Computer Hope
Software => Computer viruses and spyware => Topic started by: AlecNeedsHelp on July 24, 2012, 04:07:43 PM
-
Hello. I hope you can help me with this problem I am having removing a virus.
Statements regarding to "Read this before requesting help" topic:
- I have avast antivirus.
- In the past I have downloaded firewalls, but all of them seem to conflict with my antivirus, and I do not want to download one now, because if it gets in the way of avast, my computer would be very vulnerable.
- All of the programs listed in my "Add or Remove Programs" look legitimate.
- I have ran CCleaner.
- I have scanned with MBAM, and SAS.
- Not sure if I should update Java because one of my scans found and quarantined files that were infected that were in Java folder.
- I think the links to DDS are broken. Both of them.
Here are my logs, and a little bit more info
SAS- (Seems to have found only minor stuff, but I am still glad to have it off of my computer.)
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 07/23/2012 at 05:54 PM
Application Version : 5.5.1012
Core Rules Database Version : 8944
Trace Rules Database Version: 6756
Scan type : Complete Scan
Total Scan Time : 01:33:08
Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator
Memory items scanned : 497
Memory threats detected : 0
Registry items scanned : 36165
Registry threats detected : 3
File items scanned : 99971
File threats detected : 468
Adware.Tracking Cookie
C:\Documents and Settings\Harris Family\Cookies\6II0DJW7.txt [ /a1.interclick.com ]
C:\Documents and Settings\Harris Family\Cookies\C1R0P4S6.txt [ /invitemedia.com ]
C:\Documents and Settings\Harris Family\Cookies\9CFHAKGM.txt [ /accounts.google.com ]
C:\Documents and Settings\Harris Family\Cookies\59AH4LSU.txt [ /lucidmedia.com ]
C:\Documents and Settings\Harris Family\Cookies\UOYHX1LC.txt [ /ads.intergi.com ]
C:\Documents and Settings\Harris Family\Cookies\B991KQ20.txt [ /interclick.com ]
C:\Documents and Settings\Harris Family\Cookies\962CLA4X.txt [ /media6degrees.com ]
C:\Documents and Settings\Harris Family\Cookies\SJHYXN1Z.txt [ /legolas-media.com ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\KG32282E.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\1U6V4YQ1.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\ADJW3CGR.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\LIE1BF04.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\BDRC1NMB.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\JIFFJK75.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\AOSRA3I1.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\EK4XOE83.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\JO28VTCY.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\UTZI3LCQ.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\NVOKQQUH.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\BBDMF8KV.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\Y3KP97KI.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\BJGQ881E.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\2GEXNZJC.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\444CSW5G.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\2R8RE12O.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\KD4NQ39D.txt [ Cookie:[email protected]/cgi-bin ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\VWMS8BUD.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\MUYVVE7F.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\QTD0ID5E.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\QXWUZ2CR.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\LIHS1J9C.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\TCO47V0U.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\WPL5VGUR.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\RG6Z8XEI.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\PI54Z7HJ.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\24QUOBKT.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\EGOYB8UH.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\CWNAYJDW.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\CNXZN8O3.txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\L11OAJ0Z.txt [ Cookie:[email protected]/ ]
core.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PT2KBDVV ]
core.saymedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PT2KBDVV ]
static.discoverymedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PT2KBDVV ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.hotwire.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
a.intentmedia.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
a.intentmedia.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
a.intentmedia.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.hyatt.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
lfscpttracking.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.game-advertising-online.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.kanoodle.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ads.saymedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.saymedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ads.gamesbannernet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ads.gamesbannernet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.account.hirezstudios.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.velux.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.velux.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.velux.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.velux.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ads1.zenoviaexchange.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
insight.torbit.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
*Blocked Russian URL* [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
technorati.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.*censored*.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.*censored*.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.*censored*.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.*censored*.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.verizontelecom.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.nandomedia.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.s.clickability.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.s.clickability.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
tracking.waterfrontmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.andomedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
hhm.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
hhm.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
adx.kat.ph [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.adlegend.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.adlegend.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
*Blocked Russian URL* [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
*Blocked Russian URL* [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.click.payperclick.co.il [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.onondagacountyparks.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.onondagacountyparks.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
onondagacountyparks.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
partners.mediaextension.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.saymedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.martiniadnetwork.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.martiniadnetwork.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.martiniadnetwork.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.martiniadnetwork.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.microsoftsto.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.myfuncards.dl.mywebsearch.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.mywebsearch.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
click.myfeedpointcenter.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
mediaservices-d.openxenterprise.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
sales.liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
www.burstbeacon.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.burstbeacon.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
server.iad.liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
www.3dstats.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
uol.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.uol.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.citygridmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.citygridmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.citygridmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.citygridmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.citygridmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.citygridmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.intermundomedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.intermundomedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NHQ8PD1R.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbooth.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstbeacon.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstbeacon.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
insight.torbit.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adlegend.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dmtracker.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.game-advertising-online.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
gr.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c1.atdmt.com [ C:\DOCUMENTS AND SETTINGS\HARRIS FAMILY\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
media.mtvnservices.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PL5EZE4A ]
media.scanscout.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PL5EZE4A ]
mediacast.realgravity.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PL5EZE4A ]
objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PL5EZE4A ]
secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PL5EZE4A ]
ad.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MRTPR3HB ]
cdn.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MRTPR3HB ]
cdn2.baronsmedia.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MRTPR3HB ]
crackle.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MRTPR3HB ]
ds.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MRTPR3HB ]
media.scanscout.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MRTPR3HB ]
media1.break.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MRTPR3HB ]
mediacast.realgravity.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MAC
-
Download Security Check by screen317 from one of the following links and save it to your desktop.
