Author Topic: Very Stubborn Virus; Seems to be Google Redirect Virus. (Read 17256 times)

AlecNeedsHelp · « **on:** July 24, 2012, 04:07:43 PM »

Hello. I hope you can help me with this problem I am having removing a virus.

Statements regarding to "Read this before requesting help" topic:
- I have avast antivirus.
- In the past I have downloaded firewalls, but all of them seem to conflict with my antivirus, and I do not want to download one now, because if it gets in the way of avast, my computer would be very vulnerable.
- All of the programs listed in my "Add or Remove Programs" look legitimate.
- I have ran CCleaner.
- I have scanned with MBAM, and SAS.
- Not sure if I should update Java because one of my scans found and quarantined files that were infected that were in Java folder.
- I think the links to DDS are broken. Both of them.

Here are my logs, and a little bit more info

SAS- (Seems to have found only minor stuff, but I am still glad to have it off of my computer.)

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/23/2012 at 05:54 PM

Application Version : 5.5.1012

Core Rules Database Version : 8944
Trace Rules Database Version: 6756

Scan type : Complete Scan
Total Scan Time : 01:33:08

Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 497
Memory threats detected : 0
Registry items scanned : 36165
Registry threats detected : 3
File items scanned : 99971
File threats detected : 468

Adware.Tracking Cookie
   C:\Documents and Settings\Harris Family\Cookies\6II0DJW7.txt [ /a1.interclick.com ]
   C:\Documents and Settings\Harris Family\Cookies\C1R0P4S6.txt [ /invitemedia.com ]
   C:\Documents and Settings\Harris Family\Cookies\9CFHAKGM.txt [ /accounts.google.com ]
   C:\Documents and Settings\Harris Family\Cookies\59AH4LSU.txt [ /lucidmedia.com ]
   C:\Documents and Settings\Harris Family\Cookies\UOYHX1LC.txt [ /ads.intergi.com ]
   C:\Documents and Settings\Harris Family\Cookies\B991KQ20.txt [ /interclick.com ]
   C:\Documents and Settings\Harris Family\Cookies\962CLA4X.txt [ /media6degrees.com ]
   C:\Documents and Settings\Harris Family\Cookies\SJHYXN1Z.txt [ /legolas-media.com ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\KG32282E.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\1U6V4YQ1.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\ADJW3CGR.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\LIE1BF04.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\BDRC1NMB.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\JIFFJK75.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\AOSRA3I1.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\EK4XOE83.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\JO28VTCY.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\UTZI3LCQ.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\NVOKQQUH.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\BBDMF8KV.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\Y3KP97KI.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\BJGQ881E.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\2GEXNZJC.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\444CSW5G.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\2R8RE12O.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\KD4NQ39D.txt [ Cookie:[email protected]/cgi-bin ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\VWMS8BUD.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\MUYVVE7F.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\QTD0ID5E.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\QXWUZ2CR.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\LIHS1J9C.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\TCO47V0U.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\WPL5VGUR.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\RG6Z8XEI.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\PI54Z7HJ.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\24QUOBKT.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\EGOYB8UH.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\CWNAYJDW.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\CNXZN8O3.txt [ Cookie:[email protected]/ ]
   C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\L11OAJ0Z.txt [ Cookie:[email protected]/ ]
   core.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PT2KBDVV ]
   core.saymedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PT2KBDVV ]
   static.discoverymedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PT2KBDVV ]
   .at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .hotwire.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   a.intentmedia.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   a.intentmedia.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   a.intentmedia.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .hyatt.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   lfscpttracking.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .game-advertising-online.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   in.getclicky.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .adxpose.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .dmtracker.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .kanoodle.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .nextag.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .nextag.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .nextag.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .mediafire.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .technoratimedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .technoratimedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ads.saymedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .saymedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .mm.chitika.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .apmebf.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ads.gamesbannernet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ads.gamesbannernet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .account.hirezstudios.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .weborama.fr [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .velux.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .velux.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .velux.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .velux.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ads1.zenoviaexchange.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   insight.torbit.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   *Blocked Russian URL* [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .media.adfrontiers.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .mediafire.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .mediafire.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   dc.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   technorati.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .*censored*.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .*censored*.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .*censored*.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .*censored*.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .verizontelecom.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .nandomedia.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .s.clickability.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .s.clickability.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   tracking.waterfrontmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .andomedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   hhm.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   hhm.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .statcounter.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   adx.kat.ph [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .adlegend.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .adlegend.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   *Blocked Russian URL* [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   *Blocked Russian URL* [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .solvemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .solvemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   7.rotator.wigetmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   7.rotator.wigetmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .click.payperclick.co.il [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .onondagacountyparks.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .onondagacountyparks.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   onondagacountyparks.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   partners.mediaextension.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .saymedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .martiniadnetwork.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .martiniadnetwork.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .martiniadnetwork.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .martiniadnetwork.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .xiti.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .microsoftsto.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .myfuncards.dl.mywebsearch.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .mywebsearch.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   click.myfeedpointcenter.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   mediaservices-d.openxenterprise.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   sales.liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .stats.paypal.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   www.burstbeacon.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .burstbeacon.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .pro-market.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .pro-market.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   server.iad.liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   www.3dstats.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .media.adfrontiers.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .statcounter.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   uol.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .uol.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .azjmp.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .azjmp.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .citygridmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .citygridmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .citygridmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .citygridmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .citygridmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .citygridmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .pro-market.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ad2.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .pro-market.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .pro-market.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .apmebf.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   accounts.google.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .accounts.google.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .accounts.google.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .accounts.google.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .apmebf.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
   .at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .apmebf.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .mediaplex.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .atdmt.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .clickbooth.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .statcounter.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .technoratimedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .technoratimedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ru4.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .apmebf.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   www.burstbeacon.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .burstbeacon.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adbrite.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .pro-market.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ru4.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   in.getclicky.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   insight.torbit.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .accounts.google.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .accounts.google.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   accounts.google.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adlegend.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ru4.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .dmtracker.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adbrite.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .game-advertising-online.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   gr.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .pro-market.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .questionmarket.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .questionmarket.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .fastclick.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .mediaplex.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .atdmt.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .c1.atdmt.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   media.mtvnservices.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PL5EZE4A ]
   media.scanscout.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PL5EZE4A ]
   mediacast.realgravity.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PL5EZE4A ]
   objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PL5EZE4A ]
   secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PL5EZE4A ]
   ad.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MRTPR3HB ]
   cdn.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MRTPR3HB ]
   cdn2.baronsmedia.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MRTPR3HB ]
   crackle.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MRTPR3HB ]
   ds.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MRTPR3HB ]
   media.scanscout.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MRTPR3HB ]
   media1.break.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MRTPR3HB ]
   mediacast.realgravity.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MAC

SuperDave · « **Reply #1 on:** July 24, 2012, 04:32:19 PM »

Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
**************************************************

Quote

I think the links to DDS are broken. Both of them.

They are working for me. Please try this instead:

Download Combofix from any of the links below, and save it to your DESKTOP.

Link 1
Link 2
Link 3

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

Close any open windows and double click ComboFix.exe to run it.

You will see the following image:

Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

AlecNeedsHelp · « **Reply #2 on:** July 24, 2012, 05:16:33 PM »

Results of screen317's Security Check version 0.99.43
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````[/u]
SUPERAntiSpyware
Malwarebytes Anti-Malware version 1.62.0.1300
CCleaner
JavaFX 2.0.3
Java(TM) 7 Update 3
Java version out of Date!
Adobe Flash Player 11.3.300.265
Adobe Reader X (10.1.3)
Mozilla Firefox (14.0.1)
````````Process Check: objlist.exe by Laurent````````[/u]
Mozilla Firefox AvastSvc.exe -?-
Mozilla Firefox AvastUI.exe -?-
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C:: 26% Defragment your hard drive soon!
````````````````````End of Log``````````````````````[/u]

Looking at this I can run Advanced Systemcare for OIBit if recommended.

Quote from: SuperDave on July 24, 2012, 04:32:19 PM

To prevent your anti-virus application interfering with ComboFix we need to disable it.

Avast antivirus seems to be the only thing between this virus any my computer right now. Could I just run it without disabling my antivirus, or tell my antivirus it's a trusted application? I really don't feel comfortable disabling my antivirus.

SuperDave · « **Reply #3 on:** July 24, 2012, 07:34:56 PM »

Update Your Java (JRE)

Old versions of Java have vulnerabilities that malware can use to infect your system.

First Verify your Java Version

If there are any other version(s) installed then update now.

Get the new version (if needed)

If your version is out of date install the newest version of the Sun Java Runtime Environment.

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close ALL open web browsers before starting the installation.

Remove any old versions

1. Download JavaRa and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.

Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
**********************************************************

Quote

Total Fragmentation on Drive C:: 26% Defragment your hard drive soon!

You need to defrag your hard drive. If you need help doing this, let me know.
ComboFix physically disconnects your computer from the internet when running so it should be safe. The malware is already on your computer.

AlecNeedsHelp · « **Reply #4 on:** July 24, 2012, 09:43:59 PM »

I will update my java, and I will defrag my drive.

I hope I am not being very annoying when I ask again if I can just tell avast antivirus to trust ComboFix in the settings. I know now that it disconnects the computer from the internet, but I'm not certain that will protect my computer, because I don't think the virus needs internet connection to do harm to my computer.

SuperDave · « **Reply #5 on:** July 25, 2012, 05:20:33 PM »

Quote

I hope I am not being very annoying when I ask again if I can just tell avast antivirus to trust ComboFix in the settings. I know now that it disconnects the computer from the internet, but I'm not certain that will protect my computer, because I don't think the virus needs internet connection to do harm to my computer.

Trust me. The damage has already been done to your computer. You can run ComboFix without disabling your AV but it may give some problems.

AlecNeedsHelp · « **Reply #6 on:** July 26, 2012, 02:35:52 PM »

I've defragged my hard drive, updated java, removed older versions of java, and ran combofix.

Here you go.

