d-----w- c:\documents and settings\all users\application data\EA Core
2011-12-10 20:12:46 -------- d-----w- c:\program files\Tag
2011-12-07 02:02:56 -------- d-----w- c:\documents and settings\fritsch family\application data\Origin
2011-12-07 02:02:52 -------- d-----w- c:\documents and settings\fritsch family\local settings\application data\Origin
2011-12-05 17:31:58 -------- d-----w- c:\documents and settings\all users\application data\Origin
2011-12-05 17:31:55 -------- d-----w- c:\program files\Origin Games
2011-12-05 17:31:09 -------- d-----w- c:\program files\Origin
.
==================== Find3M ====================
.
2012-01-01 19:24:15 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 20:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-28 18:01:25 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 17:53:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37:08 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:02 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-24 19:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 19:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-23 14:05:33 270240 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-10-22 21:11:20 270240 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-10-21 21:15:20 138056 ----a-w- c:\documents and settings\fritsch family\application data\PnkBstrK.sys
2011-10-18 11:13:22 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
.
============= FINISH: 15:41:21.15 ===============

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com

and save it to your Desktop.
It would be easiest to download using Internet Explorer.
If you want to use Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
Double click ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

If you have problems with ComboFix usage, see How to use ComboFix

here is the combofix log: Thanks!