Link 1 (http://screen317.spywareinfoforum.org/SecurityCheck.exe)
Link 2 (http://screen317.changelog.fr/SecurityCheck.exe)
* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.
Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
**************************************************
I think the links to DDS are broken. Both of them.
They are working for me. Please try this instead:
Download Combofix from any of the links below, and save it to your DESKTOP.
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
Link 3 (http://subs.geekstogo.com/ComboFix.exe)
To prevent your anti-virus application interfering with ComboFix we need to disable it. See here (http://www.pchelpforum.com/anti-virus/110194-how-disable-your-security-applications-4.html) for a tutorial regarding how to do so if you are unsure.
- Close any open windows and double click ComboFix.exe to run it.
You will see the following image:
(http://i424.photobucket.com/albums/pp322/digistar/NSIS_disclaimer_ENG.png)
Click I Agree to start the program.
ComboFix will then extract the necessary files and you will see this:
(http://i424.photobucket.com/albums/pp322/digistar/NSIS_extraction.png)
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7
It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
If you did not have it installed, you will see the prompt below. Choose YES.
(http://i424.photobucket.com/albums/pp322/digistar/RcAuto1.gif)
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
(http://i424.photobucket.com/albums/pp322/digistar/whatnext.png)
Click on Yes, to continue scanning for malware.
When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.
Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.
-
Results of screen317's Security Check version 0.99.43
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````[/u]
SUPERAntiSpyware
Malwarebytes Anti-Malware version 1.62.0.1300
CCleaner
JavaFX 2.0.3
Java(TM) 7 Update 3
Java version out of Date!
Adobe Flash Player 11.3.300.265
Adobe Reader X (10.1.3)
Mozilla Firefox (14.0.1)
````````Process Check: objlist.exe by Laurent````````[/u]
Mozilla Firefox AvastSvc.exe -?-
Mozilla Firefox AvastUI.exe -?-
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C:: 26% Defragment your hard drive soon!
````````````````````End of Log``````````````````````[/u]
Looking at this I can run Advanced Systemcare for OIBit if recommended.
To prevent your anti-virus application interfering with ComboFix we need to disable it.
Avast antivirus seems to be the only thing between this virus any my computer right now. Could I just run it without disabling my antivirus, or tell my antivirus it's a trusted application? I really don't feel comfortable disabling my antivirus.
-
Update Your Java (JRE)
Old versions of Java have vulnerabilities that malware can use to infect your system.
First Verify your Java Version (http://www.java.com/en/download/installed.jsp)
If there are any other version(s) installed then update now.
Get the new version (if needed)
If your version is out of date install the newest version of the Sun Java Runtime Environment (http://www.majorgeeks.com/Sun_Java_Runtime_Environment_d4648.html).
Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Be sure to close ALL open web browsers before starting the installation.
Remove any old versions
1. Download JavaRa (http://raproducts.org/click/click.php?id=1) and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.
Additional Note: The Java Quick Starter (JQS.exe) (http://java.sun.com/javase/6/docs/technotes/guides/jweb/otherFeatures/jqs.html) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
**********************************************************
Total Fragmentation on Drive C:: 26% Defragment your hard drive soon!
You need to defrag your hard drive. If you need help doing this, let me know.
ComboFix physically disconnects your computer from the internet when running so it should be safe. The malware is already on your computer.
-
I will update my java, and I will defrag my drive.
I hope I am not being very annoying when I ask again if I can just tell avast antivirus to trust ComboFix in the settings. I know now that it disconnects the computer from the internet, but I'm not certain that will protect my computer, because I don't think the virus needs internet connection to do harm to my computer.
-
I hope I am not being very annoying when I ask again if I can just tell avast antivirus to trust ComboFix in the settings. I know now that it disconnects the computer from the internet, but I'm not certain that will protect my computer, because I don't think the virus needs internet connection to do harm to my computer.
Trust me. The damage has already been done to your computer. You can run ComboFix without disabling your AV but it may give some problems.
-
I've defragged my hard drive, updated java, removed older versions of java, and ran combofix.
Here you go.