ComboFix 12-07-27.02 - Harris Family 07/26/2012 15:55:04.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.931 [GMT -4:00]
Running from: c:\documents and settings\Harris Family\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\documents and settings\Harris Family\Application Data\Toolbar4
c:\windows\system32\SET2E6.tmp
c:\windows\system32\SET76C.tmp
c:\windows\system32\SET770.tmp
c:\windows\system32\SET771.tmp
c:\windows\system32\SET776.tmp
c:\windows\system32\SET77A.tmp
c:\windows\system32\SET7D0.tmp
c:\windows\system32\SET7D2.tmp
c:\windows\system32\SET7D6.tmp
c:\windows\system32\SET7DE.tmp
c:\windows\system32\SETE38.tmp
c:\windows\system32\SETE39.tmp
c:\windows\system32\SETE3D.tmp
c:\windows\system32\SETE3E.tmp
c:\windows\system32\SETE3F.tmp
c:\windows\system32\SETE43.tmp
c:\windows\system32\SETE45.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-06-26 to 2012-07-26 )))))))))))))))))))))))))))))))
.
.
2012-07-26 19:35 . 2012-07-26 19:35   --------   d-----w-   c:\program files\Oracle
2012-07-26 19:34 . 2012-07-26 19:31   143872   ----a-w-   c:\windows\system32javacpl.cpl
2012-07-26 19:33 . 2012-07-06 02:07   143872   ----a-w-   c:\windows\system32\javacpl.cpl
2012-07-23 20:18 . 2012-07-23 20:18   --------   d-----w-   c:\documents and settings\Harris Family\Application Data\SUPERAntiSpyware.com
2012-07-23 20:18 . 2012-07-23 20:18   --------   d-----w-   c:\program files\SUPERAntiSpyware
2012-07-23 20:18 . 2012-07-23 20:18   --------   d-----w-   c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2012-07-23 20:17 . 2012-07-23 20:17   --------   d-----w-   c:\documents and settings\All Users\Application Data\SUPERSetup
2012-07-23 17:22 . 2012-07-03 17:46   22344   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-07-20 23:23 . 2012-07-22 04:08   --------   d-----w-   c:\documents and settings\Harris Family\Application Data\vlc
2012-07-20 23:20 . 2012-07-20 23:20   --------   d-----w-   c:\program files\VideoLAN
2012-07-12 07:22 . 2012-07-12 07:22   --------   d-----w-   c:\program files\LogMeIn Hamachi
2012-07-08 19:11 . 2012-07-08 19:11   --------   d-----w-   c:\windows\system32\wbem\Repository
2012-07-05 19:57 . 2012-07-05 19:53   3130440   ----a-w-   c:\windows\system32\pbsvc_blr.exe
2012-07-05 19:56 . 2012-07-05 19:56   --------   d-----w-   c:\program files\NVIDIA Corporation
2012-07-05 19:55 . 2012-07-05 19:55   --------   d-----w-   c:\program files\Common Files\Wise Installation Wizard
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 22:30 . 2012-04-02 23:13   426184   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-07-11 22:30 . 2011-09-29 03:46   70344   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 02:06 . 2011-10-19 17:17   772544   ----a-w-   c:\windows\system32\npdeployJava1.dll
2012-07-06 02:06 . 2010-09-07 18:43   687544   ----a-w-   c:\windows\system32\deployJava1.dll
2012-07-05 19:58 . 2012-05-28 06:43   138056   ----a-w-   c:\windows\system32\drivers\PnkBstrK.sys
2012-07-05 19:58 . 2012-01-10 20:02   138056   ----a-w-   c:\documents and settings\Harris Family\Application Data\PnkBstrK.sys
2012-07-05 19:57 . 2012-05-28 06:42   189248   ----a-w-   c:\windows\system32\PnkBstrB.exe
2012-07-05 19:57 . 2012-01-10 20:02   189248   ----a-w-   c:\windows\system32\PnkBstrB.ex0
2012-07-05 19:57 . 2012-05-28 06:42   76888   ----a-w-   c:\windows\system32\PnkBstrA.exe
2012-06-20 16:56 . 2012-01-30 04:25   71104   ----a-w-   c:\windows\CouponPrinter.ocx
2012-06-13 13:19 . 2008-04-14 12:00   1866112   ----a-w-   c:\windows\system32\win32k.sys
2012-06-05 15:50 . 2008-04-14 12:00   1372672   ----a-w-   c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2008-04-14 12:00   1172480   ----a-w-   c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2008-04-14 12:00   152576   ----a-w-   c:\windows\system32\schannel.dll
2012-06-02 19:19 . 2009-08-07 00:24   22040   ----a-w-   c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19 . 2010-01-13 03:03   329240   ----a-w-   c:\windows\system32\wucltui.dll
2012-06-02 19:19 . 2010-01-13 03:03   219160   ----a-w-   c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19 . 2010-01-13 03:03   210968   ----a-w-   c:\windows\system32\wuweb.dll
2012-06-02 19:19 . 2009-08-07 00:24   15384   ----a-w-   c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19 . 2010-01-13 03:03   53784   ----a-w-   c:\windows\system32\wuauclt.exe
2012-06-02 19:19 . 2010-01-13 03:03   35864   ----a-w-   c:\windows\system32\wups.dll
2012-06-02 19:19 . 2009-08-07 00:24   45080   ----a-w-   c:\windows\system32\wups2.dll
2012-06-02 19:19 . 2009-08-07 00:24   15384   ----a-w-   c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19 . 2008-04-14 12:00   97304   ----a-w-   c:\windows\system32\cdm.dll
2012-06-02 19:19 . 2009-08-07 00:24   17944   ----a-w-   c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:19 . 2010-01-13 03:03   577048   ----a-w-   c:\windows\system32\wuapi.dll
2012-06-02 19:19 . 2010-01-13 03:03   1933848   ----a-w-   c:\windows\system32\wuaueng.dll
2012-06-02 19:18 . 2010-02-01 09:47   275696   ----a-w-   c:\windows\system32\mucltui.dll
2012-06-02 19:18 . 2010-02-01 09:47   214256   ----a-w-   c:\windows\system32\muweb.dll
2012-06-02 19:18 . 2010-02-01 09:47   17136   ----a-w-   c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22 . 2008-04-14 12:00   599040   ----a-w-   c:\windows\system32\crypt32.dll
2012-05-30 20:32 . 2012-01-10 20:11   282104   ----a-w-   c:\windows\system32\PnkBstrB.xtr
2012-05-16 15:08 . 2008-04-14 12:00   916992   ----a-w-   c:\windows\system32\wininet.dll
2012-05-11 14:42 . 2008-04-14 12:00   43520   ----a-w-   c:\windows\system32\licmgr10.dll
2012-05-11 14:42 . 2008-04-14 12:00   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2008-04-14 12:00   385024   ----a-w-   c:\windows\system32\html.iec
2012-05-04 13:16 . 2008-04-14 12:00   2148352   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32 . 2008-04-14 00:01   2026496   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2010-01-13 03:01   139656   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2012-07-18 18:57 . 2012-06-19 01:31   136672   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\ERDNT\cache\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . D9F19E78F98834CB411D6AD3C68D181A . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
.
((((((((((((((((((((((((((((( SnapShot@2011-09-29_05.36.58 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 06:19 . 2007-11-07 06:19   54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 10:07 . 2008-07-29 10:07   59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 10:07 . 2008-07-29 10:07   59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2006-12-02 05:26 . 2006-12-02 05:26   57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-02 05:25 . 2006-12-02 05:25   69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2009-07-12 00:41 . 2009-07-12 00:41   97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2012-03-10 00:57 . 2012-03-10 00:57   49152 c:\windows\WinSxS\MSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8\MOM.EXE
+ 2012-01-11 08:05 . 2012-01-11 08:05   21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
- 2011-01-10 08:08 . 2011-01-10 08:08   21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
+ 2012-03-10 00:57 . 2012-03-10 00:57   86016 c:\windows\WinSxS\MSIL_LOG_90ba9c70f846762e_2.0.3693.42530_x-ww_47e32df4\LOG.EXE
+ 2012-03-10 00:57 . 2012-03-10 00:57   49152 c:\windows\WinSxS\MSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733\CLI.EXE
+ 2012-03-10 00:57 . 2012-03-10 00:57   49152 c:\windows\WinSxS\MSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0\CCC.EXE
+ 2012-07-26 19:19 . 2012-07-26 19:19   16384 c:\windows\Temp\Perflib_Perfdata_c58.dat
+ 2012-07-26 19:36 . 2012-07-26 19:36   16384 c:\windows\Temp\Perflib_Perfdata_9b8.dat
+ 2010-04-27 18:45 . 2010-04-27 18:45   72856 c:\windows\system32\xliveinstallhost.exe
- 2010-05-02 19:32 . 2007-04-04 22:53   81768 c:\windows\system32\xinput1_3.dll
+ 2010-05-02 19:32 . 2007-04-04 23:53   81768 c:\windows\system32\xinput1_3.dll
- 2010-05-02 19:33 . 2010-02-04 14:01   74072 c:\windows\system32\XAPOFX1_4.dll
+ 2010-05-02 19:33 . 2010-02-04 15:01   74072 c:\windows\system32\XAPOFX1_4.dll
+ 2010-05-02 19:32 . 2008-07-31 15:41   68616 c:\windows\system32\XAPOFX1_1.dll
- 2010-05-02 19:32 . 2008-07-31 14:41   68616 c:\windows\system32\XAPOFX1_1.dll
- 2010-05-02 19:33 . 2010-02-04 14:01   22360 c:\windows\system32\X3DAudio1_7.dll
+ 2010-05-02 19:33 . 2010-02-04 15:01   22360 c:\windows\system32\X3DAudio1_7.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56   14848 c:\windows\system32\wsmprovhost.exe
+ 2009-10-09 19:56 . 2009-10-09 19:56   12288 c:\windows\system32\wsmplpxy.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56   12288 c:\windows\system32\winrssrv.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56   22528 c:\windows\system32\winrshost.exe
+ 2009-10-09 21:22 . 2009-10-09 21:22   69632 c:\windows\system32\winrs.exe
+ 2009-10-09 19:56 . 2009-10-09 19:56   25088 c:\windows\system32\winrmprov.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56   24064 c:\windows\system32\WindowsPowerShell\v1.0\pwrshsip.dll
+ 2010-01-12 03:54 . 2008-04-14 10:42   53760 c:\windows\system32\vfwwdm32.dll
- 2010-01-12 03:54 . 2008-04-14 09:42   53760 c:\windows\system32\vfwwdm32.dll
+ 1998-12-24 15:23 . 1998-12-24 15:23   40960 c:\windows\system32\VBAME.DLL
- 2008-04-14 12:00 . 2010-11-03 13:12   46080 c:\windows\system32\tzchange.exe
+ 2008-04-14 12:00 . 2011-11-08 13:46   46080 c:\windows\system32\tzchange.exe
+ 2012-06-21 06:53 . 2012-06-02 19:19   45080 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.6.7600.256\wups2.dll
+ 2012-06-21 06:53 . 2012-06-02 19:19   35864 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.6.7600.256\wups.dll
+ 2011-06-16 07:34 . 2011-06-16 07:34   79872 c:\windows\system32\SlotMaximizerAg.dll
+ 1998-03-25 00:54 . 1998-03-25 00:54   15872 c:\windows\system32\SCP32.DLL
+ 2012-03-06 23:16 . 2005-04-15 02:10   73728 c:\windows\system32\ReinstallBackups\0001\DriverFiles\Oemdspif.dll
+ 2012-03-06 23:16 . 2001-11-09 15:01   24064 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ativcoxx.dll
+ 2012-03-06 23:16 . 2005-04-15 01:45   17408 c:\windows\system32\ReinstallBackups\0001\DriverFiles\atitvo32.dll
+ 2012-03-06 23:16 . 2005-04-15 02:11   94208 c:\windows\system32\ReinstallBackups\0001\DriverFiles\atipdlxx.dll
+ 2012-03-06 23:16 . 2005-04-08 20:42   87540 c:\windows\system32\ReinstallBackups\0001\DriverFiles\atiicdxx.dat
+ 2012-03-06 23:16 . 2005-04-15 02:09   53248 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ATIDDC.DLL
+ 2012-03-06 23:16 . 2005-04-15 02:10   25088 c:\windows\system32\ReinstallBackups\0001\DriverFiles\Ati2mdxx.exe
+ 2012-03-06 23:16 . 2005-04-15 02:10   46080 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2evxx.dll
+ 2012-03-06 23:16 . 2005-04-15 01:45   36864 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2erec.dll
+ 2012-03-06 23:16 . 2005-04-15 02:10   39936 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2edxx.dll
+ 2012-03-10 00:46 . 2005-04-15 02:10   73728 c:\windows\system32\ReinstallBackups\0000\DriverFiles\Oemdspif.dll
+ 2012-03-10 00:46 . 2001-11-09 15:01   24064 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ativcoxx.dll
+ 2012-03-10 00:46 . 2005-04-15 01:45   17408 c:\windows\system32\ReinstallBackups\0000\DriverFiles\atitvo32.dll
+ 2012-03-10 00:46 . 2005-04-15 02:11   94208 c:\windows\system32\ReinstallBackups\0000\DriverFiles\atipdlxx.dll
+ 2012-03-10 00:46 . 2005-04-08 20:42   87540 c:\windows\system32\ReinstallBackups\0000\DriverFiles\atiicdxx.dat
+ 2012-03-10 00:46 . 2005-04-15 02:09   53248 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ATIDDC.DLL
+ 2012-03-10 00:46 . 2005-04-15 02:10   25088 c:\windows\system32\ReinstallBackups\0000\DriverFiles\Ati2mdxx.exe
+ 2012-03-10 00:46 . 2005-04-15 02:10   46080 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2evxx.dll
+ 2012-03-10 00:46 . 2005-04-15 01:45   36864 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2erec.dll
+ 2012-03-10 00:46 . 2005-04-15 02:10   39936 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2edxx.dll
+ 2012-03-09 20:29 . 2011-12-30 22:03   21336 c:\windows\system32\RegistryDefragBootTime.exe
+ 2009-10-09 21:22 . 2009-10-09 21:22   42496 c:\windows\system32\pwrshplugin.dll
+ 2005-10-29 04:49 . 2005-10-29 04:49   84480 c:\windows\system32\pintool.exe
+ 2008-04-14 12:00 . 2012-06-14 07:22   85886 c:\windows\system32\perfc009.dat
+ 2008-04-14 12:00 . 2011-11-18 12:35   60416 c:\windows\system32\packager.exe
+ 2011-10-26 02:21 . 2011-10-26 02:21   56832 c:\windows\system32\OVDecoder.dll
+ 2000-01-11 04:33 . 2000-01-11 04:33   65586 c:\windows\system32\OUTLWAB.DLL
+ 2011-10-26 02:21 . 2011-10-26 02:21   56832 c:\windows\system32\OpenVideo.dll
+ 2011-10-26 02:19 . 2011-10-26 02:19   44032 c:\windows\system32\OpenCL.dll
+ 2008-04-14 12:00 . 2011-09-26 15:41   20480 c:\windows\system32\oleaccrc.dll
+ 2007-02-22 14:48 . 2007-02-22 14:48   68896 c:\windows\system32\NiViSv32.dll
+ 1998-08-09 14:07 . 1998-08-09 14:07   94208 c:\windows\system32\MSSTKPRP.DLL
+ 1999-01-22 18:46 . 1999-01-22 18:46   65536 c:\windows\system32\MSRTEDIT.DLL
+ 1999-10-13 21:12 . 1999-10-13 21:12   28944 c:\windows\system32\MSRECR40.DLL
+ 1997-07-11 04:00 . 1997-07-11 04:00   22016 c:\windows\system32\MSIMRT32.DLL
+ 1997-07-11 04:00 . 1997-07-11 04:00   10544 c:\windows\system32\MSIMRT16.DLL
+ 1997-07-11 04:00 . 1997-07-11 04:00   14336 c:\windows\system32\MSIMRT.DLL
+ 2008-04-14 12:00 . 2012-05-11 14:42   67072 c:\windows\system32\mshtmled.dll
- 2009-03-08 09:31 . 2011-04-25 16:11   55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 09:31 . 2012-05-11 14:42   55296 c:\windows\system32\msfeedsbs.dll
+ 2011-11-11 00:15 . 2011-11-11 00:15   19240 c:\windows\system32\mlfcache.dat
+ 1998-06-17 06:08 . 1998-06-17 06:08   53248 c:\windows\system32\MFC42ENU.DLL
+ 1999-03-03 15:05 . 1999-03-03 15:05   81920 c:\windows\system32\MDT2FW95.DLL
- 2008-04-14 12:00 . 2008-04-14 12:00   23040 c:\windows\system32\mciseq.dll
+ 2008-04-14 12:00 . 2011-10-14 14:47   23040 c:\windows\system32\mciseq.dll
+ 1998-10-01 16:00 . 1998-10-01 16:00   40208 c:\windows\system32\MAPISRVR.EXE
+ 2011-11-22 15:50 . 2011-11-22 15:50   98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
- 2011-02-02 13:35 . 2011-02-02 13:35   98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
- 2011-02-02 13:35 . 2011-02-02 13:35   86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
+ 2011-11-22 15:50 . 2011-11-22 15:50   86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
+ 2011-11-22 15:50 . 2011-11-22 15:50   77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
- 2011-02-02 13:35 . 2011-02-02 13:35   77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
+ 2011-11-22 15:50 . 2011-11-22 15:50   24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
- 2011-02-02 13:35 . 2011-02-02 13:35   24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2002-10-21 19:29 . 2002-10-21 19:29   76800 c:\windows\system32\Lvgl13n.dll
+ 2002-10-21 19:30 . 2002-10-21 19:30   74240 c:\windows\system32\Lvdx13n.dll
+ 2002-10-21 19:01 . 2002-10-21 19:01   30208 c:\windows\system32\LTWND13n.DLL
+ 2002-10-24 21:12 . 2002-10-24 21:12   53248 c:\windows\system32\LTWEB13n.dll
+ 2002-10-24 21:10 . 2002-10-24 21:10   35328 c:\windows\system32\LTTWN13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   32256 c:\windows\system32\LTTMB13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   95232 c:\windows\system32\LTPDG13N.DLL
+ 2002-10-21 19:02 . 2002-10-21 19:02   61952 c:\windows\system32\LTNET13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   51200 c:\windows\system32\LTLST13N.DLL
+ 2002-10-21 19:01 . 2002-10-21 19:01   35328 c:\windows\system32\LTISI13N.DLL
+ 2000-07-07 10:49 . 2000-07-07 10:49   69120 c:\windows\system32\LTDLL.DLL
+ 2002-10-24 21:10 . 2002-10-24 21:10   65024 c:\windows\system32\LTBAR13N.DLL
+ 2002-10-21 19:05 . 2002-10-21 19:05   25600 c:\windows\system32\LFXWD13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   47104 c:\windows\system32\lfXpm13n.dll
+ 2002-10-24 21:11 . 2002-10-24 21:11   45056 c:\windows\system32\lfXbm13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05   20480 c:\windows\system32\LFWPG13N.DLL
+ 2002-10-21 19:38 . 2002-10-21 19:38   33280 c:\windows\system32\LFWMP13N.DLL
+ 2002-10-21 19:38 . 2002-10-21 19:38   76800 c:\windows\system32\Lfwmf13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05   19968 c:\windows\system32\LFWFX13N.DLL
+ 2002-10-21 19:34 . 2002-10-21 19:34   33280 c:\windows\system32\LFVEC13N.DLL
+ 2002-10-21 19:05 . 2002-10-21 19:05   24576 c:\windows\system32\LFTGA13N.DLL
+ 2002-10-21 19:37 . 2002-10-21 19:37   33792 c:\windows\system32\LFSMP13n.dll
+ 2002-10-10 02:53 . 2002-10-10 02:53   82944 c:\windows\system32\LFSHP13N.DLL
+ 2002-10-21 19:05 . 2002-10-21 19:05   20480 c:\windows\system32\LFSGI13N.DLL
+ 2002-10-21 19:37 . 2002-10-21 19:37   58368 c:\windows\system32\LFSCT13N.DLL
+ 2002-10-21 19:06 . 2002-10-21 19:06   17920 c:\windows\system32\lfRaw13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05   20480 c:\windows\system32\LFRAS13N.DLL
+ 2002-10-21 19:38 . 2002-10-21 19:38   69632 c:\windows\system32\LFPTK13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05   55296 c:\windows\system32\LFPSD13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   31232 c:\windows\system32\LFPNM13n.dll
+ 2002-10-21 19:04 . 2002-10-21 19:04   26112 c:\windows\system32\LFPCX13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04   65536 c:\windows\system32\Lfpct13n.dll
+ 2002-10-24 21:11 . 2002-10-24 21:11   19968 c:\windows\system32\LFPCD13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04   18944 c:\windows\system32\LFMSP13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04   18944 c:\windows\system32\LFMAC13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04   31744 c:\windows\system32\LFLMB13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   29184 c:\windows\system32\LFLMA13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   90112 c:\windows\system32\LFJBG13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   19968 c:\windows\system32\LFITG13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   20992 c:\windows\system32\LFIMG13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   27136 c:\windows\system32\LFIFF13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   48128 c:\windows\system32\LFICA13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   35328 c:\windows\system32\LFGIF13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   84480 c:\windows\system32\LFFPX13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   38400 c:\windows\system32\LFFLC13N.DLL
+ 2002-10-22 16:51 . 2002-10-22 16:51   73216 c:\windows\system32\LFFAX13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   37888 c:\windows\system32\LFEPS13N.DLL
+ 2002-10-21 19:32 . 2002-10-21 19:32   94208 c:\windows\system32\LFDRW13N.DLL
+ 2002-10-21 19:32 . 2002-10-21 19:32   79872 c:\windows\system32\Lfdgn13n.dll
+ 2002-10-24 21:11 . 2002-10-24 21:11   21504 c:\windows\system32\lfCUT13n.dll
+ 2002-07-23 20:37 . 2002-07-23 20:37   90112 c:\windows\system32\Lfcmx13n.dll
+ 2002-10-21 19:03 . 2002-10-21 19:03   31744 c:\windows\system32\LFCLP13N.DLL
+ 2002-10-21 19:31 . 2002-10-21 19:31   90624 c:\windows\system32\Lfcgm13n.dll
+ 2002-10-21 19:02 . 2002-10-21 19:02   35840 c:\windows\system32\LFCAL13N.DLL
+ 2002-10-21 19:02 . 2002-10-21 19:02   30208 c:\windows\system32\LFBMP13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   23040 c:\windows\system32\LFAWD13N.DLL
+ 2002-10-21 19:02 . 2002-10-21 19:02   18944 c:\windows\system32\LFAVI13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   25600 c:\windows\system32\LFANI13N.DLL
+ 2002-06-28 21:02 . 2002-06-28 21:02   91136 c:\windows\system32\LFACS13N.DLL
- 2008-04-14 12:00 . 2011-04-25 16:11   25600 c:\windows\system32\jsproxy.dll
+ 2008-04-14 12:00 . 2012-05-11 14:42   25600 c:\windows\system32\jsproxy.dll
+ 1999-10-28 22:49 . 1999-10-28 22:49   26384 c:\windows\system32\FM20ENU.DLL
+ 1999-02-16 19:38 . 1999-02-16 19:38   38912 c:\windows\system32\EXSEC32.DLL
+ 2011-10-19 22:20 . 2010-10-20 14:04   12616 c:\windows\system32\DRVSTORE\sy11ser2_C8055990E74A8336FB891A1C51483808C1A377B4\i386\sy11cmnt.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04   14920 c:\windows\system32\DRVSTORE\sy11nmea2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11mdfl.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04   12616 c:\windows\system32\DRVSTORE\sy11nmea2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11cmnt.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04   14920 c:\windows\system32\DRVSTORE\sy11mdm2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11mdfl.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04   12616 c:\windows\system32\DRVSTORE\sy11mdm2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11cmnt.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04   12488 c:\windows\system32\DRVSTORE\sy11bus_3B750B8957F0495C30C6A1637C4365210D2F7D96\i386\sy11whnt.sys