ComboFix 12-01-03.04 - fritsch family 01/03/2012 11:03:25.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2420 [GMT -5:00]
Running from: c:\documents and settings\fritsch family\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\windows\Downloaded Installations\BMP
c:\windows\Downloaded Installations\BMP\{61C062D5-7A00-44BC-BC16-125BDF22EA65}\1033.MST
c:\windows\Downloaded Installations\BMP\{61C062D5-7A00-44BC-BC16-125BDF22EA65}\BACS.msi
c:\windows\system32\SET107.tmp
c:\windows\system32\SET108.tmp
c:\windows\system32\SET10B.tmp
c:\windows\system32\SET10C.tmp
c:\windows\system32\SET10D.tmp
c:\windows\system32\SET10E.tmp
c:\windows\system32\SET112.tmp
c:\windows\system32\SET113.tmp
c:\windows\system32\SET114.tmp
c:\windows\system32\SET12.tmp
c:\windows\system32\SET141.tmp
c:\windows\system32\SET142.tmp
c:\windows\system32\SET143.tmp
c:\windows\system32\SET18.tmp
c:\windows\system32\SET1E.tmp
c:\windows\system32\SET74.tmp
c:\windows\system32\SET75.tmp
c:\windows\system32\SET76.tmp
c:\windows\system32\SET77.tmp
c:\windows\system32\SET78.tmp
c:\windows\system32\SET79.tmp
c:\windows\system32\SET7A.tmp
c:\windows\system32\SET7B.tmp
c:\windows\system32\SET7F.tmp
c:\windows\system32\SET80.tmp
c:\windows\system32\SET81.tmp
c:\windows\system32\SET82.tmp
c:\windows\system32\SET83.tmp
c:\windows\system32\SET87.tmp
c:\windows\system32\SET89.tmp
c:\windows\system32\SET8B.tmp
c:\windows\system32\SET8C.tmp
c:\windows\system32\SET8E.tmp
c:\windows\system32\SET90.tmp
c:\windows\system32\SET91.tmp
c:\windows\system32\SET96.tmp
c:\windows\system32\SET97.tmp
c:\windows\system32\SET9A.tmp
c:\windows\system32\SET9C.tmp
c:\windows\system32\SET9D.tmp
c:\windows\system32\SET9E.tmp
c:\windows\system32\SETA2.tmp
c:\windows\system32\SETA3.tmp
c:\windows\system32\SETA4.tmp
c:\windows\system32\SETA6.tmp
c:\windows\system32\SETA7.tmp
c:\windows\system32\SETA8.tmp
.
.
((((((((((((((((((((((((( Files Created from 2011-12-03 to 2012-01-03 )))))))))))))))))))))))))))))))
.
.
2012-01-02 02:06 . 2012-01-02 02:06 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin7.dll
2012-01-02 02:05 . 2012-01-02 02:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2012-01-02 01:54 . 2012-01-02 11:18 -------- d-----w- c:\documents and settings\fritsch family\Application Data\Apple Computer
2012-01-01 20:04 . 2012-01-01 20:04 -------- d-----w- c:\documents and settings\fritsch family\Application Data\SUPERAntiSpyware.com
2012-01-01 20:04 . 2012-01-01 20:04 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2012-01-01 20:03 . 2012-01-01 20:03 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERSetup
2012-01-01 04:30 . 2012-01-02 00:26 -------- d-----w- c:\program files\MagicBerry
2012-01-01 04:22 . 2012-01-01 04:22 -------- d-----w- c:\program files\ADLSoft UnCompressor
2012-01-01 04:22 . 2012-01-01 04:25 902 ----a-w- C:\user.js
2012-01-01 04:03 . 2012-01-02 11:27 256 ----a-w- c:\windows\system32\pool.bin
2012-01-01 04:03 . 2012-01-01 04:03 -------- d-----w- c:\documents and settings\fritsch family\Application Data\Research In Motion
2012-01-01 04:00 . 2012-01-01 04:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Research In Motion
2012-01-01 03:59 . 2012-01-01 04:01 -------- d-----w- c:\program files\Research In Motion
2012-01-01 03:39 . 2009-01-09 21:18 27136 ----a-r- c:\windows\system32\drivers\RimSerial.sys
2012-01-01 03:39 . 2012-01-01 04:00 -------- d-----w- c:\program files\Common Files\Research in Motion
2011-12-27 16:32 . 2011-12-21 07:24 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2011-12-27 16:32 . 2011-12-21 04:30 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-27 16:32 . 2011-12-21 04:30 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2011-12-27 16:32 . 2011-12-21 04:30 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2011-12-14 23:38 . 2011-12-14 23:38 -------- d-----w- c:\documents and settings\All Users\Application Data\EA Core
2011-12-10 20:12 . 2011-12-11 20:07 -------- d-----w- c:\program files\Tag
2011-12-07 02:02 . 2011-12-07 02:02 -------- d-----w- c:\documents and settings\fritsch family\Application Data\Origin
2011-12-07 02:02 . 2011-12-07 02:02 -------- d-----w- c:\documents and settings\fritsch family\Local Settings\Application Data\Origin
2011-12-05 17:31 . 2011-12-07 02:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Origin
2011-12-05 17:31 . 2011-12-05 17:31 -------- d-----w- c:\program files\Origin Games
2011-12-05 17:31 . 2011-12-05 17:31 -------- d-----w- c:\program files\Origin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-01 19:24 . 2011-06-03 14:58 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-19 22:17 . 2009-08-18 15:30 564632 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\wlidui.dll
2011-12-19 22:17 . 2009-08-18 15:24 18328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-12-10 20:24 . 2010-06-07 15:44 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-28 18:01 . 2010-07-13 15:29 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2010-06-08 16:57 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-03-08 14:56 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2010-06-08 16:57 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2010-06-08 16:57 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2010-06-08 16:57 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2010-06-08 16:57 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2010-06-08 16:57 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2010-06-08 16:57 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2010-06-08 16:57 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-23 13:25 . 2004-08-10 18:51 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-04 19:20 . 2004-08-10 18:51 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2004-08-10 18:51 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2004-08-10 18:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-10 18:51 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2004-08-10 18:51 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2004-08-10 18:50 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2004-08-10 18:51 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2004-08-04 04:59 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-24 19:29 . 2011-10-24 19:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 19:29 . 2011-10-24 19:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-23 14:05 . 2010-12-22 04:06 270240 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-10-22 21:11 . 2010-12-22 03:50 270240 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-10-21 21:15 . 2010-12-22 03:50 138056 ----a-w- c:\documents and settings\fritsch family\Application Data\PnkBstrK.sys
2011-10-18 11:13 . 2004-08-10 18:51 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2004-08-10 19:02 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-15 14:44 . 2011-06-25 23:23 568832 ----a-w- c:\program files\mozilla firefox\plugins\msvcp90.dll
2011-03-15 14:44 . 2011-06-25 23:23 655872 ----a-w- c:\program files\mozilla firefox\plugins\msvcr90.dll
2011-12-21 07:24 . 2011-07-04 16:41 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2008-06-30 17:44 . 2008-05-09 18:47 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2006-08-29 395776]
"Weather"="c:\program files\AWS\WeatherBug\Weather.exe" [2010-10-29 1652736]
"Cookienator"="c:\program files\Cookienator\cookienator.exe" [2009-10-19 1333472]