ComboFix 12-07-27.02 - Harris Family 07/26/2012 15:55:04.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.931 [GMT -4:00]
Running from: c:\documents and settings\Harris Family\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\documents and settings\Harris Family\Application Data\Toolbar4
c:\windows\system32\SET2E6.tmp
c:\windows\system32\SET76C.tmp
c:\windows\system32\SET770.tmp
c:\windows\system32\SET771.tmp
c:\windows\system32\SET776.tmp
c:\windows\system32\SET77A.tmp
c:\windows\system32\SET7D0.tmp
c:\windows\system32\SET7D2.tmp
c:\windows\system32\SET7D6.tmp
c:\windows\system32\SET7DE.tmp
c:\windows\system32\SETE38.tmp
c:\windows\system32\SETE39.tmp
c:\windows\system32\SETE3D.tmp
c:\windows\system32\SETE3E.tmp
c:\windows\system32\SETE3F.tmp
c:\windows\system32\SETE43.tmp
c:\windows\system32\SETE45.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-06-26 to 2012-07-26 )))))))))))))))))))))))))))))))
.
.
2012-07-26 19:35 . 2012-07-26 19:35 -------- d-----w- c:\program files\Oracle
2012-07-26 19:34 . 2012-07-26 19:31 143872 ----a-w- c:\windows\system32javacpl.cpl
2012-07-26 19:33 . 2012-07-06 02:07 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-07-23 20:18 . 2012-07-23 20:18 -------- d-----w- c:\documents and settings\Harris Family\Application Data\SUPERAntiSpyware.com
2012-07-23 20:18 . 2012-07-23 20:18 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-07-23 20:18 . 2012-07-23 20:18 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2012-07-23 20:17 . 2012-07-23 20:17 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERSetup
2012-07-23 17:22 . 2012-07-03 17:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-20 23:23 . 2012-07-22 04:08 -------- d-----w- c:\documents and settings\Harris Family\Application Data\vlc
2012-07-20 23:20 . 2012-07-20 23:20 -------- d-----w- c:\program files\VideoLAN
2012-07-12 07:22 . 2012-07-12 07:22 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-07-08 19:11 . 2012-07-08 19:11 -------- d-----w- c:\windows\system32\wbem\Repository
2012-07-05 19:57 . 2012-07-05 19:53 3130440 ----a-w- c:\windows\system32\pbsvc_blr.exe
2012-07-05 19:56 . 2012-07-05 19:56 -------- d-----w- c:\program files\NVIDIA Corporation
2012-07-05 19:55 . 2012-07-05 19:55 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 22:30 . 2012-04-02 23:13 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-11 22:30 . 2011-09-29 03:46 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 02:06 . 2011-10-19 17:17 772544 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-07-06 02:06 . 2010-09-07 18:43 687544 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-05 19:58 . 2012-05-28 06:43 138056 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-07-05 19:58 . 2012-01-10 20:02 138056 ----a-w- c:\documents and settings\Harris Family\Application Data\PnkBstrK.sys
2012-07-05 19:57 . 2012-05-28 06:42 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-07-05 19:57 . 2012-01-10 20:02 189248 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-07-05 19:57 . 2012-05-28 06:42 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-06-20 16:56 . 2012-01-30 04:25 71104 ----a-w- c:\windows\CouponPrinter.ocx
2012-06-13 13:19 . 2008-04-14 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:50 . 2008-04-14 12:00 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2008-04-14 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2008-04-14 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 19:19 . 2009-08-07 00:24 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19 . 2010-01-13 03:03 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 19:19 . 2010-01-13 03:03 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19 . 2010-01-13 03:03 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 19:19 . 2009-08-07 00:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19 . 2010-01-13 03:03 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 19:19 . 2010-01-13 03:03 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 19:19 . 2009-08-07 00:24 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 19:19 . 2009-08-07 00:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19 . 2008-04-14 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 19:19 . 2009-08-07 00:24 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:19 . 2010-01-13 03:03 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 19:19 . 2010-01-13 03:03 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 19:18 . 2010-02-01 09:47 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 19:18 . 2010-02-01 09:47 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 19:18 . 2010-02-01 09:47 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22 . 2008-04-14 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-30 20:32 . 2012-01-10 20:11 282104 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-05-16 15:08 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:42 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:42 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-05-04 13:16 . 2008-04-14 12:00 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32 . 2008-04-14 00:01 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2010-01-13 03:01 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-18 18:57 . 2012-06-19 01:31 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\ERDNT\cache\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . D9F19E78F98834CB411D6AD3C68D181A . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
.