+ 2011-10-19 22:20 . 2009-11-25 15:06   28032 c:\windows\system32\DRVSTORE\sustucau_DFCD71BD0A5B77107C2A164AECAF8B184C1DAC23\x32\sustucau.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06   28032 c:\windows\system32\DRVSTORE\sustucau_C9E6DF1C8048DC72D36CCAEEE3BACCDB441567F5\x32\sustucau.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06   47360 c:\windows\system32\DRVSTORE\sustucap_C0F16DE8BAD19A3D9B57336A0A69209EB10E7CCF\x32\sustucap.sys
+ 2011-10-19 22:20 . 2009-11-25 15:06   47360 c:\windows\system32\DRVSTORE\sustucap_1EDD86B8B9BFED1A6DCE1575A58CC70E11B53813\x32\sustucap.sys
+ 2011-10-19 22:20 . 2009-11-25 15:06   47360 c:\windows\system32\DRVSTORE\sustucam_F6944BDF91F4A423970BB44E6B3D50807D2E59C4\x32\sustucam.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06   47360 c:\windows\system32\DRVSTORE\sustucam_1FF22367248D356C8388AA6F6326380ACFFB8B76\x32\sustucam.sys
+ 2011-10-17 01:33 . 2007-03-20 07:33   28672 c:\windows\system32\DRVSTORE\susidn_183D6B8EF1D89794BD9426AEDC366357BC9AD747\libusb0.sys
+ 2011-10-17 01:33 . 2007-03-20 07:33   43520 c:\windows\system32\DRVSTORE\susidn_183D6B8EF1D89794BD9426AEDC366357BC9AD747\libusb0.dll
+ 2011-10-17 01:33 . 2009-06-30 21:47   25728 c:\windows\system32\DRVSTORE\susandroid_FC9F522E221128D699F3791DC5748637249EF286\androidusb.sys
+ 2011-10-19 22:20 . 2009-06-30 21:47   25728 c:\windows\system32\DRVSTORE\susandroid_33DEEEA9E288DC4CD2A2FBA1153E97C5656C83CF\androidusb.sys
+ 2011-10-17 01:33 . 2007-11-20 23:35   49792 c:\windows\system32\DRVSTORE\sus2pl_83E3644ECEC403037D5191175417DD7D9F6E0A41\sus2pl.sys
+ 2011-10-19 22:20 . 2011-08-25 01:43   77624 c:\windows\system32\DRVSTORE\ssudbus_480379E0B82376A51FBA49F20A6552067343B7C5\i386\ssudbus.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12   12424 c:\windows\system32\DRVSTORE\ssm_ser2_B621C3240C85E19C4E244497B86AA9D67533C4DC\i386\ssm_cmnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12   15112 c:\windows\system32\DRVSTORE\ssm_mdm2_B621C3240C85E19C4E244497B86AA9D67533C4DC\i386\ssm_mdfl.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12   12424 c:\windows\system32\DRVSTORE\ssm_mdm2_B621C3240C85E19C4E244497B86AA9D67533C4DC\i386\ssm_cmnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12   12424 c:\windows\system32\DRVSTORE\ssm_bus_EE9DFA265F838793D1C273D5545AB1C0C5AC6695\i386\ssm_whnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12   83592 c:\windows\system32\DRVSTORE\ssm_bus_EE9DFA265F838793D1C273D5545AB1C0C5AC6695\i386\ssm_bus.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   12160 c:\windows\system32\DRVSTORE\ssecunic_A24B1C89EAA29049770A027B837B79C454C2BE7F\i386\ssecwhnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   10624 c:\windows\system32\DRVSTORE\ssecunic_A24B1C89EAA29049770A027B837B79C454C2BE7F\i386\sseccrnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   12160 c:\windows\system32\DRVSTORE\ssecsdm2_6084F8D8AAAC4998F190285B0975591A9E522F47\i386\sseccmnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   12160 c:\windows\system32\DRVSTORE\ssecobx2_0E3C23A2AF7322625D7CB5A230D402C8D622EC9B\i386\sseccmnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   25856 c:\windows\system32\DRVSTORE\ssecndis_A24B1C89EAA29049770A027B837B79C454C2BE7F\i386\ssecnd5.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   14976 c:\windows\system32\DRVSTORE\ssecmdm2_E671AB05B6ECA67B0DD4FA29746FD625F717E338\i386\ssecmdfl.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   12160 c:\windows\system32\DRVSTORE\ssecmdm2_E671AB05B6ECA67B0DD4FA29746FD625F717E338\i386\sseccmnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   12160 c:\windows\system32\DRVSTORE\ssecbus_7E9D79E81F4A1719CED202B2FB04E7C48E5B8945\i386\ssecwhnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   86528 c:\windows\system32\DRVSTORE\ssecbus_7E9D79E81F4A1719CED202B2FB04E7C48E5B8945\i386\ssecbus.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41   98688 c:\windows\system32\DRVSTORE\sscesdm2_BB82E7479D7E2F0C90BFE508B21515FFA2AFD8D8\i386\ssceserd.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41   12160 c:\windows\system32\DRVSTORE\sscesdm2_BB82E7479D7E2F0C90BFE508B21515FFA2AFD8D8\i386\sscecmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   12416 c:\windows\system32\DRVSTORE\sscesdm2_7AD4829229782EAD7A14A10BC5E01E956779886D\i386\sscecmnt.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41   14976 c:\windows\system32\DRVSTORE\sscemdm2_95625B00DD45C398488289AAB907DEB21FCFF6CE\i386\sscemdfl.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41   12160 c:\windows\system32\DRVSTORE\sscemdm2_95625B00DD45C398488289AAB907DEB21FCFF6CE\i386\sscecmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   14848 c:\windows\system32\DRVSTORE\sscemdm2_34771A624205C079100D51ABFD3F0EFDC377F971\i386\sscemdfl.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   12416 c:\windows\system32\DRVSTORE\sscemdm2_34771A624205C079100D51ABFD3F0EFDC377F971\i386\sscecmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   12288 c:\windows\system32\DRVSTORE\sscebus_659A3532090130C12253E064E99D5D4049A341E9\i386\sscewhnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   98560 c:\windows\system32\DRVSTORE\sscebus_659A3532090130C12253E064E99D5D4049A341E9\i386\sscebus.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41   12160 c:\windows\system32\DRVSTORE\sscebus_0199D7263C408755807E65867454841681E758C8\i386\sscewhnt.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41   90240 c:\windows\system32\DRVSTORE\sscebus_0199D7263C408755807E65867454841681E758C8\i386\sscebus.sys
+ 2011-10-17 01:33 . 2007-07-03 20:57   11944 c:\windows\system32\DRVSTORE\sscdw2k_1884E0BBC3477068D88D04D6EA7B69C88AE93B94\i386\sscdmdfl.sys
+ 2011-10-17 01:33 . 2007-07-03 20:59   86824 c:\windows\system32\DRVSTORE\sscdsdm2_1E0DD9732FD56E67D2D50B616A3C7C3CC5B8965E\i386\sscdserd.sys
+ 2011-10-17 01:33 . 2007-07-03 20:54   80552 c:\windows\system32\DRVSTORE\sscdbus_E3A7A7036AB81E14A21B18864187D06666BE1000\i386\sscdbus.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15   10472 c:\windows\system32\DRVSTORE\ssadsdm2_CB0D6A64C81E723D813A6F2A9668D95F91F371C0\i386\ssadcmnt.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40   14976 c:\windows\system32\DRVSTORE\ssadmdm2_BB9A889FDC3B66435A9ABCEF20FAFE1691169A32\i386\ssadmdfl.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40   12160 c:\windows\system32\DRVSTORE\ssadmdm2_BB9A889FDC3B66435A9ABCEF20FAFE1691169A32\i386\ssadcmnt.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15   12776 c:\windows\system32\DRVSTORE\ssadmdm2_3B9F84FDB4850DC91A3CAFF448723EA532732F1F\i386\ssadmdfl.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15   10472 c:\windows\system32\DRVSTORE\ssadmdm2_3B9F84FDB4850DC91A3CAFF448723EA532732F1F\i386\ssadcmnt.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40   12160 c:\windows\system32\DRVSTORE\ssadbus_ECD95F04F506242D65A2FBE013D1EFC237EA84E5\i386\ssadwhnt.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40   90240 c:\windows\system32\DRVSTORE\ssadbus_ECD95F04F506242D65A2FBE013D1EFC237EA84E5\i386\ssadbus.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15   10344 c:\windows\system32\DRVSTORE\ssadbus_2112C6E16CA9C1DAD7D12BFCA60FCA72A02EBB81\i386\ssadwhnt.sys
+ 2011-10-17 01:33 . 2009-09-04 16:12   30240 c:\windows\system32\DRVSTORE\ssadadb2_9F2CD3CCE7A87CC3E75FD9556977CF2EF6DC40AD\i386\ssadadb.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15   30312 c:\windows\system32\DRVSTORE\ssadadb2_6FBFB7BD831F97C0C49FFC637EF8E261B1BD5DBD\i386\ssadadb.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11   15112 c:\windows\system32\DRVSTORE\ss_mdm2_216D7BF32263B1148A5B933A3315794CD0A5873E\i386\ss_mdfl.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11   12424 c:\windows\system32\DRVSTORE\ss_mdm2_216D7BF32263B1148A5B933A3315794CD0A5873E\i386\ss_cmnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11   12424 c:\windows\system32\DRVSTORE\ss_bus_A0C703FB8469957D809DD9D797EA905CBA4B0AE3\i386\ss_whnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11   83592 c:\windows\system32\DRVSTORE\ss_bus_A0C703FB8469957D809DD9D797EA905CBA4B0AE3\i386\ss_bus.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01   98560 c:\windows\system32\DRVSTORE\ss_bsdm2_1A96E7D9912D595BE4A69BD8225CE5C1BE7B01F9\i386\ss_bserd.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01   12160 c:\windows\system32\DRVSTORE\ss_bsdm2_1A96E7D9912D595BE4A69BD8225CE5C1BE7B01F9\i386\ss_bcmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   12416 c:\windows\system32\DRVSTORE\ss_bsdm2_10B17303D78CD94FDDF50F961E3454D4DD5E1A7A\i386\ss_bcmnt.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01   14976 c:\windows\system32\DRVSTORE\ss_bmdm2_6FA434819A60DA857A32001FF758385CD6AE326D\i386\ss_bmdfl.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01   12160 c:\windows\system32\DRVSTORE\ss_bmdm2_6FA434819A60DA857A32001FF758385CD6AE326D\i386\ss_bcmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   14848 c:\windows\system32\DRVSTORE\ss_bmdm2_25CD552B0C6354F58CE1CF1AC1C75967943356E3\i386\ss_bmdfl.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   12416 c:\windows\system32\DRVSTORE\ss_bmdm2_25CD552B0C6354F58CE1CF1AC1C75967943356E3\i386\ss_bcmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   12288 c:\windows\system32\DRVSTORE\ss_bbus_12BC85144F8D71EFF2F5EFF4FD945E30B2447D45\i386\ss_bwhnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   98432 c:\windows\system32\DRVSTORE\ss_bbus_12BC85144F8D71EFF2F5EFF4FD945E30B2447D45\i386\ss_bbus.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01   12160 c:\windows\system32\DRVSTORE\ss_bbus_104629A5B566D618A5FF3E6A22926FFCF4AD511E\i386\ss_bwhnt.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01   90112 c:\windows\system32\DRVSTORE\ss_bbus_104629A5B566D618A5FF3E6A22926FFCF4AD511E\i386\ss_bbus.sys
+ 2011-10-17 01:33 . 2009-12-24 05:00   25728 c:\windows\system32\DRVSTORE\smhwadb_EE9BB6D5D9C21037CF057BBECBF62CEC8189405D\smhwadb.sys
+ 2011-10-17 01:33 . 2005-07-25 14:04   48640 c:\windows\system32\DRVSTORE\ser2pl_7E6CB372993C5A68E0D6B1FAF1BD37119C1AB0C1\ser2pl.sys
+ 2011-10-17 01:33 . 2009-12-15 03:30   55056 c:\windows\system32\DRVSTORE\ptqhbus_DF19F5DE0112DD08FC27D2DC1E6913B846827DA8\i386\PTQHBUS.sys
+ 2011-10-19 22:20 . 2010-10-13 05:23   58128 c:\windows\system32\DRVSTORE\psmnbus_787B03E3473C86BBDA1EB6175DE3CDA64682B398\i386\PSMNBUS.sys
+ 2011-10-19 22:20 . 2009-07-10 17:01   25856 c:\windows\system32\DRVSTORE\motoandroi_DEB26C1D504C5061D2F03F61E789E25BBF45D268\motoandroid.sys
+ 2011-10-17 01:33 . 2009-07-10 17:01   25856 c:\windows\system32\DRVSTORE\motoandroi_281A0D1CF14FCFFB1B61021B981311BFDC53E1D2\motoandroid.sys
+ 2011-10-19 22:20 . 2011-02-18 03:37   25984 c:\windows\system32\DRVSTORE\lgvzandnet_B94A47D2A0B8519069621028736D8B5E3158BB98\lgvzandnetadb.sys
+ 2011-10-19 22:20 . 2011-02-18 03:34   23296 c:\windows\system32\DRVSTORE\lgvzandnet_5FD88285C4761F821D84D10B0269DD56226E2811\lgvzandnetdiag.sys
+ 2011-10-19 22:20 . 2010-07-21 09:29   25856 c:\windows\system32\DRVSTORE\lgandnetad_828CC4E848AA2E5AB725EC954380613DA3C3BD0E\lgandnetadb.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52   24960 c:\windows\system32\DRVSTORE\lgandmodem_EACE95D5500F7BB1470F9966CA72CB0182E42591\lgandmodem.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52   19968 c:\windows\system32\DRVSTORE\lgandgps_EACE95D5500F7BB1470F9966CA72CB0182E42591\lgandgps.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52   20864 c:\windows\system32\DRVSTORE\lganddiag_EACE95D5500F7BB1470F9966CA72CB0182E42591\lganddiag.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52   14336 c:\windows\system32\DRVSTORE\lgandbus_EACE95D5500F7BB1470F9966CA72CB0182E42591\lgandbus.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52   25728 c:\windows\system32\DRVSTORE\lgandadb_894C09737C7AC28B0F57FE45236D047AA1696840\lgandadb.sys
+ 2011-10-17 01:33 . 2008-03-13 18:52   51528 c:\windows\system32\DRVSTORE\ftdiport_7C3FFC3E04092913979D7E6D761354E5BA36EC6C\i386\ftserui2.dll
+ 2011-10-17 01:33 . 2008-03-13 18:50   72000 c:\windows\system32\DRVSTORE\ftdiport_7C3FFC3E04092913979D7E6D761354E5BA36EC6C\i386\ftser2k.sys
+ 2011-10-17 01:33 . 2008-03-13 18:52   54088 c:\windows\system32\DRVSTORE\ftdiport_7C3FFC3E04092913979D7E6D761354E5BA36EC6C\i386\ftcserco.dll
+ 2011-10-17 01:33 . 2008-03-13 18:51   57536 c:\windows\system32\DRVSTORE\ftdibus_9E256B7D98A828C5E32AA2A56664AF336E092846\i386\ftdibus.sys
+ 2012-03-06 22:52 . 2007-08-31 19:14   38656 c:\windows\system32\DRVSTORE\embda_754491038463AF55DC013DBF40581C2B1BFEE429\emOEM.sys
+ 2012-03-06 22:52 . 2006-12-15 21:54   61440 c:\windows\system32\DRVSTORE\embda_754491038463AF55DC013DBF40581C2B1BFEE429\emMON.exe
+ 2012-03-06 22:52 . 2007-08-31 19:15   24448 c:\windows\system32\DRVSTORE\emaudio_754491038463AF55DC013DBF40581C2B1BFEE429\emAudio.sys
+ 2011-10-19 22:20 . 2010-08-27 00:40   57672 c:\windows\system32\DRVSTORE\c771bus_E1FC5BC5187A501E8DCF9CA386B28E99E3607840\i386\C771BUS.sys
+ 2011-10-19 22:21 . 2010-03-30 16:31   25728 c:\windows\system32\DRVSTORE\android_us_A65B3A0A9A75EAE67D1FF8F0010750EB9A19D1E3\fxxandroidusb.sys
+ 2011-10-17 01:33 . 2009-11-04 14:54   24576 c:\windows\system32\DRVSTORE\android_us_829DB379FCCB62629A656828AF4B687423D00255\androidusb.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06   28032 c:\windows\system32\drivers\sustucau.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06   47360 c:\windows\system32\drivers\sustucap.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06   47360 c:\windows\system32\drivers\sustucam.sys
+ 2008-04-14 00:15 . 2008-04-14 05:15   49408 c:\windows\system32\drivers\stream.sys
- 2008-04-14 00:15 . 2008-04-14 04:15   49408 c:\windows\system32\drivers\stream.sys
+ 2008-04-14 12:00 . 2011-07-08 14:02   10496 c:\windows\system32\drivers\ndistapi.sys
+ 2008-01-14 10:06 . 2011-09-29 07:04   21632 c:\windows\system32\drivers\ManyCam.sys
+ 2009-09-23 14:41 . 2009-03-18 20:35   26176 c:\windows\system32\drivers\hamachi.sys
- 2009-09-23 14:41 . 2009-03-18 21:35   26176 c:\windows\system32\drivers\hamachi.sys
+ 2008-07-29 19:09 . 2008-07-29 19:09   39424 c:\windows\system32\drivers\fantom.sys
+ 2010-01-13 04:10 . 2010-02-11 04:19   53248 c:\windows\system32\drivers\ati2erec.dll
+ 2012-04-11 19:31 . 2012-03-06 23:01   53848 c:\windows\system32\drivers\aswTdi.sys
+ 2012-04-11 19:31 . 2012-03-06 23:02   35672 c:\windows\system32\drivers\aswRdr.sys
+ 2012-04-11 19:31 . 2012-03-06 23:01   95704 c:\windows\system32\drivers\aswmon2.sys
+ 2012-04-11 19:31 . 2012-03-06 23:01   89048 c:\windows\system32\drivers\aswmon.sys
+ 2012-04-11 19:31 . 2012-03-06 23:01   20696 c:\windows\system32\drivers\aswFsBlk.sys
+ 2012-04-11 19:31 . 2012-03-06 22:58   24920 c:\windows\system32\drivers\aavmker4.sys
- 2010-01-14 02:09 . 2011-04-25 16:11   12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-01-14 02:09 . 2012-05-11 14:42   12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-01-13 03:03 . 2012-06-02 19:19   35864 c:\windows\system32\dllcache\wups.dll
+ 2010-01-13 03:03 . 2012-06-02 19:19   53784 c:\windows\system32\dllcache\wuauclt.exe
+ 2010-01-12 03:54 . 2008-04-14 10:42   53760 c:\windows\system32\dllcache\vfwwdm32.dll
- 2010-01-12 03:54 . 2008-04-14 09:42   53760 c:\windows\system32\dllcache\vfwwdm32.dll
+ 2008-04-14 00:15 . 2008-04-14 05:15   49408 c:\windows\system32\dllcache\stream.sys
- 2008-04-14 00:15 . 2008-04-14 04:15   49408 c:\windows\system32\dllcache\stream.sys
+ 2008-04-14 12:00 . 2011-11-18 12:35   60416 c:\windows\system32\dllcache\packager.exe
+ 2008-04-14 12:00 . 2011-09-26 15:41   20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2008-04-14 12:00 . 2011-07-08 14:02   10496 c:\windows\system32\dllcache\ndistapi.sys
+ 2008-04-14 12:00 . 2012-05-11 14:42   67072 c:\windows\system32\dllcache\mshtmled.dll
+ 2010-01-14 02:09 . 2012-05-11 14:42   55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2010-01-14 02:09 . 2011-04-25 16:11   55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-04-14 12:00 . 2008-04-14 12:00   23040 c:\windows\system32\dllcache\mciseq.dll
+ 2008-04-14 12:00 . 2011-10-14 14:47   23040 c:\windows\system32\dllcache\mciseq.dll
+ 2008-04-14 12:00 . 2012-05-11 14:42   43520 c:\windows\system32\dllcache\licmgr10.dll
- 2008-04-14 12:00 . 2011-04-25 16:11   43520 c:\windows\system32\dllcache\licmgr10.dll
- 2008-04-14 12:00 . 2011-04-25 16:11   25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-14 12:00 . 2012-05-11 14:42   25600 c:\windows\system32\dllcache\jsproxy.dll
- 2008-04-14 12:00 . 2011-04-26 11:07   33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2008-04-14 12:00 . 2011-10-28 05:31   33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2008-04-14 12:00 . 2012-06-02 19:19   97304 c:\windows\system32\dllcache\cdm.dll
+ 2008-04-14 12:00 . 2011-10-28 05:31   33280 c:\windows\system32\csrsrv.dll
- 2008-04-14 12:00 . 2011-04-26 11:07   33280 c:\windows\system32\csrsrv.dll
- 2010-01-13 03:08 . 2011-09-29 01:48   32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-13 03:08 . 2012-03-20 05:57   32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-13 03:08 . 2012-03-20 05:57   32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2010-01-13 03:08 . 2011-09-29 01:48   32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-12-01 11:53 . 2012-03-20 05:57   16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2010-01-13 03:08 . 2011-09-29 01:48   16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2012-01-04 04:35 . 2010-10-24 05:56   49664 c:\windows\system32\CamCodec.dll
+ 2011-09-19 07:07 . 2011-09-19 07:07   58368 c:\windows\system32\bdmpegv.dll
+ 2011-09-19 07:07 . 2011-09-19 07:07   15360 c:\windows\system32\bdmjpeg.dll
+ 2005-10-29 04:49 . 2005-10-29 04:49   25600 c:\windows\system32\bcsprsrc.dll
+ 2005-10-28 21:40 . 2005-10-28 21:40   96792 c:\windows\system32\basecsp.dll
- 2010-01-13 04:10 . 2001-11-09 15:01   24064 c:\windows\system32\ativcoxx.dll
+ 2010-01-13 04:10 . 2001-11-09 16:01   24064 c:\windows\system32\ativcoxx.dll
+ 2010-01-13 04:10 . 2010-02-11 03:53   17408 c:\windows\system32\atitvo32.dll
- 2010-01-13 04:10 . 2005-04-15 01:45   17408 c:\windows\system32\atitvo32.dll
+ 2010-01-13 04:10 . 2010-02-11 04:32   53248 c:\windows\system32\ATIDDC.DLL
- 2010-01-13 04:10 . 2005-04-15 02:09   53248 c:\windows\system32\ATIDDC.DLL
+ 2010-02-11 04:23 . 2010-02-11 04:23   45056 c:\windows\system32\aticalrt.dll
+ 2010-02-11 04:22 . 2010-02-11 04:22   45056 c:\windows\system32\aticalcl.dll
+ 2010-01-13 04:10 . 2010-02-11 04:35   26112 c:\windows\system32\Ati2mdxx.exe
+ 2010-01-13 04:10 . 2010-02-11 04:35   43520 c:\windows\system32\ati2edxx.dll
+ 2012-01-11 20:59 . 2012-01-11 20:59   12920 c:\windows\system32\apl001.sys
+ 2012-01-11 20:59 . 2012-01-11 20:59   10872 c:\windows\system32\apf001.sys
+ 2010-02-11 03:59 . 2010-02-11 03:59   49664 c:\windows\system32\amdpcom32.dll
+ 2010-03-21 23:47 . 2012-05-29 19:33   87952 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
+ 2012-04-26 13:05 . 2012-04-26 13:05   86016 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2012-04-26 12:50 . 2012-04-26 12:50   73408 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2012-04-26 12:50 . 2012-04-26 12:50   64512 c:\windows\system32\Adobe\Shockwave 11\gcapi_dll.dll
+ 2012-04-26 13:06 . 2012-04-26 13:06   12800 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2011-12-26 08:54 . 2011-12-26 08:54   15120 c:\windows\Microsoft.NET\Framework\v4.0.30319\webengine.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08   57616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2011-12-26 08:54 . 2011-12-26 08:54   33552 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe
+ 2011-12-25 08:49 . 2011-12-25 08:49   31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2012-01-11 08:05 . 2012-01-11 08:05   97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
- 2011-01-10 08:08 . 2011-01-10 08:08   97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
- 2011-06-18 08:01 . 2011-06-18 08:01   87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16   87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2011-06-18 08:01 . 2011-06-18 08:01   93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16   93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16   35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2011-06-18 08:01 . 2011-06-18 08:01   35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2011-01-10 08:08 . 2011-01-10 08:08   29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
+ 2012-01-11 08:05 . 2012-01-11 08:05   29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
- 2011-06-18 08:01 . 2011-06-18 08:01   17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16   17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2011-06-18 08:01 . 2011-06-18 08:01   58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16   58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04   70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
- 2011-01-10 08:08 . 2011-01-10 08:08   70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
- 2011-01-10 08:08 . 2011-01-10 08:08   24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04   24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
- 2011-01-10 08:08 . 2011-01-10 08:08   81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04   81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04   33144 c:\windows\Microsoft.NET\assembly\GA<