"EADM"="c:\program files\Origin\Origin.exe" [2011-11-07 28846216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLA"="c:\windows\system32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"nwiz"="nwiz.exe" [BU]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-21 110184]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-21 12669544]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-11-28 3744552]
"lxdmmon.exe"="c:\program files\Lexmark 5000 Series\lxdmmon.exe" [2007-12-14 455336]
"lxdmamon"="c:\program files\Lexmark 5000 Series\lxdmamon.exe" [2007-12-14 25256]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2007-06-08 128560]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-08-24 623960]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Desktop Manager.lnk - c:\program files\Research In Motion\BlackBerry\DesktopMgr.exe [2009-8-24 1799512]
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ymetray.lnk]
backup=c:\windows\pss\ymetray.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-01-02 23:41 45056 -c--a-w- c:\program files\ATI Technologies\ATI.ACE\CLI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 10:42 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2006-08-29 03:57 395776 ----a-w- c:\program files\Dell Support\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2008-08-13 22:32 206064 -c--a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-07-27 22:50 221184 -c--a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-07-27 22:50 81920 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 10:42 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2006-08-15 09:00 282624 -c--a-w- c:\windows\stsystra.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Symantec Core LC"=3 (0x3)
"sprtsvc_dellsupportcenter"=2 (0x2)
"MDM"=2 (0x2)
"LiveUpdate Notice"=2 (0x2)
"LiveUpdate"=3 (0x3)
"gusvc"=3 (0x3)
"FreezeScreenSaver"=2 (0x2)
"CLTNetCnService"=2 (0x2)
"CD_Proxy"=2 (0x2)
"ccSetMgr"=2 (0x2)
"ccEvtMgr"=2 (0x2)
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"Automatic LiveUpdate Scheduler"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"AOL ACS"=2 (0x2)
"$sys$DRMServer"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\wbem\\unsecapp.exe"=
"c:\\WINDOWS\\system32\\HPZipm12.exe"=
"c:\\WINDOWS\\system32\\wbem\\wmiprvse.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwuSchd2.exe"=
"c:\\Program Files\\2K Games\\Firaxis Games\\Sid Meier's Civilization 4 Complete\\Civilization4.exe"=
"c:\\Program Files\\2K Games\\Firaxis Games\\Sid Meier's Civilization 4 Complete\\Warlords\\Civ4Warlords.exe"=
"c:\\Program Files\\2K Games\\Firaxis Games\\Sid Meier's Civilization 4 Complete\\Beyond the Sword\\Civ4BeyondSword.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\sid meier's civilization v - demo\\Launcher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\sid meier's civilization v - demo\\CivilizationV.exe"=
"c:\\Program Files\\New Folder\\Steam.exe"=
"c:\\Program Files\\EA Games\\Battlefield Play4Free\\BFP4f.exe"=
"c:\\WINDOWS\\system32\\lxdmcoms.exe"=
"c:\\Program Files\\Lexmark 5000 Series\\lxdmmon.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdmpswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdmjswx.exe"=
"c:\\Program Files\\New Folder\\SteamApps\\common\\spore\\Support\\EA Help\\Electronic_Arts_Technical_Support.htm"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\New Folder\\SteamApps\\common\\sid meier's civilization v\\Launcher.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
"67:UDP"= 67:UDP:DHCP Discovery Service
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [3/8/2011 9:56 AM 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [6/8/2010 11:57 AM 314456]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 11:27 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 4:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 6:38 PM 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/8/2010 11:57 AM 20568]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [4/19/2011 1:44 AM 993848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [1/24/2011 1:42 PM 57320]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [9/1/2010 3:30 AM 15544]
S0 $sys$cor;$sys$cor;c:\windows\system32\Drivers\$sys$cor.sys --> c:\windows\system32\Drivers\$sys$cor.sys [?]
S0 04029632;04029632 Boot Guard Driver;c:\windows\system32\DRIVERS\04029632.sys --> c:\windows\system32\DRIVERS\04029632.sys [?]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 $sys$crater;$sys$crater;\??\c:\windows\system32\$sys$filesystem\crater.sys --> c:\windows\system32\$sys$filesystem\crater.sys [?]
S1 04029631;04029631;c:\windows\system32\DRIVERS\04029631.sys --> c:\windows\system32\DRIVERS\04029631.sys [?]
S1 setup_9.0.0.722_25.03.2011_16-20drv;setup_9.0.0.722_25.03.2011_16-20drv;c:\windows\system32\DRIVERS\0402963.sys --> c:\windows\system32\DRIVERS\0402963.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6/6/2010 11:10 AM 136176]
S2 Secunia Update Agent;Secunia Update Agent; [x]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [6/6/2010 11:10 AM 136176]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [8/10/2004 1:51 PM 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]
S4 AMPingService;AMPingService; [x]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
.
2012-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-06 16:10]
.
2012-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-06 16:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.foxnews.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = hxxp://www.winpatrol.com/cgi-bin/plusinfo.pl?program=CTFMON.EXE&vendor=Microsoft%20Corporation&version=5.1.2600.5512&userid=&build=18.1.2010.0:18.1.2010.0&Type=1011&Loc=en&ext=EXE&verify=
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: secunia.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.10.1
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\fritsch family\Application Data\Mozilla\Firefox\Profiles\gzy47fsk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2866295&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.cnn.com
FF - prefs.js: keyword.URL - hxxp://mystart.incredibar.com/mb110/?loc=IB_DS&a=6PQjXGde6N&&i=26&search=
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6PQjXGde6N&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - acbf2e0200000000000000188b79174a
FF - user.js: extensions.incredibar_i.hardId - acbf2e0200000000000000188b79174a
FF - user.js: extensions.incredibar_i.instlDay - 15340
FF - user.js: extensions.incredibar_i.vrsn - 1.5.3.27
FF - user.js: extensions.incredibar_i.vrsni - 1.5.3.27
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.3.2723:24
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6PQjXGde6N
FF - user.js: extensions.incredibar_i.upn2n - 92542122502005621
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10556
FF - user.js: extensions.incredibar_i.ppd - 1000
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
MSConfigStartUp-ccleaner - c:\program files\CCleaner\CCleaner.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-03 11:18
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
C:\## aswSnx private storage
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Toolbar\QuickComplete]
@DACL=(02 0000)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(672)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
Completion time: 2012-01-03 11:24:32
ComboFix-quarantined-files.txt 2012-01-03 16:24
ComboFix2.txt 2011-04-19 20:33
ComboFix3.txt 2011-04-19 00:16
.
Pre-Run: 55,692,472,320 bytes free
Post-Run: 62,406,156,288 bytes free
.
- - End Of File - - 0B2B597460965CA7DC77A31884D19DE8