((((((((((((((((((((((((((((( SnapShot@2011-09-29_05.36.58 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 06:19 . 2007-11-07 06:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 10:07 . 2008-07-29 10:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 10:07 . 2008-07-29 10:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2006-12-02 05:26 . 2006-12-02 05:26 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-02 05:25 . 2006-12-02 05:25 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2009-07-12 00:41 . 2009-07-12 00:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2012-03-10 00:57 . 2012-03-10 00:57 49152 c:\windows\WinSxS\MSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8\MOM.EXE
+ 2012-01-11 08:05 . 2012-01-11 08:05 21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
- 2011-01-10 08:08 . 2011-01-10 08:08 21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
+ 2012-03-10 00:57 . 2012-03-10 00:57 86016 c:\windows\WinSxS\MSIL_LOG_90ba9c70f846762e_2.0.3693.42530_x-ww_47e32df4\LOG.EXE
+ 2012-03-10 00:57 . 2012-03-10 00:57 49152 c:\windows\WinSxS\MSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733\CLI.EXE
+ 2012-03-10 00:57 . 2012-03-10 00:57 49152 c:\windows\WinSxS\MSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0\CCC.EXE
+ 2012-07-26 19:19 . 2012-07-26 19:19 16384 c:\windows\Temp\Perflib_Perfdata_c58.dat
+ 2012-07-26 19:36 . 2012-07-26 19:36 16384 c:\windows\Temp\Perflib_Perfdata_9b8.dat
+ 2010-04-27 18:45 . 2010-04-27 18:45 72856 c:\windows\system32\xliveinstallhost.exe
- 2010-05-02 19:32 . 2007-04-04 22:53 81768 c:\windows\system32\xinput1_3.dll
+ 2010-05-02 19:32 . 2007-04-04 23:53 81768 c:\windows\system32\xinput1_3.dll
- 2010-05-02 19:33 . 2010-02-04 14:01 74072 c:\windows\system32\XAPOFX1_4.dll
+ 2010-05-02 19:33 . 2010-02-04 15:01 74072 c:\windows\system32\XAPOFX1_4.dll
+ 2010-05-02 19:32 . 2008-07-31 15:41 68616 c:\windows\system32\XAPOFX1_1.dll
- 2010-05-02 19:32 . 2008-07-31 14:41 68616 c:\windows\system32\XAPOFX1_1.dll
- 2010-05-02 19:33 . 2010-02-04 14:01 22360 c:\windows\system32\X3DAudio1_7.dll
+ 2010-05-02 19:33 . 2010-02-04 15:01 22360 c:\windows\system32\X3DAudio1_7.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56 14848 c:\windows\system32\wsmprovhost.exe
+ 2009-10-09 19:56 . 2009-10-09 19:56 12288 c:\windows\system32\wsmplpxy.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56 12288 c:\windows\system32\winrssrv.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56 22528 c:\windows\system32\winrshost.exe
+ 2009-10-09 21:22 . 2009-10-09 21:22 69632 c:\windows\system32\winrs.exe
+ 2009-10-09 19:56 . 2009-10-09 19:56 25088 c:\windows\system32\winrmprov.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56 24064 c:\windows\system32\WindowsPowerShell\v1.0\pwrshsip.dll
+ 2010-01-12 03:54 . 2008-04-14 10:42 53760 c:\windows\system32\vfwwdm32.dll
- 2010-01-12 03:54 . 2008-04-14 09:42 53760 c:\windows\system32\vfwwdm32.dll
+ 1998-12-24 15:23 . 1998-12-24 15:23 40960 c:\windows\system32\VBAME.DLL
- 2008-04-14 12:00 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
+ 2008-04-14 12:00 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
+ 2012-06-21 06:53 . 2012-06-02 19:19 45080 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.6.7600.256\wups2.dll
+ 2012-06-21 06:53 . 2012-06-02 19:19 35864 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.6.7600.256\wups.dll
+ 2011-06-16 07:34 . 2011-06-16 07:34 79872 c:\windows\system32\SlotMaximizerAg.dll
+ 1998-03-25 00:54 . 1998-03-25 00:54 15872 c:\windows\system32\SCP32.DLL
+ 2012-03-06 23:16 . 2005-04-15 02:10 73728 c:\windows\system32\ReinstallBackups\0001\DriverFiles\Oemdspif.dll
+ 2012-03-06 23:16 . 2001-11-09 15:01 24064 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ativcoxx.dll
+ 2012-03-06 23:16 . 2005-04-15 01:45 17408 c:\windows\system32\ReinstallBackups\0001\DriverFiles\atitvo32.dll
+ 2012-03-06 23:16 . 2005-04-15 02:11 94208 c:\windows\system32\ReinstallBackups\0001\DriverFiles\atipdlxx.dll
+ 2012-03-06 23:16 . 2005-04-08 20:42 87540 c:\windows\system32\ReinstallBackups\0001\DriverFiles\atiicdxx.dat
+ 2012-03-06 23:16 . 2005-04-15 02:09 53248 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ATIDDC.DLL
+ 2012-03-06 23:16 . 2005-04-15 02:10 25088 c:\windows\system32\ReinstallBackups\0001\DriverFiles\Ati2mdxx.exe