SuperDave · « **Reply #7 on:** July 26, 2012, 04:02:41 PM »

Good job but that's not the complete ComboFix log. You can find the log in C:Combofix. Please post the entire log.

SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

http://sites.google.com/site/sysprotantirootkit/

Unzip it into a folder on your desktop.

Double click Sysprot.exe to start the program.
Click on the Log tab.
In the Write to log box select the following items.

Process << Selected
Kernel Modules << Selected
SSDT << Selected
Kernel Hooks << Selected
IRP Hooks << NOT Selected
Ports << NOT Selected
Hidden Files << Selected

At the bottom of the page

Hidden Objects Only << Selected

Click on the Create Log button on the bottom right.
After a few seconds a new window should appear.
Select Scan Root Drive. Click on the Start button.
When it is complete a new window will appear to indicate that the scan is finished.
The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

AlecNeedsHelp · « **Reply #8 on:** July 26, 2012, 06:36:24 PM »

Yea, I pasted the whole thing here, and wrote a little at the end, but I guess there might be a limit or a glitch of some sort. I'll try again.

ComboFix 12-07-27.02 - Harris Family 07/26/2012 15:55:04.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.931 [GMT -4:00]
Running from: c:\documents and settings\Harris Family\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\documents and settings\Harris Family\Application Data\Toolbar4
c:\windows\system32\SET2E6.tmp
c:\windows\system32\SET76C.tmp
c:\windows\system32\SET770.tmp
c:\windows\system32\SET771.tmp
c:\windows\system32\SET776.tmp
c:\windows\system32\SET77A.tmp
c:\windows\system32\SET7D0.tmp
c:\windows\system32\SET7D2.tmp
c:\windows\system32\SET7D6.tmp
c:\windows\system32\SET7DE.tmp
c:\windows\system32\SETE38.tmp
c:\windows\system32\SETE39.tmp
c:\windows\system32\SETE3D.tmp
c:\windows\system32\SETE3E.tmp
c:\windows\system32\SETE3F.tmp
c:\windows\system32\SETE43.tmp
c:\windows\system32\SETE45.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-06-26 to 2012-07-26 )))))))))))))))))))))))))))))))
.
.
2012-07-26 19:35 . 2012-07-26 19:35   --------   d-----w-   c:\program files\Oracle
2012-07-26 19:34 . 2012-07-26 19:31   143872   ----a-w-   c:\windows\system32javacpl.cpl
2012-07-26 19:33 . 2012-07-06 02:07   143872   ----a-w-   c:\windows\system32\javacpl.cpl
2012-07-23 20:18 . 2012-07-23 20:18   --------   d-----w-   c:\documents and settings\Harris Family\Application Data\SUPERAntiSpyware.com
2012-07-23 20:18 . 2012-07-23 20:18   --------   d-----w-   c:\program files\SUPERAntiSpyware
2012-07-23 20:18 . 2012-07-23 20:18   --------   d-----w-   c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2012-07-23 20:17 . 2012-07-23 20:17   --------   d-----w-   c:\documents and settings\All Users\Application Data\SUPERSetup
2012-07-23 17:22 . 2012-07-03 17:46   22344   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-07-20 23:23 . 2012-07-22 04:08   --------   d-----w-   c:\documents and settings\Harris Family\Application Data\vlc
2012-07-20 23:20 . 2012-07-20 23:20   --------   d-----w-   c:\program files\VideoLAN
2012-07-12 07:22 . 2012-07-12 07:22   --------   d-----w-   c:\program files\LogMeIn Hamachi
2012-07-08 19:11 . 2012-07-08 19:11   --------   d-----w-   c:\windows\system32\wbem\Repository
2012-07-05 19:57 . 2012-07-05 19:53   3130440   ----a-w-   c:\windows\system32\pbsvc_blr.exe
2012-07-05 19:56 . 2012-07-05 19:56   --------   d-----w-   c:\program files\NVIDIA Corporation
2012-07-05 19:55 . 2012-07-05 19:55   --------   d-----w-   c:\program files\Common Files\Wise Installation Wizard
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 22:30 . 2012-04-02 23:13   426184   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2012-07-11 22:30 . 2011-09-29 03:46   70344   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 02:06 . 2011-10-19 17:17   772544   ----a-w-   c:\windows\system32\npdeployJava1.dll
2012-07-06 02:06 . 2010-09-07 18:43   687544   ----a-w-   c:\windows\system32\deployJava1.dll
2012-07-05 19:58 . 2012-05-28 06:43   138056   ----a-w-   c:\windows\system32\drivers\PnkBstrK.sys
2012-07-05 19:58 . 2012-01-10 20:02   138056   ----a-w-   c:\documents and settings\Harris Family\Application Data\PnkBstrK.sys
2012-07-05 19:57 . 2012-05-28 06:42   189248   ----a-w-   c:\windows\system32\PnkBstrB.exe
2012-07-05 19:57 . 2012-01-10 20:02   189248   ----a-w-   c:\windows\system32\PnkBstrB.ex0
2012-07-05 19:57 . 2012-05-28 06:42   76888   ----a-w-   c:\windows\system32\PnkBstrA.exe
2012-06-20 16:56 . 2012-01-30 04:25   71104   ----a-w-   c:\windows\CouponPrinter.ocx
2012-06-13 13:19 . 2008-04-14 12:00   1866112   ----a-w-   c:\windows\system32\win32k.sys
2012-06-05 15:50 . 2008-04-14 12:00   1372672   ----a-w-   c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2008-04-14 12:00   1172480   ----a-w-   c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2008-04-14 12:00   152576   ----a-w-   c:\windows\system32\schannel.dll
2012-06-02 19:19 . 2009-08-07 00:24   22040   ----a-w-   c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19 . 2010-01-13 03:03   329240   ----a-w-   c:\windows\system32\wucltui.dll
2012-06-02 19:19 . 2010-01-13 03:03   219160   ----a-w-   c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19 . 2010-01-13 03:03   210968   ----a-w-   c:\windows\system32\wuweb.dll
2012-06-02 19:19 . 2009-08-07 00:24   15384   ----a-w-   c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19 . 2010-01-13 03:03   53784   ----a-w-   c:\windows\system32\wuauclt.exe
2012-06-02 19:19 . 2010-01-13 03:03   35864   ----a-w-   c:\windows\system32\wups.dll
2012-06-02 19:19 . 2009-08-07 00:24   45080   ----a-w-   c:\windows\system32\wups2.dll
2012-06-02 19:19 . 2009-08-07 00:24   15384   ----a-w-   c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19 . 2008-04-14 12:00   97304   ----a-w-   c:\windows\system32\cdm.dll
2012-06-02 19:19 . 2009-08-07 00:24   17944   ----a-w-   c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:19 . 2010-01-13 03:03   577048   ----a-w-   c:\windows\system32\wuapi.dll
2012-06-02 19:19 . 2010-01-13 03:03   1933848   ----a-w-   c:\windows\system32\wuaueng.dll
2012-06-02 19:18 . 2010-02-01 09:47   275696   ----a-w-   c:\windows\system32\mucltui.dll
2012-06-02 19:18 . 2010-02-01 09:47   214256   ----a-w-   c:\windows\system32\muweb.dll
2012-06-02 19:18 . 2010-02-01 09:47   17136   ----a-w-   c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22 . 2008-04-14 12:00   599040   ----a-w-   c:\windows\system32\crypt32.dll
2012-05-30 20:32 . 2012-01-10 20:11   282104   ----a-w-   c:\windows\system32\PnkBstrB.xtr
2012-05-16 15:08 . 2008-04-14 12:00   916992   ----a-w-   c:\windows\system32\wininet.dll
2012-05-11 14:42 . 2008-04-14 12:00   43520   ----a-w-   c:\windows\system32\licmgr10.dll
2012-05-11 14:42 . 2008-04-14 12:00   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2008-04-14 12:00   385024   ----a-w-   c:\windows\system32\html.iec
2012-05-04 13:16 . 2008-04-14 12:00   2148352   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32 . 2008-04-14 00:01   2026496   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2010-01-13 03:01   139656   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2012-07-18 18:57 . 2012-06-19 01:31   136672   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\ERDNT\cache\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . D9F19E78F98834CB411D6AD3C68D181A . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
.
((((((((((((((((((((((((((((( SnapShot@2011-09-29_05.36.58 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 06:19 . 2007-11-07 06:19   54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05   38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 10:07 . 2008-07-29 10:07   59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 10:07 . 2008-07-29 10:07   59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2006-12-02 05:26 . 2006-12-02 05:26   57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-02 05:25 . 2006-12-02 05:25   69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2009-07-12 00:41 . 2009-07-12 00:41   97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2012-03-10 00:57 . 2012-03-10 00:57   49152 c:\windows\WinSxS\MSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8\MOM.EXE
+ 2012-01-11 08:05 . 2012-01-11 08:05   21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
- 2011-01-10 08:08 . 2011-01-10 08:08   21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
+ 2012-03-10 00:57 . 2012-03-10 00:57   86016 c:\windows\WinSxS\MSIL_LOG_90ba9c70f846762e_2.0.3693.42530_x-ww_47e32df4\LOG.EXE
+ 2012-03-10 00:57 . 2012-03-10 00:57   49152 c:\windows\WinSxS\MSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733\CLI.EXE
+ 2012-03-10 00:57 . 2012-03-10 00:57   49152 c:\windows\WinSxS\MSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0\CCC.EXE
+ 2012-07-26 19:19 . 2012-07-26 19:19   16384 c:\windows\Temp\Perflib_Perfdata_c58.dat
+ 2012-07-26 19:36 . 2012-07-26 19:36   16384 c:\windows\Temp\Perflib_Perfdata_9b8.dat
+ 2010-04-27 18:45 . 2010-04-27 18:45   72856 c:\windows\system32\xliveinstallhost.exe
- 2010-05-02 19:32 . 2007-04-04 22:53   81768 c:\windows\system32\xinput1_3.dll
+ 2010-05-02 19:32 . 2007-04-04 23:53   81768 c:\windows\system32\xinput1_3.dll
- 2010-05-02 19:33 . 2010-02-04 14:01   74072 c:\windows\system32\XAPOFX1_4.dll
+ 2010-05-02 19:33 . 2010-02-04 15:01   74072 c:\windows\system32\XAPOFX1_4.dll
+ 2010-05-02 19:32 . 2008-07-31 15:41   68616 c:\windows\system32\XAPOFX1_1.dll
- 2010-05-02 19:32 . 2008-07-31 14:41   68616 c:\windows\system32\XAPOFX1_1.dll
- 2010-05-02 19:33 . 2010-02-04 14:01   22360 c:\windows\system32\X3DAudio1_7.dll
+ 2010-05-02 19:33 . 2010-02-04 15:01   22360 c:\windows\system32\X3DAudio1_7.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56   14848 c:\windows\system32\wsmprovhost.exe
+ 2009-10-09 19:56 . 2009-10-09 19:56   12288 c:\windows\system32\wsmplpxy.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56   12288 c:\windows\system32\winrssrv.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56   22528 c:\windows\system32\winrshost.exe
+ 2009-10-09 21:22 . 2009-10-09 21:22   69632 c:\windows\system32\winrs.exe
+ 2009-10-09 19:56 . 2009-10-09 19:56   25088 c:\windows\system32\winrmprov.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56   24064 c:\windows\system32\WindowsPowerShell\v1.0\pwrshsip.dll
+ 2010-01-12 03:54 . 2008-04-14 10:42   53760 c:\windows\system32\vfwwdm32.dll
- 2010-01-12 03:54 . 2008-04-14 09:42   53760 c:\windows\system32\vfwwdm32.dll
+ 1998-12-24 15:23 . 1998-12-24 15:23   40960 c:\windows\system32\VBAME.DLL
- 2008-04-14 12:00 . 2010-11-03 13:12   46080 c:\windows\system32\tzchange.exe
+ 2008-04-14 12:00 . 2011-11-08 13:46   46080 c:\windows\system32\tzchange.exe
+ 2012-06-21 06:53 . 2012-06-02 19:19   45080 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.6.7600.256\wups2.dll
+ 2012-06-21 06:53 . 2012-06-02 19:19   35864 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.6.7600.256\wups.dll
+ 2011-06-16 07:34 . 2011-06-16 07:34   79872 c:\windows\system32\SlotMaximizerAg.dll
+ 1998-03-25 00:54 . 1998-03-25 00:54   15872 c:\windows\system32\SCP32.DLL
+ 2012-03-06 23:16 . 2005-04-15 02:10   73728 c:\windows\system32\ReinstallBackups\0001\DriverFiles\Oemdspif.dll
+ 2012-03-06 23:16 . 2001-11-09 15:01   24064 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ativcoxx.dll
+ 2012-03-06 23:16 . 2005-04-15 01:45   17408 c:\windows\system32\ReinstallBackups\0001\DriverFiles\atitvo32.dll
+ 2012-03-06 23:16 . 2005-04-15 02:11   94208 c:\windows\system32\ReinstallBackups\0001\DriverFiles\atipdlxx.dll
+ 2012-03-06 23:16 . 2005-04-08 20:42   87540 c:\windows\system32\ReinstallBackups\0001\DriverFiles\atiicdxx.dat
+ 2012-03-06 23:16 . 2005-04-15 02:09   53248 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ATIDDC.DLL
+ 2012-03-06 23:16 . 2005-04-15 02:10   25088 c:\windows\system32\ReinstallBackups\0001\DriverFiles\Ati2mdxx.exe
+ 2012-03-06 23:16 . 2005-04-15 02:10   46080 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2evxx.dll
+ 2012-03-06 23:16 . 2005-04-15 01:45   36864 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2erec.dll
+ 2012-03-06 23:16 . 2005-04-15 02:10   39936 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2edxx.dll
+ 2012-03-10 00:46 . 2005-04-15 02:10   73728 c:\windows\system32\ReinstallBackups\0000\DriverFiles\Oemdspif.dll
+ 2012-03-10 00:46 . 2001-11-09 15:01   24064 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ativcoxx.dll
+ 2012-03-10 00:46 . 2005-04-15 01:45   17408 c:\windows\system32\ReinstallBackups\0000\DriverFiles\atitvo32.dll
+ 2012-03-10 00:46 . 2005-04-15 02:11   94208 c:\windows\system32\ReinstallBackups\0000\DriverFiles\atipdlxx.dll
+ 2012-03-10 00:46 . 2005-04-08 20:42   87540 c:\windows\system32\ReinstallBackups\0000\DriverFiles\atiicdxx.dat
+ 2012-03-10 00:46 . 2005-04-15 02:09   53248 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ATIDDC.DLL
+ 2012-03-10 00:46 . 2005-04-15 02:10   25088 c:\windows\system32\ReinstallBackups\0000\DriverFiles\Ati2mdxx.exe
+ 2012-03-10 00:46 . 2005-04-15 02:10   46080 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2evxx.dll
+ 2012-03-10 00:46 . 2005-04-15 01:45   36864 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2erec.dll
+ 2012-03-10 00:46 . 2005-04-15 02:10   39936 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2edxx.dll
+ 2012-03-09 20:29 . 2011-12-30 22:03   21336 c:\windows\system32\RegistryDefragBootTime.exe
+ 2009-10-09 21:22 . 2009-10-09 21:22   42496 c:\windows\system32\pwrshplugin.dll
+ 2005-10-29 04:49 . 2005-10-29 04:49   84480 c:\windows\system32\pintool.exe
+ 2008-04-14 12:00 . 2012-06-14 07:22   85886 c:\windows\system32\perfc009.dat
+ 2008-04-14 12:00 . 2011-11-18 12:35   60416 c:\windows\system32\packager.exe
+ 2011-10-26 02:21 . 2011-10-26 02:21   56832 c:\windows\system32\OVDecoder.dll
+ 2000-01-11 04:33 . 2000-01-11 04:33   65586 c:\windows\system32\OUTLWAB.DLL
+ 2011-10-26 02:21 . 2011-10-26 02:21   56832 c:\windows\system32\OpenVideo.dll
+ 2011-10-26 02:19 . 2011-10-26 02:19   44032 c:\windows\system32\OpenCL.dll
+ 2008-04-14 12:00 . 2011-09-26 15:41   20480 c:\windows\system32\oleaccrc.dll
+ 2007-02-22 14:48 . 2007-02-22 14:48   68896 c:\windows\system32\NiViSv32.dll
+ 1998-08-09 14:07 . 1998-08-09 14:07   94208 c:\windows\system32\MSSTKPRP.DLL
+ 1999-01-22 18:46 . 1999-01-22 18:46   65536 c:\windows\system32\MSRTEDIT.DLL
+ 1999-10-13 21:12 . 1999-10-13 21:12   28944 c:\windows\system32\MSRECR40.DLL
+ 1997-07-11 04:00 . 1997-07-11 04:00   22016 c:\windows\system32\MSIMRT32.DLL
+ 1997-07-11 04:00 . 1997-07-11 04:00   10544 c:\windows\system32\MSIMRT16.DLL
+ 1997-07-11 04:00 . 1997-07-11 04:00   14336 c:\windows\system32\MSIMRT.DLL
+ 2008-04-14 12:00 . 2012-05-11 14:42   67072 c:\windows\system32\mshtmled.dll
- 2009-03-08 09:31 . 2011-04-25 16:11   55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 09:31 . 2012-05-11 14:42   55296 c:\windows\system32\msfeedsbs.dll
+ 2011-11-11 00:15 . 2011-11-11 00:15   19240 c:\windows\system32\mlfcache.dat
+ 1998-06-17 06:08 . 1998-06-17 06:08   53248 c:\windows\system32\MFC42ENU.DLL
+ 1999-03-03 15:05 . 1999-03-03 15:05   81920 c:\windows\system32\MDT2FW95.DLL
- 2008-04-14 12:00 . 2008-04-14 12:00   23040 c:\windows\system32\mciseq.dll
+ 2008-04-14 12:00 . 2011-10-14 14:47   23040 c:\windows\system32\mciseq.dll
+ 1998-10-01 16:00 . 1998-10-01 16:00   40208 c:\windows\system32\MAPISRVR.EXE
+ 2011-11-22 15:50 . 2011-11-22 15:50   98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
- 2011-02-02 13:35 . 2011-02-02 13:35   98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
- 2011-02-02 13:35 . 2011-02-02 13:35   86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
+ 2011-11-22 15:50 . 2011-11-22 15:50   86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
+ 2011-11-22 15:50 . 2011-11-22 15:50   77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
- 2011-02-02 13:35 . 2011-02-02 13:35   77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
+ 2011-11-22 15:50 . 2011-11-22 15:50   24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
- 2011-02-02 13:35 . 2011-02-02 13:35   24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2002-10-21 19:29 . 2002-10-21 19:29   76800 c:\windows\system32\Lvgl13n.dll
+ 2002-10-21 19:30 . 2002-10-21 19:30   74240 c:\windows\system32\Lvdx13n.dll
+ 2002-10-21 19:01 . 2002-10-21 19:01   30208 c:\windows\system32\LTWND13n.DLL
+ 2002-10-24 21:12 . 2002-10-24 21:12   53248 c:\windows\system32\LTWEB13n.dll
+ 2002-10-24 21:10 . 2002-10-24 21:10   35328 c:\windows\system32\LTTWN13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   32256 c:\windows\system32\LTTMB13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   95232 c:\windows\system32\LTPDG13N.DLL
+ 2002-10-21 19:02 . 2002-10-21 19:02   61952 c:\windows\system32\LTNET13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   51200 c:\windows\system32\LTLST13N.DLL
+ 2002-10-21 19:01 . 2002-10-21 19:01   35328 c:\windows\system32\LTISI13N.DLL
+ 2000-07-07 10:49 . 2000-07-07 10:49   69120 c:\windows\system32\LTDLL.DLL
+ 2002-10-24 21:10 . 2002-10-24 21:10   65024 c:\windows\system32\LTBAR13N.DLL
+ 2002-10-21 19:05 . 2002-10-21 19:05   25600 c:\windows\system32\LFXWD13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   47104 c:\windows\system32\lfXpm13n.dll
+ 2002-10-24 21:11 . 2002-10-24 21:11   45056 c:\windows\system32\lfXbm13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05   20480 c:\windows\system32\LFWPG13N.DLL
+ 2002-10-21 19:38 . 2002-10-21 19:38   33280 c:\windows\system32\LFWMP13N.DLL
+ 2002-10-21 19:38 . 2002-10-21 19:38   76800 c:\windows\system32\Lfwmf13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05   19968 c:\windows\system32\LFWFX13N.DLL
+ 2002-10-21 19:34 . 2002-10-21 19:34   33280 c:\windows\system32\LFVEC13N.DLL
+ 2002-10-21 19:05 . 2002-10-21 19:05   24576 c:\windows\system32\LFTGA13N.DLL
+ 2002-10-21 19:37 . 2002-10-21 19:37   33792 c:\windows\system32\LFSMP13n.dll
+ 2002-10-10 02:53 . 2002-10-10 02:53   82944 c:\windows\system32\LFSHP13N.DLL
+ 2002-10-21 19:05 . 2002-10-21 19:05   20480 c:\windows\system32\LFSGI13N.DLL
+ 2002-10-21 19:37 . 2002-10-21 19:37   58368 c:\windows\system32\LFSCT13N.DLL
+ 2002-10-21 19:06 . 2002-10-21 19:06   17920 c:\windows\system32\lfRaw13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05   20480 c:\windows\system32\LFRAS13N.DLL
+ 2002-10-21 19:38 . 2002-10-21 19:38   69632 c:\windows\system32\LFPTK13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05   55296 c:\windows\system32\LFPSD13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   31232 c:\windows\system32\LFPNM13n.dll
+ 2002-10-21 19:04 . 2002-10-21 19:04   26112 c:\windows\system32\LFPCX13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04   65536 c:\windows\system32\Lfpct13n.dll
+ 2002-10-24 21:11 . 2002-10-24 21:11   19968 c:\windows\system32\LFPCD13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04   18944 c:\windows\system32\LFMSP13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04   18944 c:\windows\system32\LFMAC13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04   31744 c:\windows\system32\LFLMB13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   29184 c:\windows\system32\LFLMA13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   90112 c:\windows\system32\LFJBG13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   19968 c:\windows\system32\LFITG13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   20992 c:\windows\system32\LFIMG13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   27136 c:\windows\system32\LFIFF13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   48128 c:\windows\system32\LFICA13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   35328 c:\windows\system32\LFGIF13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   84480 c:\windows\system32\LFFPX13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   38400 c:\windows\system32\LFFLC13N.DLL
+ 2002-10-22 16:51 . 2002-10-22 16:51   73216 c:\windows\system32\LFFAX13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03   37888 c:\windows\system32\LFEPS13N.DLL
+ 2002-10-21 19:32 . 2002-10-21 19:32   94208 c:\windows\system32\LFDRW13N.DLL
+ 2002-10-21 19:32 . 2002-10-21 19:32   79872 c:\windows\system32\Lfdgn13n.dll
+ 2002-10-24 21:11 . 2002-10-24 21:11   21504 c:\windows\system32\lfCUT13n.dll
+ 2002-07-23 20:37 . 2002-07-23 20:37   90112 c:\windows\system32\Lfcmx13n.dll
+ 2002-10-21 19:03 . 2002-10-21 19:03   31744 c:\windows\system32\LFCLP13N.DLL
+ 2002-10-21 19:31 . 2002-10-21 19:31   90624 c:\windows\system32\Lfcgm13n.dll
+ 2002-10-21 19:02 . 2002-10-21 19:02   35840 c:\windows\system32\LFCAL13N.DLL
+ 2002-10-21 19:02 . 2002-10-21 19:02   30208 c:\windows\system32\LFBMP13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   23040 c:\windows\system32\LFAWD13N.DLL
+ 2002-10-21 19:02 . 2002-10-21 19:02   18944 c:\windows\system32\LFAVI13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11   25600 c:\windows\system32\LFANI13N.DLL
+ 2002-06-28 21:02 . 2002-06-28 21:02   91136 c:\windows\system32\LFACS13N.DLL
- 2008-04-14 12:00 . 2011-04-25 16:11   25600 c:\windows\system32\jsproxy.dll
+ 2008-04-14 12:00 . 2012-05-11 14:42   25600 c:\windows\system32\jsproxy.dll
+ 1999-10-28 22:49 . 1999-10-28 22:49   26384 c:\windows\system32\FM20ENU.DLL
+ 1999-02-16 19:38 . 1999-02-16 19:38   38912 c:\windows\system32\EXSEC32.DLL