Please go to Jotti's malware scan
(If more than one file needs scanned they must be done separately and links posted for each one)

* Copy the file path in the below Code box:



* At the upload site, click once inside the window next to Browse.
* Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window.
* Next click Submit file
* Your file will possibly be entered into a queue which normally takes less than a minute to clear.
* This will perform a scan across multiple different virus scanning engines.
* Important: Wait for all of the scanning engines to complete.
* Once the scan is finished, Copy and then Paste the link in the address bar into your next reply.

It says that c:\windows\system32\DRIVERS\04029631.sys is a file not found

Ok. Let's see if it's hiding or not.

Re-running ComboFix to remove infections:

• Close any open browsers.
  
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  
• Open notepad and copy/paste the text in the quotebox below into it:
  

  
  KillAll::
  DDS::
  Trusted Zone: clonewarsadventures.com
  Trusted Zone: freerealms.com
  Trusted Zone: secunia.com
  Trusted Zone: soe.com
  Trusted Zone: sony.com
  
  Firefox::
  
  Trusted Zone: clonewarsadventures.com
  Trusted Zone: freerealms.com
  Trusted Zone: secunia.com
  Trusted Zone: soe.com
  Trusted Zone: sony.com
  
  File::
  c:\windows\system32\DRIVERS\04029631.sys
  
  Driver::
  04029631
  
  

  
  
• Save this as CFScript.txt, in the same location as ComboFix.exe
  
  
  
  
• Referring to the picture above, drag CFScript into ComboFix.exe
  
• When finished, it shall produce a log for you at C:\ComboFix.txt
  
• Please post the contents of the log in your next reply.
  

********************************************
SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

http://sites.google.com/site/sysprotantirootkit/

Unzip it into a folder on your desktop.

• Double click Sysprot.exe to start the program.
  
• Click on the Log tab.
  
• In the Write to log box select the following items.
  
  
  
  • Process << Selected
    
  • Kernel Modules << Selected
    
  • SSDT << Selected
    
  • Kernel Hooks << Selected
    
  • IRP Hooks << NOT Selected
    
  • Ports << NOT Selected
    
  • Hidden Files << Selected
    
  
  
• At the bottom of the page
  
  
  
  • Hidden Objects Only << Selected
    
  
  
• Click on the Create Log button on the bottom right.
  
• After a few seconds a new window should appear.
  
• Select Scan Root Drive. Click on the Start button.
  
• When it is complete a new window will appear to indicate that the scan is finished.
  