+ 2012-03-06 23:16 . 2005-04-15 02:10 46080 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2evxx.dll
+ 2012-03-06 23:16 . 2005-04-15 01:45 36864 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2erec.dll
+ 2012-03-06 23:16 . 2005-04-15 02:10 39936 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2edxx.dll
+ 2012-03-10 00:46 . 2005-04-15 02:10 73728 c:\windows\system32\ReinstallBackups\0000\DriverFiles\Oemdspif.dll
+ 2012-03-10 00:46 . 2001-11-09 15:01 24064 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ativcoxx.dll
+ 2012-03-10 00:46 . 2005-04-15 01:45 17408 c:\windows\system32\ReinstallBackups\0000\DriverFiles\atitvo32.dll
+ 2012-03-10 00:46 . 2005-04-15 02:11 94208 c:\windows\system32\ReinstallBackups\0000\DriverFiles\atipdlxx.dll
+ 2012-03-10 00:46 . 2005-04-08 20:42 87540 c:\windows\system32\ReinstallBackups\0000\DriverFiles\atiicdxx.dat
+ 2012-03-10 00:46 . 2005-04-15 02:09 53248 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ATIDDC.DLL
+ 2012-03-10 00:46 . 2005-04-15 02:10 25088 c:\windows\system32\ReinstallBackups\0000\DriverFiles\Ati2mdxx.exe
+ 2012-03-10 00:46 . 2005-04-15 02:10 46080 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2evxx.dll
+ 2012-03-10 00:46 . 2005-04-15 01:45 36864 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2erec.dll
+ 2012-03-10 00:46 . 2005-04-15 02:10 39936 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2edxx.dll
+ 2012-03-09 20:29 . 2011-12-30 22:03 21336 c:\windows\system32\RegistryDefragBootTime.exe
+ 2009-10-09 21:22 . 2009-10-09 21:22 42496 c:\windows\system32\pwrshplugin.dll
+ 2005-10-29 04:49 . 2005-10-29 04:49 84480 c:\windows\system32\pintool.exe
+ 2008-04-14 12:00 . 2012-06-14 07:22 85886 c:\windows\system32\perfc009.dat
+ 2008-04-14 12:00 . 2011-11-18 12:35 60416 c:\windows\system32\packager.exe
+ 2011-10-26 02:21 . 2011-10-26 02:21 56832 c:\windows\system32\OVDecoder.dll
+ 2000-01-11 04:33 . 2000-01-11 04:33 65586 c:\windows\system32\OUTLWAB.DLL
+ 2011-10-26 02:21 . 2011-10-26 02:21 56832 c:\windows\system32\OpenVideo.dll
+ 2011-10-26 02:19 . 2011-10-26 02:19 44032 c:\windows\system32\OpenCL.dll
+ 2008-04-14 12:00 . 2011-09-26 15:41 20480 c:\windows\system32\oleaccrc.dll
+ 2007-02-22 14:48 . 2007-02-22 14:48 68896 c:\windows\system32\NiViSv32.dll
+ 1998-08-09 14:07 . 1998-08-09 14:07 94208 c:\windows\system32\MSSTKPRP.DLL
+ 1999-01-22 18:46 . 1999-01-22 18:46 65536 c:\windows\system32\MSRTEDIT.DLL
+ 1999-10-13 21:12 . 1999-10-13 21:12 28944 c:\windows\system32\MSRECR40.DLL
+ 1997-07-11 04:00 . 1997-07-11 04:00 22016 c:\windows\system32\MSIMRT32.DLL
+ 1997-07-11 04:00 . 1997-07-11 04:00 10544 c:\windows\system32\MSIMRT16.DLL
+ 1997-07-11 04:00 . 1997-07-11 04:00 14336 c:\windows\system32\MSIMRT.DLL
+ 2008-04-14 12:00 . 2012-05-11 14:42 67072 c:\windows\system32\mshtmled.dll
- 2009-03-08 09:31 . 2011-04-25 16:11 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 09:31 . 2012-05-11 14:42 55296 c:\windows\system32\msfeedsbs.dll
+ 2011-11-11 00:15 . 2011-11-11 00:15 19240 c:\windows\system32\mlfcache.dat
+ 1998-06-17 06:08 . 1998-06-17 06:08 53248 c:\windows\system32\MFC42ENU.DLL
+ 1999-03-03 15:05 . 1999-03-03 15:05 81920 c:\windows\system32\MDT2FW95.DLL
- 2008-04-14 12:00 . 2008-04-14 12:00 23040 c:\windows\system32\mciseq.dll
+ 2008-04-14 12:00 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll
+ 1998-10-01 16:00 . 1998-10-01 16:00 40208 c:\windows\system32\MAPISRVR.EXE
+ 2011-11-22 15:50 . 2011-11-22 15:50 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
- 2011-02-02 13:35 . 2011-02-02 13:35 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
- 2011-02-02 13:35 . 2011-02-02 13:35 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
+ 2011-11-22 15:50 . 2011-11-22 15:50 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
+ 2011-11-22 15:50 . 2011-11-22 15:50 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
- 2011-02-02 13:35 . 2011-02-02 13:35 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
+ 2011-11-22 15:50 . 2011-11-22 15:50 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
- 2011-02-02 13:35 . 2011-02-02 13:35 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2002-10-21 19:29 . 2002-10-21 19:29 76800 c:\windows\system32\Lvgl13n.dll
+ 2002-10-21 19:30 . 2002-10-21 19:30 74240 c:\windows\system32\Lvdx13n.dll
+ 2002-10-21 19:01 . 2002-10-21 19:01 30208 c:\windows\system32\LTWND13n.DLL