+ 2011-10-19 22:20 . 2010-10-20 14:04   12616 c:\windows\system32\DRVSTORE\sy11ser2_C8055990E74A8336FB891A1C51483808C1A377B4\i386\sy11cmnt.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04   14920 c:\windows\system32\DRVSTORE\sy11nmea2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11mdfl.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04   12616 c:\windows\system32\DRVSTORE\sy11nmea2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11cmnt.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04   14920 c:\windows\system32\DRVSTORE\sy11mdm2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11mdfl.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04   12616 c:\windows\system32\DRVSTORE\sy11mdm2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11cmnt.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04   12488 c:\windows\system32\DRVSTORE\sy11bus_3B750B8957F0495C30C6A1637C4365210D2F7D96\i386\sy11whnt.sys
+ 2011-10-19 22:20 . 2009-11-25 15:06   28032 c:\windows\system32\DRVSTORE\sustucau_DFCD71BD0A5B77107C2A164AECAF8B184C1DAC23\x32\sustucau.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06   28032 c:\windows\system32\DRVSTORE\sustucau_C9E6DF1C8048DC72D36CCAEEE3BACCDB441567F5\x32\sustucau.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06   47360 c:\windows\system32\DRVSTORE\sustucap_C0F16DE8BAD19A3D9B57336A0A69209EB10E7CCF\x32\sustucap.sys
+ 2011-10-19 22:20 . 2009-11-25 15:06   47360 c:\windows\system32\DRVSTORE\sustucap_1EDD86B8B9BFED1A6DCE1575A58CC70E11B53813\x32\sustucap.sys
+ 2011-10-19 22:20 . 2009-11-25 15:06   47360 c:\windows\system32\DRVSTORE\sustucam_F6944BDF91F4A423970BB44E6B3D50807D2E59C4\x32\sustucam.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06   47360 c:\windows\system32\DRVSTORE\sustucam_1FF22367248D356C8388AA6F6326380ACFFB8B76\x32\sustucam.sys
+ 2011-10-17 01:33 . 2007-03-20 07:33   28672 c:\windows\system32\DRVSTORE\susidn_183D6B8EF1D89794BD9426AEDC366357BC9AD747\libusb0.sys
+ 2011-10-17 01:33 . 2007-03-20 07:33   43520 c:\windows\system32\DRVSTORE\susidn_183D6B8EF1D89794BD9426AEDC366357BC9AD747\libusb0.dll
+ 2011-10-17 01:33 . 2009-06-30 21:47   25728 c:\windows\system32\DRVSTORE\susandroid_FC9F522E221128D699F3791DC5748637249EF286\androidusb.sys
+ 2011-10-19 22:20 . 2009-06-30 21:47   25728 c:\windows\system32\DRVSTORE\susandroid_33DEEEA9E288DC4CD2A2FBA1153E97C5656C83CF\androidusb.sys
+ 2011-10-17 01:33 . 2007-11-20 23:35   49792 c:\windows\system32\DRVSTORE\sus2pl_83E3644ECEC403037D5191175417DD7D9F6E0A41\sus2pl.sys
+ 2011-10-19 22:20 . 2011-08-25 01:43   77624 c:\windows\system32\DRVSTORE\ssudbus_480379E0B82376A51FBA49F20A6552067343B7C5\i386\ssudbus.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12   12424 c:\windows\system32\DRVSTORE\ssm_ser2_B621C3240C85E19C4E244497B86AA9D67533C4DC\i386\ssm_cmnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12   15112 c:\windows\system32\DRVSTORE\ssm_mdm2_B621C3240C85E19C4E244497B86AA9D67533C4DC\i386\ssm_mdfl.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12   12424 c:\windows\system32\DRVSTORE\ssm_mdm2_B621C3240C85E19C4E244497B86AA9D67533C4DC\i386\ssm_cmnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12   12424 c:\windows\system32\DRVSTORE\ssm_bus_EE9DFA265F838793D1C273D5545AB1C0C5AC6695\i386\ssm_whnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12   83592 c:\windows\system32\DRVSTORE\ssm_bus_EE9DFA265F838793D1C273D5545AB1C0C5AC6695\i386\ssm_bus.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   12160 c:\windows\system32\DRVSTORE\ssecunic_A24B1C89EAA29049770A027B837B79C454C2BE7F\i386\ssecwhnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   10624 c:\windows\system32\DRVSTORE\ssecunic_A24B1C89EAA29049770A027B837B79C454C2BE7F\i386\sseccrnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   12160 c:\windows\system32\DRVSTORE\ssecsdm2_6084F8D8AAAC4998F190285B0975591A9E522F47\i386\sseccmnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   12160 c:\windows\system32\DRVSTORE\ssecobx2_0E3C23A2AF7322625D7CB5A230D402C8D622EC9B\i386\sseccmnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   25856 c:\windows\system32\DRVSTORE\ssecndis_A24B1C89EAA29049770A027B837B79C454C2BE7F\i386\ssecnd5.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   14976 c:\windows\system32\DRVSTORE\ssecmdm2_E671AB05B6ECA67B0DD4FA29746FD625F717E338\i386\ssecmdfl.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   12160 c:\windows\system32\DRVSTORE\ssecmdm2_E671AB05B6ECA67B0DD4FA29746FD625F717E338\i386\sseccmnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   12160 c:\windows\system32\DRVSTORE\ssecbus_7E9D79E81F4A1719CED202B2FB04E7C48E5B8945\i386\ssecwhnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11   86528 c:\windows\system32\DRVSTORE\ssecbus_7E9D79E81F4A1719CED202B2FB04E7C48E5B8945\i386\ssecbus.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41   98688 c:\windows\system32\DRVSTORE\sscesdm2_BB82E7479D7E2F0C90BFE508B21515FFA2AFD8D8\i386\ssceserd.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41   12160 c:\windows\system32\DRVSTORE\sscesdm2_BB82E7479D7E2F0C90BFE508B21515FFA2AFD8D8\i386\sscecmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   12416 c:\windows\system32\DRVSTORE\sscesdm2_7AD4829229782EAD7A14A10BC5E01E956779886D\i386\sscecmnt.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41   14976 c:\windows\system32\DRVSTORE\sscemdm2_95625B00DD45C398488289AAB907DEB21FCFF6CE\i386\sscemdfl.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41   12160 c:\windows\system32\DRVSTORE\sscemdm2_95625B00DD45C398488289AAB907DEB21FCFF6CE\i386\sscecmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   14848 c:\windows\system32\DRVSTORE\sscemdm2_34771A624205C079100D51ABFD3F0EFDC377F971\i386\sscemdfl.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   12416 c:\windows\system32\DRVSTORE\sscemdm2_34771A624205C079100D51ABFD3F0EFDC377F971\i386\sscecmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   12288 c:\windows\system32\DRVSTORE\sscebus_659A3532090130C12253E064E99D5D4049A341E9\i386\sscewhnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   98560 c:\windows\system32\DRVSTORE\sscebus_659A3532090130C12253E064E99D5D4049A341E9\i386\sscebus.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41   12160 c:\windows\system32\DRVSTORE\sscebus_0199D7263C408755807E65867454841681E758C8\i386\sscewhnt.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41   90240 c:\windows\system32\DRVSTORE\sscebus_0199D7263C408755807E65867454841681E758C8\i386\sscebus.sys
+ 2011-10-17 01:33 . 2007-07-03 20:57   11944 c:\windows\system32\DRVSTORE\sscdw2k_1884E0BBC3477068D88D04D6EA7B69C88AE93B94\i386\sscdmdfl.sys
+ 2011-10-17 01:33 . 2007-07-03 20:59   86824 c:\windows\system32\DRVSTORE\sscdsdm2_1E0DD9732FD56E67D2D50B616A3C7C3CC5B8965E\i386\sscdserd.sys
+ 2011-10-17 01:33 . 2007-07-03 20:54   80552 c:\windows\system32\DRVSTORE\sscdbus_E3A7A7036AB81E14A21B18864187D06666BE1000\i386\sscdbus.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15   10472 c:\windows\system32\DRVSTORE\ssadsdm2_CB0D6A64C81E723D813A6F2A9668D95F91F371C0\i386\ssadcmnt.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40   14976 c:\windows\system32\DRVSTORE\ssadmdm2_BB9A889FDC3B66435A9ABCEF20FAFE1691169A32\i386\ssadmdfl.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40   12160 c:\windows\system32\DRVSTORE\ssadmdm2_BB9A889FDC3B66435A9ABCEF20FAFE1691169A32\i386\ssadcmnt.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15   12776 c:\windows\system32\DRVSTORE\ssadmdm2_3B9F84FDB4850DC91A3CAFF448723EA532732F1F\i386\ssadmdfl.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15   10472 c:\windows\system32\DRVSTORE\ssadmdm2_3B9F84FDB4850DC91A3CAFF448723EA532732F1F\i386\ssadcmnt.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40   12160 c:\windows\system32\DRVSTORE\ssadbus_ECD95F04F506242D65A2FBE013D1EFC237EA84E5\i386\ssadwhnt.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40   90240 c:\windows\system32\DRVSTORE\ssadbus_ECD95F04F506242D65A2FBE013D1EFC237EA84E5\i386\ssadbus.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15   10344 c:\windows\system32\DRVSTORE\ssadbus_2112C6E16CA9C1DAD7D12BFCA60FCA72A02EBB81\i386\ssadwhnt.sys
+ 2011-10-17 01:33 . 2009-09-04 16:12   30240 c:\windows\system32\DRVSTORE\ssadadb2_9F2CD3CCE7A87CC3E75FD9556977CF2EF6DC40AD\i386\ssadadb.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15   30312 c:\windows\system32\DRVSTORE\ssadadb2_6FBFB7BD831F97C0C49FFC637EF8E261B1BD5DBD\i386\ssadadb.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11   15112 c:\windows\system32\DRVSTORE\ss_mdm2_216D7BF32263B1148A5B933A3315794CD0A5873E\i386\ss_mdfl.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11   12424 c:\windows\system32\DRVSTORE\ss_mdm2_216D7BF32263B1148A5B933A3315794CD0A5873E\i386\ss_cmnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11   12424 c:\windows\system32\DRVSTORE\ss_bus_A0C703FB8469957D809DD9D797EA905CBA4B0AE3\i386\ss_whnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11   83592 c:\windows\system32\DRVSTORE\ss_bus_A0C703FB8469957D809DD9D797EA905CBA4B0AE3\i386\ss_bus.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01   98560 c:\windows\system32\DRVSTORE\ss_bsdm2_1A96E7D9912D595BE4A69BD8225CE5C1BE7B01F9\i386\ss_bserd.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01   12160 c:\windows\system32\DRVSTORE\ss_bsdm2_1A96E7D9912D595BE4A69BD8225CE5C1BE7B01F9\i386\ss_bcmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   12416 c:\windows\system32\DRVSTORE\ss_bsdm2_10B17303D78CD94FDDF50F961E3454D4DD5E1A7A\i386\ss_bcmnt.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01   14976 c:\windows\system32\DRVSTORE\ss_bmdm2_6FA434819A60DA857A32001FF758385CD6AE326D\i386\ss_bmdfl.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01   12160 c:\windows\system32\DRVSTORE\ss_bmdm2_6FA434819A60DA857A32001FF758385CD6AE326D\i386\ss_bcmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   14848 c:\windows\system32\DRVSTORE\ss_bmdm2_25CD552B0C6354F58CE1CF1AC1C75967943356E3\i386\ss_bmdfl.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   12416 c:\windows\system32\DRVSTORE\ss_bmdm2_25CD552B0C6354F58CE1CF1AC1C75967943356E3\i386\ss_bcmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   12288 c:\windows\system32\DRVSTORE\ss_bbus_12BC85144F8D71EFF2F5EFF4FD945E30B2447D45\i386\ss_bwhnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55   98432 c:\windows\system32\DRVSTORE\ss_bbus_12BC85144F8D71EFF2F5EFF4FD945E30B2447D45\i386\ss_bbus.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01   12160 c:\windows\system32\DRVSTORE\ss_bbus_104629A5B566D618A5FF3E6A22926FFCF4AD511E\i386\ss_bwhnt.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01   90112 c:\windows\system32\DRVSTORE\ss_bbus_104629A5B566D618A5FF3E6A22926FFCF4AD511E\i386\ss_bbus.sys
+ 2011-10-17 01:33 . 2009-12-24 05:00   25728 c:\windows\system32\DRVSTORE\smhwadb_EE9BB6D5D9C21037CF057BBECBF62CEC8189405D\smhwadb.sys
+ 2011-10-17 01:33 . 2005-07-25 14:04   48640 c:\windows\system32\DRVSTORE\ser2pl_7E6CB372993C5A68E0D6B1FAF1BD37119C1AB0C1\ser2pl.sys
+ 2011-10-17 01:33 . 2009-12-15 03:30   55056 c:\windows\system32\DRVSTORE\ptqhbus_DF19F5DE0112DD08FC27D2DC1E6913B846827DA8\i386\PTQHBUS.sys
+ 2011-10-19 22:20 . 2010-10-13 05:23   58128 c:\windows\system32\DRVSTORE\psmnbus_787B03E3473C86BBDA1EB6175DE3CDA64682B398\i386\PSMNBUS.sys
+ 2011-10-19 22:20 . 2009-07-10 17:01   25856 c:\windows\system32\DRVSTORE\motoandroi_DEB26C1D504C5061D2F03F61E789E25BBF45D268\motoandroid.sys
+ 2011-10-17 01:33 . 2009-07-10 17:01   25856 c:\windows\system32\DRVSTORE\motoandroi_281A0D1CF14FCFFB1B61021B981311BFDC53E1D2\motoandroid.sys
+ 2011-10-19 22:20 . 2011-02-18 03:37   25984 c:\windows\system32\DRVSTORE\lgvzandnet_B94A47D2A0B8519069621028736D8B5E3158BB98\lgvzandnetadb.sys
+ 2011-10-19 22:20 . 2011-02-18 03:34   23296 c:\windows\system32\DRVSTORE\lgvzandnet_5FD88285C4761F821D84D10B0269DD56226E2811\lgvzandnetdiag.sys
+ 2011-10-19 22:20 . 2010-07-21 09:29   25856 c:\windows\system32\DRVSTORE\lgandnetad_828CC4E848AA2E5AB725EC954380613DA3C3BD0E\lgandnetadb.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52   24960 c:\windows\system32\DRVSTORE\lgandmodem_EACE95D5500F7BB1470F9966CA72CB0182E42591\lgandmodem.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52   19968 c:\windows\system32\DRVSTORE\lgandgps_EACE95D5500F7BB1470F9966CA72CB0182E42591\lgandgps.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52   20864 c:\windows\system32\DRVSTORE\lganddiag_EACE95D5500F7BB1470F9966CA72CB0182E42591\lganddiag.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52   14336 c:\windows\system32\DRVSTORE\lgandbus_EACE95D5500F7BB1470F9966CA72CB0182E42591\lgandbus.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52   25728 c:\windows\system32\DRVSTORE\lgandadb_894C09737C7AC28B0F57FE45236D047AA1696840\lgandadb.sys
+ 2011-10-17 01:33 . 2008-03-13 18:52   51528 c:\windows\system32\DRVSTORE\ftdiport_7C3FFC3E04092913979D7E6D761354E5BA36EC6C\i386\ftserui2.dll
+ 2011-10-17 01:33 . 2008-03-13 18:50   72000 c:\windows\system32\DRVSTORE\ftdiport_7C3FFC3E04092913979D7E6D761354E5BA36EC6C\i386\ftser2k.sys
+ 2011-10-17 01:33 . 2008-03-13 18:52   54088 c:\windows\system32\DRVSTORE\ftdiport_7C3FFC3E04092913979D7E6D761354E5BA36EC6C\i386\ftcserco.dll
+ 2011-10-17 01:33 . 2008-03-13 18:51   57536 c:\windows\system32\DRVSTORE\ftdibus_9E256B7D98A828C5E32AA2A56664AF336E092846\i386\ftdibus.sys
+ 2012-03-06 22:52 . 2007-08-31 19:14   38656 c:\windows\system32\DRVSTORE\embda_754491038463AF55DC013DBF40581C2B1BFEE429\emOEM.sys
+ 2012-03-06 22:52 . 2006-12-15 21:54   61440 c:\windows\system32\DRVSTORE\embda_754491038463AF55DC013DBF40581C2B1BFEE429\emMON.exe
+ 2012-03-06 22:52 . 2007-08-31 19:15   24448 c:\windows\system32\DRVSTORE\emaudio_754491038463AF55DC013DBF40581C2B1BFEE429\emAudio.sys
+ 2011-10-19 22:20 . 2010-08-27 00:40   57672 c:\windows\system32\DRVSTORE\c771bus_E1FC5BC5187A501E8DCF9CA386B28E99E3607840\i386\C771BUS.sys
+ 2011-10-19 22:21 . 2010-03-30 16:31   25728 c:\windows\system32\DRVSTORE\android_us_A65B3A0A9A75EAE67D1FF8F0010750EB9A19D1E3\fxxandroidusb.sys
+ 2011-10-17 01:33 . 2009-11-04 14:54   24576 c:\windows\system32\DRVSTORE\android_us_829DB379FCCB62629A656828AF4B687423D00255\androidusb.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06   28032 c:\windows\system32\drivers\sustucau.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06   47360 c:\windows\system32\drivers\sustucap.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06   47360 c:\windows\system32\drivers\sustucam.sys
+ 2008-04-14 00:15 . 2008-04-14 05:15   49408 c:\windows\system32\drivers\stream.sys
- 2008-04-14 00:15 . 2008-04-14 04:15   49408 c:\windows\system32\drivers\stream.sys
+ 2008-04-14 12:00 . 2011-07-08 14:02   10496 c:\windows\system32\drivers\ndistapi.sys
+ 2008-01-14 10:06 . 2011-09-29 07:04   21632 c:\windows\system32\drivers\ManyCam.sys
+ 2009-09-23 14:41 . 2009-03-18 20:35   26176 c:\windows\system32\drivers\hamachi.sys
- 2009-09-23 14:41 . 2009-03-18 21:35   26176 c:\windows\system32\drivers\hamachi.sys
+ 2008-07-29 19:09 . 2008-07-29 19:09   39424 c:\windows\system32\drivers\fantom.sys
+ 2010-01-13 04:10 . 2010-02-11 04:19   53248 c:\windows\system32\drivers\ati2erec.dll
+ 2012-04-11 19:31 . 2012-03-06 23:01   53848 c:\windows\system32\drivers\aswTdi.sys
+ 2012-04-11 19:31 . 2012-03-06 23:02   35672 c:\windows\system32\drivers\aswRdr.sys
+ 2012-04-11 19:31 . 2012-03-06 23:01   95704 c:\windows\system32\drivers\aswmon2.sys
+ 2012-04-11 19:31 . 2012-03-06 23:01   89048 c:\windows\system32\drivers\aswmon.sys
+ 2012-04-11 19:31 . 2012-03-06 23:01   20696 c:\windows\system32\drivers\aswFsBlk.sys
+ 2012-04-11 19:31 . 2012-03-06 22:58   24920 c:\windows\system32\drivers\aavmker4.sys
- 2010-01-14 02:09 . 2011-04-25 16:11   12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-01-14 02:09 . 2012-05-11 14:42   12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-01-13 03:03 . 2012-06-02 19:19   35864 c:\windows\system32\dllcache\wups.dll
+ 2010-01-13 03:03 . 2012-06-02 19:19   53784 c:\windows\system32\dllcache\wuauclt.exe
+ 2010-01-12 03:54 . 2008-04-14 10:42   53760 c:\windows\system32\dllcache\vfwwdm32.dll
- 2010-01-12 03:54 . 2008-04-14 09:42   53760 c:\windows\system32\dllcache\vfwwdm32.dll
+ 2008-04-14 00:15 . 2008-04-14 05:15   49408 c:\windows\system32\dllcache\stream.sys
- 2008-04-14 00:15 . 2008-04-14 04:15   49408 c:\windows\system32\dllcache\stream.sys
+ 2008-04-14 12:00 . 2011-11-18 12:35   60416 c:\windows\system32\dllcache\packager.exe
+ 2008-04-14 12:00 . 2011-09-26 15:41   20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2008-04-14 12:00 . 2011-07-08 14:02   10496 c:\windows\system32\dllcache\ndistapi.sys
+ 2008-04-14 12:00 . 2012-05-11 14:42   67072 c:\windows\system32\dllcache\mshtmled.dll
+ 2010-01-14 02:09 . 2012-05-11 14:42   55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2010-01-14 02:09 . 2011-04-25 16:11   55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-04-14 12:00 . 2008-04-14 12:00   23040 c:\windows\system32\dllcache\mciseq.dll
+ 2008-04-14 12:00 . 2011-10-14 14:47   23040 c:\windows\system32\dllcache\mciseq.dll
+ 2008-04-14 12:00 . 2012-05-11 14:42   43520 c:\windows\system32\dllcache\licmgr10.dll
- 2008-04-14 12:00 . 2011-04-25 16:11   43520 c:\windows\system32\dllcache\licmgr10.dll
- 2008-04-14 12:00 . 2011-04-25 16:11   25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-14 12:00 . 2012-05-11 14:42   25600 c:\windows\system32\dllcache\jsproxy.dll
- 2008-04-14 12:00 . 2011-04-26 11:07   33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2008-04-14 12:00 . 2011-10-28 05:31   33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2008-04-14 12:00 . 2012-06-02 19:19   97304 c:\windows\system32\dllcache\cdm.dll
+ 2008-04-14 12:00 . 2011-10-28 05:31   33280 c:\windows\system32\csrsrv.dll
- 2008-04-14 12:00 . 2011-04-26 11:07   33280 c:\windows\system32\csrsrv.dll
- 2010-01-13 03:08 . 2011-09-29 01:48   32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-13 03:08 . 2012-03-20 05:57   32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-13 03:08 . 2012-03-20 05:57   32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2010-01-13 03:08 . 2011-09-29 01:48   32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-12-01 11:53 . 2012-03-20 05:57   16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2010-01-13 03:08 . 2011-09-29 01:48   16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2012-01-04 04:35 . 2010-10-24 05:56   49664 c:\windows\system32\CamCodec.dll
+ 2011-09-19 07:07 . 2011-09-19 07:07   58368 c:\windows\system32\bdmpegv.dll
+ 2011-09-19 07:07 . 2011-09-19 07:07   15360 c:\windows\system32\bdmjpeg.dll
+ 2005-10-29 04:49 . 2005-10-29 04:49   25600 c:\windows\system32\bcsprsrc.dll
+ 2005-10-28 21:40 . 2005-10-28 21:40   96792 c:\windows\system32\basecsp.dll
- 2010-01-13 04:10 . 2001-11-09 15:01   24064 c:\windows\system32\ativcoxx.dll
+ 2010-01-13 04:10 . 2001-11-09 16:01   24064 c:\windows\system32\ativcoxx.dll
+ 2010-01-13 04:10 . 2010-02-11 03:53   17408 c:\windows\system32\atitvo32.dll
- 2010-01-13 04:10 . 2005-04-15 01:45   17408 c:\windows\system32\atitvo32.dll
+ 2010-01-13 04:10 . 2010-02-11 04:32   53248 c:\windows\system32\ATIDDC.DLL
- 2010-01-13 04:10 . 2005-04-15 02:09   53248 c:\windows\system32\ATIDDC.DLL
+ 2010-02-11 04:23 . 2010-02-11 04:23   45056 c:\windows\system32\aticalrt.dll
+ 2010-02-11 04:22 . 2010-02-11 04:22   45056 c:\windows\system32\aticalcl.dll
+ 2010-01-13 04:10 . 2010-02-11 04:35   26112 c:\windows\system32\Ati2mdxx.exe
+ 2010-01-13 04:10 . 2010-02-11 04:35   43520 c:\windows\system32\ati2edxx.dll
+ 2012-01-11 20:59 . 2012-01-11 20:59   12920 c:\windows\system32\apl001.sys
+ 2012-01-11 20:59 . 2012-01-11 20:59   10872 c:\windows\system32\apf001.sys
+ 2010-02-11 03:59 . 2010-02-11 03:59   49664 c:\windows\system32\amdpcom32.dll
+ 2010-03-21 23:47 . 2012-05-29 19:33   87952 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
+ 2012-04-26 13:05 . 2012-04-26 13:05   86016 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2012-04-26 12:50 . 2012-04-26 12:50   73408 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2012-04-26 12:50 . 2012-04-26 12:50   64512 c:\windows\system32\Adobe\Shockwave 11\gcapi_dll.dll
+ 2012-04-26 13:06 . 2012-04-26 13:06   12800 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2011-12-26 08:54 . 2011-12-26 08:54   15120 c:\windows\Microsoft.NET\Framework\v4.0.30319\webengine.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08   57616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2011-12-26 08:54 . 2011-12-26 08:54   33552 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe
+ 2011-12-25 08:49 . 2011-12-25 08:49   31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2012-01-11 08:05 . 2012-01-11 08:05   97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
- 2011-01-10 08:08 . 2011-01-10 08:08   97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
- 2011-06-18 08:01 . 2011-06-18 08:01   87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16   87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2011-06-18 08:01 . 2011-06-18 08:01   93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16   93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16   35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2011-06-18 08:01 . 2011-06-18 08:01   35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2011-01-10 08:08 . 2011-01-10 08:08   29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
+ 2012-01-11 08:05 . 2012-01-11 08:05   29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
- 2011-06-18 08:01 . 2011-06-18 08:01   17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16   17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2011-06-18 08:01 . 2011-06-18 08:01   58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16   58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04   70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
- 2011-01-10 08:08 . 2011-01-10 08:08   70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
- 2011-01-10 08:08 . 2011-01-10 08:08   24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04   24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
- 2011-01-10 08:08 . 2011-01-10 08:08   81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04   81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04   33144 c:\windows\