• The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.
  

here is the combofix logs...off to do the next scan..Thanks!:

ComboFix 12-01-04.02 - fritsch family 01/04/2012 11:28:06.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2492 [GMT -5:00]
Running from: c:\documents and settings\fritsch family\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\fritsch family\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Created a new restore point
.
FILE ::
"c:\windows\system32\DRIVERS\04029631.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TorrentEasy\fdmbtsupp.dll
c:\documents and settings\fritsch family\My Documents\Downloads\PowerPointViewer.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_04029631
-------\Service_04029631
.
.
((((((((((((((((((((((((( Files Created from 2011-12-04 to 2012-01-04 )))))))))))))))))))))))))))))))
.
.
2012-01-02 02:05 . 2012-01-02 02:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2012-01-02 01:54 . 2012-01-02 11:18 -------- d-----w- c:\documents and settings\fritsch family\Application Data\Apple Computer
2012-01-01 20:04 . 2012-01-01 20:04 -------- d-----w- c:\documents and settings\fritsch family\Application Data\SUPERAntiSpyware.com
2012-01-01 20:04 . 2012-01-01 20:04 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2012-01-01 20:03 . 2012-01-01 20:03 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERSetup
2012-01-01 04:30 . 2012-01-02 00:26 -------- d-----w- c:\program files\MagicBerry
2012-01-01 04:22 . 2012-01-01 04:22 -------- d-----w- c:\program files\ADLSoft UnCompressor
2012-01-01 04:22 . 2012-01-01 04:25 902 ----a-w- C:\user.js
2012-01-01 04:03 . 2012-01-04 16:44 256 ----a-w- c:\windows\system32\pool.bin
2012-01-01 04:03 . 2012-01-01 04:03 -------- d-----w- c:\documents and settings\fritsch family\Application Data\Research In Motion
2012-01-01 04:00 . 2012-01-01 04:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Research In Motion
2012-01-01 03:59 . 2012-01-01 04:01 -------- d-----w- c:\program files\Research In Motion
2012-01-01 03:39 . 2009-01-09 21:18 27136 ----a-r- c:\windows\system32\drivers\RimSerial.sys
2012-01-01 03:39 . 2012-01-01 04:00 -------- d-----w- c:\program files\Common Files\Research in Motion
2011-12-27 16:32 . 2011-12-21 07:24 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2011-12-27 16:32 . 2011-12-21 04:30 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-27 16:32 . 2011-12-21 04:30 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2011-12-27 16:32 . 2011-12-21 04:30 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2011-12-14 23:38 . 2011-12-14 23:38 -------- d-----w- c:\documents and settings\All Users\Application Data\EA Core
2011-12-10 20:12 . 2011-12-11 20:07 -------- d-----w- c:\program files\Tag
2011-12-07 02:02 . 2011-12-07 02:02 -------- d-----w- c:\documents and settings\fritsch family\Application Data\Origin
2011-12-07 02:02 . 2011-12-07 02:02 -------- d-----w- c:\documents and settings\fritsch family\Local Settings\Application Data\Origin
2011-12-05 17:31 . 2011-12-07 02:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Origin
2011-12-05 17:31 . 2011-12-05 17:31 -------- d-----w- c:\program files\Origin Games
2011-12-05 17:31 . 2011-12-05 17:31 -------- d-----w- c:\program files\Origin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-01 19:24 . 2011-06-03 14:58 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-19 22:17 . 2009-08-18 15:30 564632 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\wlidui.dll
2011-12-19 22:17 . 2009-08-18 15:24 18328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-12-10 20:24 . 2010-06-07 15:44 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-28 18:01 . 2010-07-13 15:29 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2010-06-08 16:57 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-03-08 14:56 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2010-06-08 16:57 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2010-06-08 16:57 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2010-06-08 16:57 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2010-06-08 16:57 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2010-06-08 16:57 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2010-06-08 16:57 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2010-06-08 16:57 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-23 13:25 . 2004-08-10 18:51 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-04 19:20 . 2004-08-10 18:51 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2004-08-10 18:51 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2004-08-10 18:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-10 18:51 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2004-08-10 18:51 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2004-08-10 18:50 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2004-08-10 18:51 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2004-08-04 04:59 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-24 19:29 . 2011-10-24 19:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 19:29 . 2011-10-24 19:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-23 14:05 . 2010-12-22 04:06 270240 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-10-22 21:11 . 2010-12-22 03:50 270240 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-10-21 21:15 . 2010-12-22 03:50 138056 ----a-w- c:\documents and settings\fritsch family\Application Data\PnkBstrK.sys
2011-10-18 11:13 . 2004-08-10 18:51 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2004-08-10 19:02 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-15 14:44 . 2011-06-25 23:23 568832 ----a-w- c:\program files\mozilla firefox\plugins\msvcp90.dll
2011-03-15 14:44 . 2011-06-25 23:23 655872 ----a-w- c:\program files\mozilla firefox\plugins\msvcr90.dll
2011-12-21 07:24 . 2011-07-04 16:41 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2008-06-30 17:44 . 2008-05-09 18:47 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2006-08-29 395776]
"Weather"="c:\program files\AWS\WeatherBug\Weather.exe" [2010-10-29 1652736]
"Cookienator"="c:\program files\Cookienator\cookienator.exe" [2009-10-19 1333472]
"EADM"="c:\program files\Origin\Origin.exe" [2011-11-07 28846216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLA"="c:\windows\system32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"nwiz"="nwiz.exe" [BU]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-21 110184]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-21 12669544]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-11-28 3744552]
"lxdmmon.exe"="c:\program files\Lexmark 5000 Series\lxdmmon.exe" [2007-12-14 455336]
"lxdmamon"="c:\program files\Lexmark 5000 Series\lxdmamon.exe" [2007-12-14 25256]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2007-06-08 128560]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-08-24 623960]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Desktop Manager.lnk - c:\program files\Research In Motion\BlackBerry\DesktopMgr.exe [2009-8-24 1799512]