+ 2002-10-24 21:12 . 2002-10-24 21:12 53248 c:\windows\system32\LTWEB13n.dll
+ 2002-10-24 21:10 . 2002-10-24 21:10 35328 c:\windows\system32\LTTWN13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 32256 c:\windows\system32\LTTMB13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 95232 c:\windows\system32\LTPDG13N.DLL
+ 2002-10-21 19:02 . 2002-10-21 19:02 61952 c:\windows\system32\LTNET13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 51200 c:\windows\system32\LTLST13N.DLL
+ 2002-10-21 19:01 . 2002-10-21 19:01 35328 c:\windows\system32\LTISI13N.DLL
+ 2000-07-07 10:49 . 2000-07-07 10:49 69120 c:\windows\system32\LTDLL.DLL
+ 2002-10-24 21:10 . 2002-10-24 21:10 65024 c:\windows\system32\LTBAR13N.DLL
+ 2002-10-21 19:05 . 2002-10-21 19:05 25600 c:\windows\system32\LFXWD13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 47104 c:\windows\system32\lfXpm13n.dll
+ 2002-10-24 21:11 . 2002-10-24 21:11 45056 c:\windows\system32\lfXbm13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05 20480 c:\windows\system32\LFWPG13N.DLL
+ 2002-10-21 19:38 . 2002-10-21 19:38 33280 c:\windows\system32\LFWMP13N.DLL
+ 2002-10-21 19:38 . 2002-10-21 19:38 76800 c:\windows\system32\Lfwmf13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05 19968 c:\windows\system32\LFWFX13N.DLL
+ 2002-10-21 19:34 . 2002-10-21 19:34 33280 c:\windows\system32\LFVEC13N.DLL
+ 2002-10-21 19:05 . 2002-10-21 19:05 24576 c:\windows\system32\LFTGA13N.DLL
+ 2002-10-21 19:37 . 2002-10-21 19:37 33792 c:\windows\system32\LFSMP13n.dll
+ 2002-10-10 02:53 . 2002-10-10 02:53 82944 c:\windows\system32\LFSHP13N.DLL
+ 2002-10-21 19:05 . 2002-10-21 19:05 20480 c:\windows\system32\LFSGI13N.DLL
+ 2002-10-21 19:37 . 2002-10-21 19:37 58368 c:\windows\system32\LFSCT13N.DLL
+ 2002-10-21 19:06 . 2002-10-21 19:06 17920 c:\windows\system32\lfRaw13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05 20480 c:\windows\system32\LFRAS13N.DLL
+ 2002-10-21 19:38 . 2002-10-21 19:38 69632 c:\windows\system32\LFPTK13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05 55296 c:\windows\system32\LFPSD13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 31232 c:\windows\system32\LFPNM13n.dll
+ 2002-10-21 19:04 . 2002-10-21 19:04 26112 c:\windows\system32\LFPCX13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04 65536 c:\windows\system32\Lfpct13n.dll
+ 2002-10-24 21:11 . 2002-10-24 21:11 19968 c:\windows\system32\LFPCD13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04 18944 c:\windows\system32\LFMSP13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04 18944 c:\windows\system32\LFMAC13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04 31744 c:\windows\system32\LFLMB13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 29184 c:\windows\system32\LFLMA13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 90112 c:\windows\system32\LFJBG13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 19968 c:\windows\system32\LFITG13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 20992 c:\windows\system32\LFIMG13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 27136 c:\windows\system32\LFIFF13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 48128 c:\windows\system32\LFICA13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 35328 c:\windows\system32\LFGIF13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 84480 c:\windows\system32\LFFPX13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 38400 c:\windows\system32\LFFLC13N.DLL
+ 2002-10-22 16:51 . 2002-10-22 16:51 73216 c:\windows\system32\LFFAX13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 37888 c:\windows\system32\LFEPS13N.DLL
+ 2002-10-21 19:32 . 2002-10-21 19:32 94208 c:\windows\system32\LFDRW13N.DLL
+ 2002-10-21 19:32 . 2002-10-21 19:32 79872 c:\windows\system32\Lfdgn13n.dll
+ 2002-10-24 21:11 . 2002-10-24 21:11 21504 c:\windows\system32\lfCUT13n.dll
+ 2002-07-23 20:37 . 2002-07-23 20:37 90112 c:\windows\system32\Lfcmx13n.dll
+ 2002-10-21 19:03 . 2002-10-21 19:03 31744 c:\windows\system32\LFCLP13N.DLL
+ 2002-10-21 19:31 . 2002-10-21 19:31 90624 c:\windows\system32\Lfcgm13n.dll
+ 2002-10-21 19:02 . 2002-10-21 19:02 35840 c:\windows\system32\LFCAL13N.DLL
+ 2002-10-21 19:02 . 2002-10-21 19:02 30208 c:\windows\system32\LFBMP13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 23040 c:\windows\system32\LFAWD13N.DLL