SuperDave · « **Reply #9 on:** July 26, 2012, 07:17:39 PM »

Ok. I guess that will have to do. Are you still getting redirected?

SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

http://sites.google.com/site/sysprotantirootkit/

Unzip it into a folder on your desktop.

Double click Sysprot.exe to start the program.
Click on the Log tab.
In the Write to log box select the following items.

Process << Selected
Kernel Modules << Selected
SSDT << Selected
Kernel Hooks << Selected
IRP Hooks << NOT Selected
Ports << NOT Selected
Hidden Files << Selected

At the bottom of the page

Hidden Objects Only << Selected

Click on the Create Log button on the bottom right.
After a few seconds a new window should appear.
Select Scan Root Drive. Click on the Start button.
When it is complete a new window will appear to indicate that the scan is finished.
The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

AlecNeedsHelp · « **Reply #10 on:** July 26, 2012, 07:24:58 PM »

Lol here you go.

ComboFix
http://pastebin.com/UzJptFLa

SysProt
http://pastebin.com/bA9CrPh9

After the combofix, I stopped getting redirected for a few minutes, but now it's still redirecting me.

I think I can now download DDS if you would still like me to run it on my computer.

I've read up on the virus. Apparently the virus is trying to make me visit these pages that have advertisements on them to give the hacker money. There's a chain of websites ranging from ninjaa.info, nohair.info, marcity.info ishaker.info and stuff like that.

Those picture are of messages I get from avast when I'm not even clicking on the googled sites.

SuperDave · « **Reply #11 on:** July 27, 2012, 04:18:44 PM »

Re-running ComboFix to remove infections:

Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Open notepad and copy/paste the text in the quotebox below into it:
Quote
KillAll::

Firefox::
2797.Trusted Zone: clonewarsadventures.com
2798.Trusted Zone: freerealms.com
2799.Trusted Zone: soe.com
2800.Trusted Zone: sony.com

DDS::

2797.Trusted Zone: clonewarsadventures.com
2798.Trusted Zone: freerealms.com
2799.Trusted Zone: soe.com
2800.Trusted Zone: sony.com
Save this as CFScript.txt, in the same location as ComboFix.exe
Referring to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at C:\ComboFix.txt
I don't need to see the log from this action.