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ymetray.lnk]
backup=c:\windows\pss\ymetray.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-01-02 23:41 45056 -c--a-w- c:\program files\ATI Technologies\ATI.ACE\CLI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 10:42 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2006-08-29 03:57 395776 ----a-w- c:\program files\Dell Support\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2008-08-13 22:32 206064 -c--a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-07-27 22:50 221184 -c--a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-07-27 22:50 81920 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 10:42 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2006-08-15 09:00 282624 -c--a-w- c:\windows\stsystra.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Symantec Core LC"=3 (0x3)
"sprtsvc_dellsupportcenter"=2 (0x2)
"MDM"=2 (0x2)
"LiveUpdate Notice"=2 (0x2)
"LiveUpdate"=3 (0x3)
"gusvc"=3 (0x3)
"FreezeScreenSaver"=2 (0x2)
"CLTNetCnService"=2 (0x2)
"CD_Proxy"=2 (0x2)
"ccSetMgr"=2 (0x2)
"ccEvtMgr"=2 (0x2)
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"Automatic LiveUpdate Scheduler"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"AOL ACS"=2 (0x2)
"$sys$DRMServer"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\wbem\\unsecapp.exe"=
"c:\\WINDOWS\\system32\\HPZipm12.exe"=
"c:\\WINDOWS\\system32\\wbem\\wmiprvse.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwuSchd2.exe"=
"c:\\Program Files\\2K Games\\Firaxis Games\\Sid Meier's Civilization 4 Complete\\Civilization4.exe"=
"c:\\Program Files\\2K Games\\Firaxis Games\\Sid Meier's Civilization 4 Complete\\Warlords\\Civ4Warlords.exe"=
"c:\\Program Files\\2K Games\\Firaxis Games\\Sid Meier's Civilization 4 Complete\\Beyond the Sword\\Civ4BeyondSword.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\sid meier's civilization v - demo\\Launcher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\sid meier's civilization v - demo\\CivilizationV.exe"=
"c:\\Program Files\\New Folder\\Steam.exe"=
"c:\\Program Files\\EA Games\\Battlefield Play4Free\\BFP4f.exe"=
"c:\\WINDOWS\\system32\\lxdmcoms.exe"=
"c:\\Program Files\\Lexmark 5000 Series\\lxdmmon.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdmpswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdmjswx.exe"=
"c:\\Program Files\\New Folder\\SteamApps\\common\\spore\\Support\\EA Help\\Electronic_Arts_Technical_Support.htm"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\New Folder\\SteamApps\\common\\sid meier's civilization v\\Launcher.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
"67:UDP"= 67:UDP:DHCP Discovery Service
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [3/8/2011 9:56 AM 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [6/8/2010 11:57 AM 314456]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 11:27 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 4:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 6:38 PM 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/8/2010 11:57 AM 20568]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [4/19/2011 1:44 AM 993848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [1/24/2011 1:42 PM 57320]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [9/1/2010 3:30 AM 15544]
S0 $sys$cor;$sys$cor;c:\windows\system32\Drivers\$sys$cor.sys --> c:\windows\system32\Drivers\$sys$cor.sys [?]
S0 04029632;04029632 Boot Guard Driver;c:\windows\system32\DRIVERS\04029632.sys --> c:\windows\system32\DRIVERS\04029632.sys [?]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 $sys$crater;$sys$crater;\??\c:\windows\system32\$sys$filesystem\crater.sys --> c:\windows\system32\$sys$filesystem\crater.sys [?]
S1 setup_9.0.0.722_25.03.2011_16-20drv;setup_9.0.0.722_25.03.2011_16-20drv;c:\windows\system32\DRIVERS\0402963.sys --> c:\windows\system32\DRIVERS\0402963.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6/6/2010 11:10 AM 136176]
S2 Secunia Update Agent;Secunia Update Agent; [x]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [6/6/2010 11:10 AM 136176]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [8/10/2004 1:51 PM 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]
S4 AMPingService;AMPingService; [x]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
.
2012-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-06 16:10]
.
2012-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-06 16:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.foxnews.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = hxxp://www.winpatrol.com/cgi-bin/plusinfo.pl?program=CTFMON.EXE&vendor=Microsoft%20Corporation&version=5.1.2600.5512&userid=&build=18.1.2010.0:18.1.2010.0&Type=1011&Loc=en&ext=EXE&verify=
TCP: DhcpNameServer = 192.168.10.1
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\fritsch family\Application Data\Mozilla\Firefox\Profiles\gzy47fsk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2866295&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.cnn.com
FF - prefs.js: keyword.URL - hxxp://mystart.incredibar.com/mb110/?loc=IB_DS&a=6PQjXGde6N&&i=26&search=
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6PQjXGde6N&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - acbf2e0200000000000000188b79174a
FF - user.js: extensions.incredibar_i.hardId - acbf2e0200000000000000188b79174a
FF - user.js: extensions.incredibar_i.instlDay - 15340
FF - user.js: extensions.incredibar_i.vrsn - 1.5.3.27
FF - user.js: extensions.incredibar_i.vrsni - 1.5.3.27
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.3.2723:24
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6PQjXGde6N
FF - user.js: extensions.incredibar_i.upn2n - 92542122502005621
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10556
FF - user.js: extensions.incredibar_i.ppd - 1000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-04 11:45
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Toolbar\QuickComplete]
@DACL=(02 0000)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(672)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(3748)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\mslbui.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\lxdmcoms.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\HPZipm12.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
c:\program files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
.
**************************************************************************
.
Completion time: 2012-01-04 11:51:18 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-04 16:51
ComboFix2.txt 2012-01-03 16:24
ComboFix3.txt 2011-04-19 20:33
ComboFix4.txt 2011-04-19 00:16
.
Pre-Run: 62,150,746,112 bytes free
Post-Run: 62,129,098,752 bytes free
.
- - End Of File - - 9A98581C6A6DC3A7991115F78E7D0789