+ 2002-10-21 19:02 . 2002-10-21 19:02 18944 c:\windows\system32\LFAVI13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 25600 c:\windows\system32\LFANI13N.DLL
+ 2002-06-28 21:02 . 2002-06-28 21:02 91136 c:\windows\system32\LFACS13N.DLL
- 2008-04-14 12:00 . 2011-04-25 16:11 25600 c:\windows\system32\jsproxy.dll
+ 2008-04-14 12:00 . 2012-05-11 14:42 25600 c:\windows\system32\jsproxy.dll
+ 1999-10-28 22:49 . 1999-10-28 22:49 26384 c:\windows\system32\FM20ENU.DLL
+ 1999-02-16 19:38 . 1999-02-16 19:38 38912 c:\windows\system32\EXSEC32.DLL
+ 2011-10-19 22:20 . 2010-10-20 14:04 12616 c:\windows\system32\DRVSTORE\sy11ser2_C8055990E74A8336FB891A1C51483808C1A377B4\i386\sy11cmnt.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04 14920 c:\windows\system32\DRVSTORE\sy11nmea2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11mdfl.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04 12616 c:\windows\system32\DRVSTORE\sy11nmea2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11cmnt.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04 14920 c:\windows\system32\DRVSTORE\sy11mdm2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11mdfl.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04 12616 c:\windows\system32\DRVSTORE\sy11mdm2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11cmnt.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04 12488 c:\windows\system32\DRVSTORE\sy11bus_3B750B8957F0495C30C6A1637C4365210D2F7D96\i386\sy11whnt.sys
+ 2011-10-19 22:20 . 2009-11-25 15:06 28032 c:\windows\system32\DRVSTORE\sustucau_DFCD71BD0A5B77107C2A164AECAF8B184C1DAC23\x32\sustucau.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06 28032 c:\windows\system32\DRVSTORE\sustucau_C9E6DF1C8048DC72D36CCAEEE3BACCDB441567F5\x32\sustucau.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06 47360 c:\windows\system32\DRVSTORE\sustucap_C0F16DE8BAD19A3D9B57336A0A69209EB10E7CCF\x32\sustucap.sys
+ 2011-10-19 22:20 . 2009-11-25 15:06 47360 c:\windows\system32\DRVSTORE\sustucap_1EDD86B8B9BFED1A6DCE1575A58CC70E11B53813\x32\sustucap.sys
+ 2011-10-19 22:20 . 2009-11-25 15:06 47360 c:\windows\system32\DRVSTORE\sustucam_F6944BDF91F4A423970BB44E6B3D50807D2E59C4\x32\sustucam.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06 47360 c:\windows\system32\DRVSTORE\sustucam_1FF22367248D356C8388AA6F6326380ACFFB8B76\x32\sustucam.sys
+ 2011-10-17 01:33 . 2007-03-20 07:33 28672 c:\windows\system32\DRVSTORE\susidn_183D6B8EF1D89794BD9426AEDC366357BC9AD747\libusb0.sys
+ 2011-10-17 01:33 . 2007-03-20 07:33 43520 c:\windows\system32\DRVSTORE\susidn_183D6B8EF1D89794BD9426AEDC366357BC9AD747\libusb0.dll
+ 2011-10-17 01:33 . 2009-06-30 21:47 25728 c:\windows\system32\DRVSTORE\susandroid_FC9F522E221128D699F3791DC5748637249EF286\androidusb.sys
+ 2011-10-19 22:20 . 2009-06-30 21:47 25728 c:\windows\system32\DRVSTORE\susandroid_33DEEEA9E288DC4CD2A2FBA1153E97C5656C83CF\androidusb.sys
+ 2011-10-17 01:33 . 2007-11-20 23:35 49792 c:\windows\system32\DRVSTORE\sus2pl_83E3644ECEC403037D5191175417DD7D9F6E0A41\sus2pl.sys
+ 2011-10-19 22:20 . 2011-08-25 01:43 77624 c:\windows\system32\DRVSTORE\ssudbus_480379E0B82376A51FBA49F20A6552067343B7C5\i386\ssudbus.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12 12424 c:\windows\system32\DRVSTORE\ssm_ser2_B621C3240C85E19C4E244497B86AA9D67533C4DC\i386\ssm_cmnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12 15112 c:\windows\system32\DRVSTORE\ssm_mdm2_B621C3240C85E19C4E244497B86AA9D67533C4DC\i386\ssm_mdfl.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12 12424 c:\windows\system32\DRVSTORE\ssm_mdm2_B621C3240C85E19C4E244497B86AA9D67533C4DC\i386\ssm_cmnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12 12424 c:\windows\system32\DRVSTORE\ssm_bus_EE9DFA265F838793D1C273D5545AB1C0C5AC6695\i386\ssm_whnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12 83592 c:\windows\system32\DRVSTORE\ssm_bus_EE9DFA265F838793D1C273D5545AB1C0C5AC6695\i386\ssm_bus.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 12160 c:\windows\system32\DRVSTORE\ssecunic_A24B1C89EAA29049770A027B837B79C454C2BE7F\i386\ssecwhnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 10624 c:\windows\system32\DRVSTORE\ssecunic_A24B1C89EAA29049770A027B837B79C454C2BE7F\i386\sseccrnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 12160 c:\windows\system32\DRVSTORE\ssecsdm2_6084F8D8AAAC4998F190285B0975591A9E522F47\i386\sseccmnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 12160 c:\windows\system32\DRVSTORE\ssecobx2_0E3C23A2AF7322625D7CB5A230D402C8D622EC9B\i386\sseccmnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 25856 c:\windows\system32\DRVSTORE\ssecndis_A24B1C89EAA29049770A027B837B79C454C2BE7F\i386\ssecnd5.