*************************************************************
Please download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

On completion of the scan click save log, save it to your desktop and post in your next reply

AlecNeedsHelp · « **Reply #12 on:** July 27, 2012, 11:44:17 PM »

I re-ran combofix with the text file.

Heres the aswMBR log.

http://pastebin.com/N41RrYk8

Just some additional information, it may or may not help you, but the virus seems to be trying to redirect me to more different sites randomly. Seems like it's getting more aggressive, but idk.

SuperDave · « **Reply #13 on:** July 28, 2012, 04:40:58 PM »

Please don't upload the logs to another site unless the log is too large. It takes time to go search for the log. Just copy and paste in your reply.

Save these instructions so you can have access to them while in Safe Mode.

Please click here to download AVP Tool by Kaspersky.

Save it to your desktop.
Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
Double click the setup file to run it.
Click Next to continue.
Accept the License agreement and click on next.
It will, by default, install it to your desktop folder. Click Next.
It will then open a box There will be a tab that says Automatic scan.
Under Automatic scan make sure these are checked.
Hidden Startup Objects
System Memory
Disk Boot Sectors.
My Computer.
Also any other drives (Removable that you may have)

Leave the rest of the settings as they appear as default.
•Then click on Scan at the to right hand Corner.
•It will automatically Neutralize any objects found.
•If some objects are left un-neutralized then click the button that says Neutralize all
•If it says it cannot be neutralized then choose the delete option when prompted.
•After that is done click on the reports button at the bottom and save it to file name it Kas.
•Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

Note: This tool will self uninstall when you close it so please save the log before closing it.
***********************************************************

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
Click the Report button and copy/paste the contents of it into your next reply

Note:It will also create a log in the C:\ directory..

AlecNeedsHelp · « **Reply #14 on:** July 31, 2012, 10:48:14 PM »

Ran the first file in safe mode, found nothing.

Ran the second file in normal mode, and found one thing, but I'm not sure if avast interfered with the "curing" process. I've attached a picture that may give you information on why avast may have interfered, but I'm not sure.

Here's the log.