here is the sysprot scan: Thank you!

SysProt AntiRootkit v1.0.1.0
by swatkat

******************************************************************************************
******************************************************************************************

No Hidden Processes found

******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: Combo-Fix.sys
Service Name: ---
Module Base: B8108000
Module End: B8117000
Hidden: Yes

Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys
Service Name: ---
Module Base: B43AA000
Module End: B43C2000
Hidden: Yes

Module Name: \SystemRoot\System32\Drivers\dump_WMILIB.SYS
Service Name: ---
Module Base: B864E000
Module End: B8650000
Hidden: Yes

Module Name: \??\C:\ComboFix\catchme.sys
Service Name: catchme
Module Base: B8438000
Module End: B8440000
Hidden: Yes

Module Name: \??\C:\WINDOWS\system32\Drivers\PROCEXP113.SYS
Service Name: ---
Module Base: B8620000
Module End: B8622000
Hidden: Yes

******************************************************************************************
******************************************************************************************
SSDT:
Function Name: ZwAddBootEntry
Address: B43FCFC4
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwAllocateVirtualMemory
Address: B4461510
Driver Base: B4457000
Driver End: B44A2000
Driver Name: \SystemRoot\System32\Drivers\aswSP.SYS

Function Name: ZwClose
Address: B44206A9
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateEvent
Address: B43FF456
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateEventPair
Address: B43FF4AE
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateIoCompletion
Address: B43FF5C4
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateKey
Address: B442005D
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateMutant
Address: B43FF3AC
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateSection
Address: B43FF4FE
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateSemaphore
Address: B43FF400
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateTimer
Address: B43FF572
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwDeleteBootEntry
Address: B43FCFE8
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwDeleteKey
Address: B4420D6F
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwDeleteValueKey
Address: B4421025
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwDuplicateObject
Address: B43FF848
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwEnumerateKey
Address: B4420BDA
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwEnumerateValueKey
Address: B4420A45
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwFreeVirtualMemory
Address: B44615C0
Driver Base: B4457000
Driver End: B44A2000
Driver Name: \SystemRoot\System32\Drivers\aswSP.SYS