00:31:49.0470 1616   TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
00:31:49.0798 1616   ============================================================
00:31:49.0798 1616   Current date / time: 2012/08/01 00:31:49.0798
00:31:49.0798 1616   SystemInfo:
00:31:49.0798 1616
00:31:49.0798 1616   OS Version: 5.1.2600 ServicePack: 3.0
00:31:49.0798 1616   Product type: Workstation
00:31:49.0798 1616   ComputerName: HARRIS-CB400F59
00:31:49.0798 1616   UserName: Harris Family
00:31:49.0798 1616   Windows directory: C:\WINDOWS
00:31:49.0798 1616   System windows directory: C:\WINDOWS
00:31:49.0798 1616   Processor architecture: Intel x86
00:31:49.0798 1616   Number of processors: 2
00:31:49.0798 1616   Page size: 0x1000
00:31:49.0798 1616   Boot type: Normal boot
00:31:49.0798 1616   ============================================================
00:31:52.0220 1616   Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
00:31:52.0220 1616   ============================================================
00:31:52.0220 1616   \Device\Harddisk0\DR0:
00:31:52.0220 1616   MBR partitions:
00:31:52.0220 1616   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x8D41F04
00:31:52.0220 1616   ============================================================
00:31:53.0016 1616   C: <-> \Device\Harddisk0\DR0\Partition0
00:31:53.0016 1616   ============================================================
00:31:53.0016 1616   Initialize success
00:31:53.0016 1616   ============================================================
00:32:00.0923 5072   ============================================================
00:32:00.0923 5072   Scan started
00:32:00.0923 5072   Mode: Manual;
00:32:00.0923 5072   ============================================================
00:32:01.0251 5072   !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
00:32:01.0251 5072   !SASCORE - ok
00:32:01.0360 5072   Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
00:32:01.0376 5072   Aavmker4 - ok
00:32:01.0376 5072   Abiosdsk - ok
00:32:01.0376 5072   abp480n5 - ok
00:32:01.0438 5072   ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:32:01.0438 5072   ACPI - ok
00:32:01.0470 5072   ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
00:32:01.0470 5072   ACPIEC - ok
00:32:01.0532 5072   AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:32:01.0532 5072   AdobeFlashPlayerUpdateSvc - ok
00:32:01.0532 5072   adpu160m - ok
00:32:01.0657 5072   AdvancedSystemCareService5 (e410da575ff48d976b41670c6d262a82) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
00:32:01.0673 5072   AdvancedSystemCareService5 - ok
00:32:01.0720 5072   aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
00:32:01.0720 5072   aec - ok
00:32:01.0751 5072   AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
00:32:01.0751 5072   AFD - ok
00:32:01.0766 5072   Aha154x - ok
00:32:01.0766 5072   aic78u2 - ok
00:32:01.0782 5072   aic78xx - ok
00:32:02.0032 5072   Akamai (29584f02a43e427c4227e3b1d9ff1b22) c:\program files\common files\akamai/netsession_win_4f7fccd.dll
00:32:02.0032 5072   Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22
00:32:02.0048 5072   Akamai ( HiddenFile.Multi.Generic ) - warning
00:32:02.0048 5072   Akamai - detected HiddenFile.Multi.Generic (1)
00:32:02.0126 5072   Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
00:32:02.0126 5072   Alerter - ok
00:32:02.0157 5072   ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
00:32:02.0157 5072   ALG - ok
00:32:02.0173 5072   AliIde - ok
00:32:02.0173 5072   amsint - ok
00:32:02.0188 5072   apf001 - ok
00:32:02.0282 5072   Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:32:02.0282 5072   Apple Mobile Device - ok
00:32:02.0313 5072   AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
00:32:02.0313 5072   AppMgmt - ok
00:32:02.0313 5072   asc - ok
00:32:02.0329 5072   asc3350p - ok
00:32:02.0329 5072   asc3550 - ok
00:32:02.0438 5072   aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:32:02.0454 5072   aspnet_state - ok
00:32:02.0501 5072   aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
00:32:02.0501 5072   aswFsBlk - ok
00:32:02.0501 5072   aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
00:32:02.0501 5072   aswMon2 - ok
00:32:02.0532 5072   AswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\AswRdr.sys
00:32:02.0548 5072   AswRdr - ok
00:32:02.0595 5072   aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
00:32:02.0595 5072   aswSnx - ok
00:32:02.0626 5072   aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
00:32:02.0626 5072   aswSP - ok
00:32:02.0641 5072   aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
00:32:02.0641 5072   aswTdi - ok
00:32:02.0688 5072   AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:32:02.0688 5072   AsyncMac - ok
00:32:02.0688 5072   atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
00:32:02.0704 5072   atapi - ok
00:32:02.0704 5072   Atdisk - ok
00:32:02.0766 5072   Ati HotKey Poller (471087b5e1e01cc82604e81ea14781d8) C:\WINDOWS\system32\Ati2evxx.exe
00:32:02.0782 5072   Ati HotKey Poller - ok
00:32:02.0829 5072   ATI Smart (b979ba0120b6db757196a8e2e873fe3c) C:\WINDOWS\system32\ati2sgag.exe
00:32:02.0845 5072   ATI Smart - ok
00:32:03.0032 5072   ati2mtag (c0b86ecb324e50f6bbd529f9d5c6b24b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
00:32:03.0079 5072   ati2mtag - ok
00:32:03.0188 5072   Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:32:03.0188 5072   Atmarpc - ok
00:32:03.0235 5072   AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
00:32:03.0251 5072   AudioSrv - ok
00:32:03.0266 5072   audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
00:32:03.0266 5072   audstub - ok
00:32:03.0345 5072   avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:32:03.0345 5072   avast! Antivirus - ok
00:32:03.0391 5072   Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
00:32:03.0391 5072   Beep - ok
00:32:03.0438 5072   BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
00:32:03.0548 5072   BITS - ok
00:32:03.0626 5072   Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
00:32:03.0641 5072   Bonjour Service - ok
00:32:03.0673 5072   Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
00:32:03.0688 5072   Browser - ok
00:32:03.0688 5072   catchme - ok
00:32:03.0720 5072   cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
00:32:03.0720 5072   cbidf2k - ok
00:32:03.0766 5072   CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:32:03.0766 5072   CCDECODE - ok
00:32:03.0766 5072   cd20xrnt - ok
00:32:03.0813 5072   Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
00:32:03.0813 5072   Cdaudio - ok
00:32:03.0845 5072   Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
00:32:03.0845 5072   Cdfs - ok
00:32:03.0860 5072   Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:32:03.0860 5072   Cdrom - ok
00:32:03.0876 5072   cerc6 - ok
00:32:03.0876 5072   Changer - ok
00:32:03.0938 5072   CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
00:32:03.0938 5072   CiSvc - ok
00:32:03.0985 5072   ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
00:32:04.0001 5072   ClipSrv - ok
00:32:04.0079 5072   clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:32:04.0266 5072   clr_optimization_v2.0.50727_32 - ok
00:32:04.0329 5072   clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:32:04.0423 5072   clr_optimization_v4.0.30319_32 - ok
00:32:04.0438 5072   CmdIde - ok
00:32:04.0438 5072   COMSysApp - ok
00:32:04.0454 5072   Cpqarray - ok
00:32:04.0501 5072   CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
00:32:04.0501 5072   CryptSvc - ok
00:32:04.0501 5072   dac2w2k - ok
00:32:04.0516 5072   dac960nt - ok
00:32:04.0563 5072   DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
00:32:04.0579 5072   DcomLaunch - ok
00:32:04.0610 5072   Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
00:32:04.0610 5072   Dhcp - ok
00:32:04.0641 5072   Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
00:32:04.0657 5072   Disk - ok
00:32:04.0657 5072   dmadmin - ok
00:32:04.0704 5072   dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
00:32:04.0720 5072   dmboot - ok
00:32:04.0735 5072   dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
00:32:04.0735 5072   dmio - ok
00:32:04.0751 5072   dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
00:32:04.0751 5072   dmload - ok
00:32:04.0782 5072   dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
00:32:04.0782 5072   dmserver - ok
00:32:04.0813 5072   DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
00:32:04.0813 5072   DMusic - ok
00:32:04.0845 5072   Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
00:32:04.0860 5072   Dnscache - ok
00:32:04.0876 5072   Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
00:32:04.0891 5072   Dot3svc - ok
00:32:04.0891 5072   dpti2o - ok
00:32:04.0907 5072   drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
00:32:04.0923 5072   drmkaud - ok
00:32:04.0970 5072   E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys
00:32:04.0970 5072   E100B - ok
00:32:04.0970 5072   EagleNT - ok
00:32:04.0985 5072   EagleXNt - ok
00:32:05.0016 5072   EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
00:32:05.0016 5072   EapHost - ok
00:32:05.0032 5072   ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
00:32:05.0048 5072   ERSvc - ok
00:32:05.0079 5072   Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
00:32:05.0095 5072   Eventlog - ok
00:32:05.0141 5072   EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
00:32:05.0157 5072   EventSystem - ok
00:32:05.0188 5072   FANTOM (e3b0cd18146f9d51a34969e9bc2458d2) C:\WINDOWS\system32\DRIVERS\fantom.sys
00:32:05.0188 5072   FANTOM - ok
00:32:05.0220 5072   Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
00:32:05.0220 5072   Fastfat - ok
00:32:05.0251 5072   FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
00:32:05.0282 5072   FastUserSwitchingCompatibility - ok
00:32:05.0298 5072   Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
00:32:05.0298 5072   Fdc - ok
00:32:05.0345 5072   FilterService (b73ec688c29f81f9da0fcf63682b3ecb) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
00:32:05.0345 5072   FilterService - ok
00:32:05.0345 5072   Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
00:32:05.0345 5072   Fips - ok
00:32:05.0360 5072   Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
00:32:05.0360 5072   Flpydisk - ok
00:32:05.0391 5072   FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
00:32:05.0407 5072   FltMgr - ok
00:32:05.0516 5072   FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:32:05.0516 5072   FontCache3.0.0.0 - ok
00:32:05.0548 5072   Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:32:05.0563 5072   Fs_Rec - ok
00:32:05.0563 5072   Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:32:05.0579 5072   Ftdisk - ok
00:32:05.0626 5072   Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:32:05.0626 5072   Gpc - ok
00:32:05.0766 5072   gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
00:32:05.0766 5072   gupdate - ok
00:32:05.0782 5072   gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
00:32:05.0782 5072   gupdatem - ok
00:32:05.0860 5072   gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
00:32:05.0860 5072   gusvc - ok
00:32:05.0907 5072   hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
00:32:05.0907 5072   hamachi - ok
00:32:06.0032 5072   Hamachi2Svc (f31d7f8a7699575dbb3b3a3ab4aa6216) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
00:32:06.0048 5072   Hamachi2Svc - ok
00:32:06.0141 5072   HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:32:06.0141 5072   HDAudBus - ok
00:32:06.0220 5072   helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:32:06.0220 5072   helpsvc - ok
00:32:06.0251 5072   HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
00:32:06.0251 5072   HidServ - ok
00:32:06.0282 5072   hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:32:06.0282 5072   hidusb - ok
00:32:06.0313 5072   hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
00:32:06.0313 5072   hkmsvc - ok
00:32:06.0313 5072   hpn - ok
00:32:06.0360 5072   HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
00:32:06.0360 5072   HSFHWBS2 - ok
00:32:06.0407 5072   HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
00:32:06.0423 5072   HSF_DP - ok
00:32:06.0470 5072   HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
00:32:06.0470 5072   HTTP - ok
00:32:06.0516 5072   HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
00:32:06.0532 5072   HTTPFilter - ok
00:32:06.0532 5072   i2omgmt - ok
00:32:06.0548 5072   i2omp - ok
00:32:06.0563 5072   i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
00:32:06.0579 5072   i8042prt - ok
00:32:06.0766 5072   IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
00:32:06.0766 5072   IDriverT - ok
00:32:06.0923 5072   idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:32:06.0923 5072   idsvc - ok
00:32:06.0985 5072   Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
00:32:06.0985 5072   Imapi - ok
00:32:07.0032 5072   ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
00:32:07.0048 5072   ImapiService - ok
00:32:07.0048 5072   ini910u - ok
00:32:07.0063 5072   IntelIde - ok
00:32:07.0095 5072   intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:32:07.0095 5072   intelppm - ok
00:32:07.0126 5072   Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
00:32:07.0126 5072   Ip6Fw - ok
00:32:07.0157 5072   IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:32:07.0157 5072   IpFilterDriver - ok
00:32:07.0157 5072   IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:32:07.0157 5072   IpInIp - ok
00:32:07.0188 5072   IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:32:07.0188 5072   IpNat - ok
00:32:07.0282 5072   iPod Service (6e27978a4755f4789f912f5f49392f7c) C:\Program Files\iPod\bin\iPodService.exe
00:32:07.0282 5072   iPod Service - ok
00:32:07.0329 5072   IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:32:07.0329 5072   IPSec - ok
00:32:07.0360 5072   IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
00:32:07.0360 5072   IRENUM - ok
00:32:07.0391 5072   isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:32:07.0407 5072   isapnp - ok
00:32:07.0516 5072   JavaQuickStarterService (4f2143570d2250ca4c4a4c98553c82cd) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
00:32:07.0532 5072   JavaQuickStarterService - ok
00:32:07.0579 5072   Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:32:07.0579 5072   Kbdclass - ok
00:32:07.0595 5072   kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:32:07.0595 5072   kbdhid - ok
00:32:07.0626 5072   kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
00:32:07.0626 5072   kmixer - ok
00:32:07.0688 5072   KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
00:32:07.0688 5072   KSecDD - ok
00:32:07.0735 5072   LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
00:32:07.0751 5072   LanmanServer - ok
00:32:07.0782 5072   lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
00:32:07.0798 5072   lanmanworkstation - ok
00:32:07.0813 5072   lbrtfdc - ok
00:32:07.0845 5072   LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
00:32:07.0860 5072   LmHosts - ok
00:32:07.0954 5072   LVcKap (9a3d4fc6b86e7e36473079ab76ac703d) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
00:32:07.0985 5072   LVcKap - ok
00:32:08.0110 5072   LVMVDrv (0acbc11f19320af6c19f2e20013d9095) C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
00:32:08.0126 5072   LVMVDrv - ok
00:32:08.0173 5072   lvpopflt (9fb982de1c8dd769f8ed681dd878b12f) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
00:32:08.0188 5072   lvpopflt - ok
00:32:08.0220 5072   LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
00:32:08.0220 5072   LVPr2Mon - ok
00:32:08.0329 5072   LVPrcSrv (0ddfdcaa92c7f553328db06ba599bea9) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
00:32:08.0329 5072   LVPrcSrv - ok
00:32:08.0345 5072   LVRS (37072ec9299e825f4335cc554b6fac6a) C:\WINDOWS\system32\DRIVERS\lvrs.sys
00:32:08.0345 5072   LVRS - ok
00:32:08.0391 5072   LVSrvLauncher (a005cee9be199c5e375faa559ca9a7a9) C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
00:32:08.0391 5072   LVSrvLauncher - ok
00:32:08.0735 5072   LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
00:32:08.0907 5072   LVUVC - ok
00:32:09.0048 5072   ManyCam (c6d085c7045200143528136a43a65fde) C:\WINDOWS\system32\DRIVERS\ManyCam.sys
00:32:09.0048 5072   ManyCam - ok
00:32:09.0079 5072   McComponentHostService - ok
00:32:09.0126 5072   mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
00:32:09.0126 5072   mdmxsdk - ok
00:32:09.0157 5072   Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
00:32:09.0173 5072   Messenger - ok
00:32:09.0188 5072   mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
00:32:09.0188 5072   mnmdd - ok
00:32:09.0235 5072   mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
00:32:09.0235 5072   mnmsrvc - ok
00:32:09.0266 5072   Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
00:32:09.0266 5072   Modem - ok
00:32:09.0298 5072   MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
00:32:09.0298 5072   MODEMCSA - ok
00:32:09.0313 5072   Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:32:09.0313 5072   Mouclass - ok
00:32:09.0313 5072   mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:32:09.0329 5072   mouhid - ok
00:32:09.0329 5072   MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
00:32:09.0329 5072   MountMgr - ok
00:32:09.0376 5072   MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:32:09.0391 5072   MozillaMaintenance - ok
00:32:09.0391 5072   mraid35x - ok
00:32:09.0407 5072   MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:32:09.0407 5072   MRxDAV - ok
00:32:09.0470 5072   MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:32:09.0485 5072   MRxSmb - ok
00:32:09.0516 5072   MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
00:32:09.0532 5072   MSDTC - ok
00:32:09.0548 5072   Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
00:32:09.0548 5072   Msfs - ok
00:32:09.0563 5072   MSIServer - ok
00:32:09.0595 5072   MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:32:09.0595 5072   MSKSSRV - ok
00:32:09.0641 5072   msloop (64e8b7c65eb4796939c0f64f8170821b) C:\WINDOWS\system32\DRIVERS\loop.sys
00:32:09.0641 5072   msloop - ok
00:32:09.0657 5072   MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:32:09.0657 5072   MSPCLOCK - ok
00:32:09.0673 5072   MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
00:32:09.0673 5072   MSPQM - ok
00:32:09.0720 5072   mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:32:09.0720 5072   mssmbios - ok
00:32:09.0782 5072   MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
00:32:09.0782 5072   MSTEE - ok
00:32:09.0829 5072   Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
00:32:09.0829 5072   Mup - ok
00:32:09.0876 5072   NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:32:09.0876 5072   NABTSFEC - ok
00:32:09.0938 5072   napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
00:32:09.0954 5072   napagent - ok
00:32:09.0970 5072   NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
00:32:09.0970 5072   NDIS - ok
00:32:10.0032 5072   NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:32:10.0032 5072   NdisIP - ok
00:32:10.0063 5072   NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:32:10.0079 5072   NdisTapi - ok
00:32:10.0095 5072   Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:32:10.0095 5072   Ndisuio - ok
00:32:10.0141 5072   NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:32:10.0141 5072   NdisWan - ok
00:32:10.0157 5072   NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
00:32:10.0157 5072   NDProxy - ok
00:32:10.0173 5072   NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
00:32:10.0173 5072   NetBIOS - ok
00:32:10.0188 5072   NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
00:32:10.0188 5072   NetBT - ok
00:32:10.0220 5072   NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
00:32:10.0235 5072   NetDDE - ok
00:32:10.0235 5072   NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
00:32:10.0251 5072   NetDDEdsdm - ok
00:32:10.0266 5072   Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:32:10.0266 5072   Netlogon - ok
00:32:10.0298 5072   Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
00:32:10.0313 5072   Netman - ok
00:32:10.0423 5072   NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:32:10.0423 5072   NetTcpPortSharing - ok
00:32:10.0470 5072   Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
00:32:10.0485 5072   Nla - ok
00:32:10.0501 5072   Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
00:32:10.0516 5072   Npfs - ok
00:32:10.0516 5072   npggsvc - ok
00:32:10.0516 5072   npkcrypt - ok
00:32:10.0532 5072   npkcusb - ok
00:32:10.0579 5072   Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
00:32:10.0595 5072   Ntfs - ok
00:32:10.0595 5072   NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:32:10.0595 5072   NtLmSsp - ok
00:32:10.0641 5072   NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
00:32:10.0657 5072   NtmsSvc - ok
00:32:10.0688 5072   NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
00:32:10.0688 5072   NuidFltr - ok
00:32:10.0735 5072   Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
00:32:10.0735 5072   Null - ok
00:32:10.0782 5072   NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:32:10.0782 5072   NwlnkFlt - ok
00:32:10.0798 5072   NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:32:10.0798 5072   NwlnkFwd - ok
00:32:10.0829 5072   Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
00:32:10.0845 5072   Parport - ok
00:32:10.0845 5072   PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
00:32:10.0845 5072   PartMgr - ok
00:32:10.0876 5072   ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
00:32:10.0891 5072   ParVdm - ok
00:32:10.0923 5072   pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\WINDOWS\system32\drivers\pavboot.sys
00:32:10.0923 5072   pavboot - ok
00:32:10.0938 5072   PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
00:32:10.0954 5072   PCI - ok
00:32:10.0954 5072   PCIDump - ok
00:32:10.0954 5072   PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
00:32:10.0954 5072   PCIIde - ok
00:32:10.0985 5072   Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
00:32:10.0985 5072   Pcmcia - ok
00:32:11.0001 5072   PDCOMP - ok
00:32:11.0001 5072   PDFRAME - ok
00:32:11.0001 5072   PDRELI - ok
00:32:11.0016 5072   PDRFRAME - ok
00:32:11.0016 5072   perc2 - ok
00:32:11.0032 5072   perc2hib - ok
00:32:11.0063 5072   PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
00:32:11.0079 5072   PlugPlay - ok
00:32:11.0126 5072   PnkBstrA (681da309716aeb98bc901d7a0458d931) C:\WINDOWS\system32\PnkBstrA.exe
00:32:11.0126 5072   PnkBstrA - ok
00:32:11.0141 5072   PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:32:11.0141 5072   PolicyAgent - ok
00:32:11.0188 5072   PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:32:11.0188 5072   PptpMiniport - ok
00:32:11.0188 5072   ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:32:11.0204 5072   ProtectedStorage - ok
00:32:11.0204 5072   PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
00:32:11.0204 5072   PSched - ok
00:32:11.0251 5072   Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:32:11.0251 5072   Ptilink - ok
00:32:11.0266 5072   ql1080 - ok
00:32:11.0266 5072   Ql10wnt - ok
00:32:11.0266 5072   ql12160 - ok
00:32:11.0282 5072   ql1240 - ok
00:32:11.0282 5072   ql1280 - ok
00:32:11.0298 5072   RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:32:11.0298 5072   RasAcd - ok
00:32:11.0345 5072   RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
00:32:11.0360 5072   RasAuto - ok
00:32:11.0360 5072   Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:32:11.0360 5072   Rasl2tp - ok
00:32:11.0391 5072   RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
00:32:11.0407 5072   RasMan - ok
00:32:11.0423 5072   RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:32:11.0423 5072   RasPppoe - ok
00:32:11.0438 5072   Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
00:32:11.0438 5072   Raspti - ok
00:32:11.0470 5072   Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:32:11.0485 5072   Rdbss - ok
00:32:11.0516 5072   RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:32:11.0516 5072   RDPCDD - ok
00:32:11.0579 5072   rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:32:11.0579 5072   rdpdr - ok
00:32:11.0641 5072   RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
00:32:11.0641 5072   RDPWD - ok
00:32:11.0688 5072   RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
00:32:11.0704 5072   RDSessMgr - ok
00:32:11.0735 5072   redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
00:32:11.0751 5072   redbook - ok
00:32:11.0782 5072   RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
00:32:11.0798 5072   RemoteAccess - ok
00:32:11.0845 5072   RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
00:32:11.0860 5072   RemoteRegistry - ok
00:32:11.0891 5072   RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
00:32:11.0907 5072   RpcLocator - ok
00:32:11.0954 5072   RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
00:32:11.0970 5072   RpcSs - ok
00:32:12.0079 5072   RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
00:32:12.0095 5072   RSVP - ok
00:32:12.0126 5072   SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:32:12.0126 5072   SamSs - ok
00:32:12.0220 5072   SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
00:32:12.0220 5072   SASDIFSV - ok
00:32:12.0235 5072   SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
00:32:12.0235 5072   SASKUTIL - ok
00:32:12.0298 5072   SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
00:32:12.0298 5072   SCardSvr - ok
00:32:12.0360 5072   Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
00:32:12.0376 5072   Schedule - ok
00:32:12.0391 5072   Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:32:12.0391 5072   Secdrv - ok
00:32:12.0438 5072   seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
00:32:12.0454 5072   seclogon - ok
00:32:12.0454 5072   SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
00:32:12.0470 5072   SENS - ok
00:32:12.0516 5072   Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
00:32:12.0516 5072   Serial - ok
00:32:12.0548 5072   Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
00:32:12.0548 5072   Sfloppy - ok
00:32:12.0610 5072   SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
00:32:12.0610 5072   SharedAccess - ok
00:32:12.0657 5072   ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
00:32:12.0673 5072   ShellHWDetection - ok
00:32:12.0673 5072   Simbad - ok
00:32:12.0923 5072   Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
00:32:12.0954 5072   Skype C2C Service - ok
00:32:13.0095 5072   SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
00:32:13.0095 5072   SkypeUpdate - ok
00:32:13.0188 5072   SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:32:13.0188 5072   SLIP - ok
00:32:13.0204 5072   Sparrow - ok
00:32:13.0220 5072   splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
00:32:13.0220 5072   splitter - ok
00:32:13.0251 5072   Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
00:32:13.0266 5072   Spooler - ok
00:32:13.0313 5072   sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
00:32:13.0313 5072   sr - ok
00:32:13.0329 5072   srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
00:32:13.0345 5072   srservice - ok
00:32:13.0391 5072   Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
00:32:13.0407 5072   Srv - ok
00:32:13.0438 5072   SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
00:32:13.0454 5072   SSDPSRV - ok
00:32:13.0470 5072   StarOpen - ok
00:32:13.0516 5072   Steam Client Service - ok
00:32:13.0563 5072   STHDA (352b663a81402be7cd7bd4ea27c9998c) C:\WINDOWS\system32\drivers\sthda.sys
00:32:13.0563 5072   STHDA - ok
00:32:13.0610 5072   stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
00:32:13.0641 5072   stisvc - ok
00:32:13.0657 5072   streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:32:13.0673 5072   streamip - ok
00:32:13.0720 5072   SUSTUCAM (5807c125aaea590a464c7c4aa96a1ba0) C:\WINDOWS\system32\DRIVERS\sustucam.sys
00:32:13.0720 5072   SUSTUCAM - ok
00:32:13.0751 5072   SUSTUCAP (54bf7b09a79f8cccfd0c897e382337db) C:\WINDOWS\system32\DRIVERS\sustucap.sys
00:32:13.0751 5072   SUSTUCAP - ok
00:32:13.0798 5072   SUSTUCAU (cc99a2b9065f6c9dfbd3f57f52238d5c) C:\WINDOWS\system32\DRIVERS\sustucau.sys
00:32:13.0798 5072   SUSTUCAU - ok
00:32:13.0860 5072   swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
00:32:13.0860 5072   swenum - ok
00:32:13.0907 5072   swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
00:32:13.0907 5072   swmidi - ok
00:32:13.0907 5072   SwPrv - ok
00:32:13.0923 5072   symc810 - ok
00:32:13.0923 5072   symc8xx - ok
00:32:13.0923 5072   sym_hi - ok
00:32:13.0938 5072   sym_u3 - ok
00:32:13.0954 5072   sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
00:32:13.0970 5072   sysaudio - ok
00:32:14.0001 5072   SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
00:32:14.0016 5072   SysmonLog - ok
00:32:14.0095 5072   TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
00:32:14.0110 5072   TapiSrv - ok
00:32:14.0173 5072   Tcpip (d9f19e78f98834cb411d6ad3c68d181a) C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:32:14.0173 5072   Tcpip - ok
00:32:14.0204 5072   TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
00:32:14.0220 5072   TDPIPE - ok
00:32:14.0235 5072   TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
00:32:14.0235 5072   TDTCP - ok
00:32:14.0251 5072   TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
00:32:14.0266 5072   TermDD - ok
00:32:14.0282 5072   TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
00:32:14.0298 5072   TermService - ok
00:32:14.0485 5072   Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
00:32:14.0501 5072   Themes - ok
00:32:14.0532 5072   TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
00:32:14.0548 5072   TlntSvr - ok
00:32:14.0563 5072   TosIde - ok
00:32:14.0595 5072   TPkd (409a577fd5781c717e55a28717514c58) C:\WINDOWS\system32\drivers\TPkd.sys
00:32:14.0610 5072   TPkd - ok
00:32:14.0657 5072   TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
00:32:14.0673 5072   TrkWks - ok
00:32:14.0720 5072   Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
00:32:14.0720 5072   Udfs - ok
00:32:14.0720 5072   ultra - ok
00:32:14.0782 5072   Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
00:32:14.0782 5072   Update - ok
00:32:14.0829 5072   upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
00:32:14.0845 5072   upnphost - ok
00:32:14.0876 5072   UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
00:32:14.0876 5072   UPS - ok
00:32:14.0907 5072   usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
00:32:14.0907 5072   usbaudio - ok
00:32:14.0954 5072   usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:32:14.0954 5072   usbccgp - ok
00:32:14.0985 5072   usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:32:14.0985 5072   usbehci - ok
00:32:15.0001 5072   usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:32:15.0001 5072   usbhub - ok
00:32:15.0048 5072   usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
00:32:15.0048 5072   usbprint - ok
00:32:15.0095 5072   usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:32:15.0095 5072   usbscan - ok
00:32:15.0126 5072   USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:32:15.0126 5072   USBSTOR - ok
00:32:15.0141 5072   usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:32:15.0141 5072   usbuhci - ok
00:32:15.0157 5072   usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
00:32:15.0173 5072   usbvideo - ok
00:32:15.0204 5072   VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
00:32:15.0204 5072   VgaSave - ok
00:32:15.0220 5072   ViaIde - ok
00:32:15.0235 5072   VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
00:32:15.0235 5072   VolSnap - ok
00:32:15.0282 5072   VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
00:32:15.0298 5072   VSS - ok
00:32:15.0345 5072   W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
00:32:15.0360 5072   W32Time - ok
00:32:15.0360 5072   Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:32:15.0360 5072   Wanarp - ok
00:32:15.0423 5072   Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
00:32:15.0438 5072   Wdf01000 - ok
00:32:15.0438 5072   WDICA - ok
00:32:15.0501 5072   wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
00:32:15.0516 5072   wdmaud - ok
00:32:15.0548 5072   WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
00:32:15.0563 5072   WebClient - ok
00:32:15.0626 5072   winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
00:32:15.0641 5072   winachsf - ok
00:32:15.0720 5072   winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
00:32:15.0720 5072   winmgmt - ok
00:32:15.0798 5072   WinRM (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll
00:32:15.0829 5072   WinRM - ok
00:32:16.0001 5072   wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:32:16.0016 5072   wlidsvc - ok
00:32:16.0141 5072   WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
00:32:16.0157 5072   WmdmPmSN - ok
00:32:16.0204 5072   Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
00:32:16.0204 5072   Wmi - ok
00:32:16.0298 5072   WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:32:16.0298 5072   WmiApSrv - ok
00:32:16.0438 5072   WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
00:32:16.0454 5072   WMPNetworkSvc - ok
00:32:16.0485 5072   WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
00:32:16.0501 5072   WpdUsb - ok
00:32:16.0657 5072   WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:32:16.0657 5072   WPFFontCache_v0400 - ok
00:32:16.0704 5072   WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:32:16.0720 5072   WS2IFSL - ok
00:32:16.0766 5072   wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
00:32:16.0782 5072   wscsvc - ok
00:32:16.0829 5072   WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:32:16.0829 5072   WSTCODEC - ok
00:32:16.0891 5072   wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
00:32:16.0923 5072   wuauserv - ok
00:32:16.0985 5072   WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:32:17.0001 5072   WudfPf - ok
00:32:17.0016 5072   WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:32:17.0032 5072   WudfRd - ok
00:32:17.0063 5072   WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
00:32:17.0079 5072   WudfSvc - ok
00:32:17.0141 5072   WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
00:32:17.0157 5072   WZCSVC - ok
00:32:17.0157 5072   XDva391 - ok
00:32:17.0173 5072   XDva393 - ok
00:32:17.0204 5072   xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
00:32:17.0313 5072   xmlprov - ok
00:32:17.0345 5072   MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
00:32:17.0376 5072   \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
00:32:17.0376 5072   \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
00:32:17.0407 5072   Boot (0x1200) (437e236a56b6d0a482e3536f962ff9e6) \Device\Harddisk0\DR0\Partition0
00:32:17.0407 5072   \Device\Harddisk0\DR0\Partition0 - ok
00:32:17.0407 5072   ============================================================
00:32:17.0407 5072   Scan finished
00:32:17.0407 5072   ============================================================
00:32:17.0423 4308   Detected object count: 2
00:32:17.0423 4308   Actual detected object count: 2
00:32:35.0282 4308   Akamai ( HiddenFile.Multi.Generic ) - skipped by user
00:32:35.0282 4308   Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
00:32:36.0126 4308   \Device\Harddisk0\DR0\# - copied to quarantine
00:32:36.0126 4308   \Device\Harddisk0\DR0 - copied to quarantine
00:32:36.0141 4308   \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
00:32:36.0157 4308   \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
00:32:43.0688 4308   \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
00:32:43.0766 4308   \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
00:32:44.0001 4308   \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
00:32:44.0126 4308   \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
00:32:44.0266 4308   \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
00:32:44.0407 4308   \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
00:32:44.0407 4308   \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
00:32:44.0407 4308   \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
00:32:44.0423 4308   \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
00:32:44.0548 4308   \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
00:32:44.0704 4308   \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
00:32:44.0720 4308   \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
00:32:44.0720 4308   \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
00:32:44.0845 4308   \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
00:32:44.0876 4308   \Device\Harddisk0\DR0 - ok
00:32:44.0876 4308   \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
00:34:40.0438 4480   Deinitialize success

[year+ old attachment deleted by admin]

Computer Hope Forum

News:

Author Topic: Very Stubborn Virus; Seems to be Google Redirect Virus. (Read 17256 times)

AlecNeedsHelp

Very Stubborn Virus; Seems to be Google Redirect Virus.

SuperDave

Re: Very Stubborn Virus; Seems to be Google Redirect Virus.

AlecNeedsHelp

Re: Very Stubborn Virus; Seems to be Google Redirect Virus.

SuperDave

Re: Very Stubborn Virus; Seems to be Google Redirect Virus.

AlecNeedsHelp

Re: Very Stubborn Virus; Seems to be Google Redirect Virus.

SuperDave

Re: Very Stubborn Virus; Seems to be Google Redirect Virus.

AlecNeedsHelp

Re: Very Stubborn Virus; Seems to be Google Redirect Virus.

SuperDave

Re: Very Stubborn Virus; Seems to be Google Redirect Virus.

AlecNeedsHelp

Re: Very Stubborn Virus; Seems to be Google Redirect Virus.

SuperDave

Re: Very Stubborn Virus; Seems to be Google Redirect Virus.

AlecNeedsHelp

Re: Very Stubborn Virus; Seems to be Google Redirect Virus.

SuperDave

Re: Very Stubborn Virus; Seems to be Google Redirect Virus.

AlecNeedsHelp

Re: Very Stubborn Virus; Seems to be Google Redirect Virus.

SuperDave

Re: Very Stubborn Virus; Seems to be Google Redirect Virus.

AlecNeedsHelp

Re: Very Stubborn Virus; Seems to be Google Redirect Virus.