Function Name: ZwLoadDriver
Address: B43FCDB2
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwModifyBootEntry
Address: B43FD00C
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwNotifyChangeKey
Address: B43FF9BC
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwNotifyChangeMultipleKeys
Address: B43FDAA4
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenEvent
Address: B43FF486
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenEventPair
Address: B43FF4D6
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenIoCompletion
Address: B43FF5EE
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenKey
Address: B44203B9
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenMutant
Address: B43FF3D8
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenProcess
Address: B43FF680
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenSection
Address: B43FF53E
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenSemaphore
Address: B43FF42E
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenThread
Address: B43FF764
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenTimer
Address: B43FF59C
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwProtectVirtualMemory
Address: B4461658
Driver Base: B4457000
Driver End: B44A2000
Driver Name: \SystemRoot\System32\Drivers\aswSP.SYS

Function Name: ZwQueryKey
Address: B44208C0
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwQueryObject
Address: B43FD96A
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwQueryValueKey
Address: B4420712
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwRenameKey
Address: B44699E6
Driver Base: B4457000
Driver End: B44A2000
Driver Name: \SystemRoot\System32\Drivers\aswSP.SYS

Function Name: ZwRestoreKey
Address: B441F6D0
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSetBootEntryOrder
Address: B43FD030
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSetBootOptions
Address: B43FD054
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSetSystemInformation
Address: B43FCE0C
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSetSystemPowerState
Address: B43FCF48
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSetValueKey
Address: B4420E76
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwShutdownSystem
Address: B43FCF24
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSystemDebugControl
Address: B43FCF6C
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwVdmControl
Address: B43FD078
Driver Base: B43EA000
Driver End: B4457000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

******************************************************************************************
******************************************************************************************
Kernel Hooks:
Hooked Function: ZwCreateProcessEx
At Address: 805D117A
Jump To: B44757A6
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS

Hooked Function: ZwClose
At Address: 805BC556
Jump To: B447269C
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS

Hooked Function: PsCreateSystemThread
At Address: 805D117A
Jump To: B44757A6
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS

Hooked Function: ObMakeTemporaryObject
At Address: 805BC556
Jump To: B447269C
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS

Hooked Function: ObInsertObject
At Address: 805C2FDA
Jump To: B447415C
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS

Hooked Function: ObCloseHandle
At Address: 805BC556
Jump To: B447269C
Module Name: C:\WINDOWS\System32\Drivers\aswSP.SYS

******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: C:\Qoobox\BackEnv\AppData.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Cache.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Cookies.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Desktop.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Favorites.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\History.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\LocalAppData.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\LocalSettings.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Music.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\NetHood.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Personal.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Pictures.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\PrintHood.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Profiles.Folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Profiles.Folder.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Programs.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Recent.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SendTo.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SetPath.bat
Status: Access denied

Object: C:\Qoobox\BackEnv\StartMenu.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\StartUp.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SysPath.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Templates.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\VikPev00
Status: Access denied

I hope I did this right. Superdave is my helper...I posted results on Wednesday and it is now Saturday...

thanks

brick

Sorry for the late response. I haven't been getting my notifications but I check this site about 3 times a day and didn't notice that you had responded.
Please tell me how your computer is working now?

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Not a problem, I was concerned about you...LOL! I also did not want to offend anyone by putting a notice in, but I didn't know how to address that situation..
Actually, what ever we had done thus far, has eliminated the my start/incredibar. I also removed that offending blackberry thing that brought it to the computer. I will run the scans tomorrow and post the results. thanks for getting back to me.
brick

The scan was clean, no viruses detected.

How's your computer running now? Any other issues?

Everything seems to be going well. It has not popped back up when opening a page and it is smooth running.

brick

Ok. Let's do some cleanup.

To uninstall ComboFix

• Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  
• In the field, type in ComboFix /uninstall
  

(Note: Make sure there's a space between the word ComboFix and the forward-slash.)

• Then, press Enter, or click OK.
  
• This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
  

*******************************************
Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
**********************************************
Looking over your log it seems you don't have any evidence of a third party firewall.

Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.

Remember only install ONE firewall

1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)
2) Online Armor
3) Agnitum Outpost
4) PC Tools Firewall Plus

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.
********************************************************
Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

This is so strange. I did all this and responded but have not heard from you...I checked today to a bump and I see my message never appeared. Ok. so I removed the combo and I put comodo on the computer...so far, good.
Should I do anything else?

brick

brick wrote:

This is so strange. I did all this and responded but have not heard from you...I checked today to a bump and I see my message never appeared. Ok. so I removed the combo and I put comodo on the computer...so far, good.
Should I do anything else?

brick

Sorry. This was my final post unless you have more problems.

OK great! Thanks for the help...I really appreciate you taking the time to help me through this.

brick

You're welcome.