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 14976 c:\windows\system32\DRVSTORE\ssecmdm2_E671AB05B6ECA67B0DD4FA29746FD625F717E338\i386\ssecmdfl.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 12160 c:\windows\system32\DRVSTORE\ssecmdm2_E671AB05B6ECA67B0DD4FA29746FD625F717E338\i386\sseccmnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 12160 c:\windows\system32\DRVSTORE\ssecbus_7E9D79E81F4A1719CED202B2FB04E7C48E5B8945\i386\ssecwhnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 86528 c:\windows\system32\DRVSTORE\ssecbus_7E9D79E81F4A1719CED202B2FB04E7C48E5B8945\i386\ssecbus.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41 98688 c:\windows\system32\DRVSTORE\sscesdm2_BB82E7479D7E2F0C90BFE508B21515FFA2AFD8D8\i386\ssceserd.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41 12160 c:\windows\system32\DRVSTORE\sscesdm2_BB82E7479D7E2F0C90BFE508B21515FFA2AFD8D8\i386\sscecmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 12416 c:\windows\system32\DRVSTORE\sscesdm2_7AD4829229782EAD7A14A10BC5E01E956779886D\i386\sscecmnt.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41 14976 c:\windows\system32\DRVSTORE\sscemdm2_95625B00DD45C398488289AAB907DEB21FCFF6CE\i386\sscemdfl.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41 12160 c:\windows\system32\DRVSTORE\sscemdm2_95625B00DD45C398488289AAB907DEB21FCFF6CE\i386\sscecmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 14848 c:\windows\system32\DRVSTORE\sscemdm2_34771A624205C079100D51ABFD3F0EFDC377F971\i386\sscemdfl.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 12416 c:\windows\system32\DRVSTORE\sscemdm2_34771A624205C079100D51ABFD3F0EFDC377F971\i386\sscecmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 12288 c:\windows\system32\DRVSTORE\sscebus_659A3532090130C12253E064E99D5D4049A341E9\i386\sscewhnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 98560 c:\windows\system32\DRVSTORE\sscebus_659A3532090130C12253E064E99D5D4049A341E9\i386\sscebus.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41 12160 c:\windows\system32\DRVSTORE\sscebus_0199D7263C408755807E65867454841681E758C8\i386\sscewhnt.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41 90240 c:\windows\system32\DRVSTORE\sscebus_0199D7263C408755807E65867454841681E758C8\i386\sscebus.sys
+ 2011-10-17 01:33 . 2007-07-03 20:57 11944 c:\windows\system32\DRVSTORE\sscdw2k_1884E0BBC3477068D88D04D6EA7B69C88AE93B94\i386\sscdmdfl.sys
+ 2011-10-17 01:33 . 2007-07-03 20:59 86824 c:\windows\system32\DRVSTORE\sscdsdm2_1E0DD9732FD56E67D2D50B616A3C7C3CC5B8965E\i386\sscdserd.sys
+ 2011-10-17 01:33 . 2007-07-03 20:54 80552 c:\windows\system32\DRVSTORE\sscdbus_E3A7A7036AB81E14A21B18864187D06666BE1000\i386\sscdbus.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15 10472 c:\windows\system32\DRVSTORE\ssadsdm2_CB0D6A64C81E723D813A6F2A9668D95F91F371C0\i386\ssadcmnt.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40 14976 c:\windows\system32\DRVSTORE\ssadmdm2_BB9A889FDC3B66435A9ABCEF20FAFE1691169A32\i386\ssadmdfl.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40 12160 c:\windows\system32\DRVSTORE\ssadmdm2_BB9A889FDC3B66435A9ABCEF20FAFE1691169A32\i386\ssadcmnt.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15 12776 c:\windows\system32\DRVSTORE\ssadmdm2_3B9F84FDB4850DC91A3CAFF448723EA532732F1F\i386\ssadmdfl.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15 10472 c:\windows\system32\DRVSTORE\ssadmdm2_3B9F84FDB4850DC91A3CAFF448723EA532732F1F\i386\ssadcmnt.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40 12160 c:\windows\system32\DRVSTORE\ssadbus_ECD95F04F506242D65A2FBE013D1EFC237EA84E5\i386\ssadwhnt.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40 90240 c:\windows\system32\DRVSTORE\ssadbus_ECD95F04F506242D65A2FBE013D1EFC237EA84E5\i386\ssadbus.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15 10344 c:\windows\system32\DRVSTORE\ssadbus_2112C6E16CA9C1DAD7D12BFCA60FCA72A02EBB81\i386\ssadwhnt.sys
+ 2011-10-17 01:33 . 2009-09-04 16:12 30240 c:\windows\system32\DRVSTORE\ssadadb2_9F2CD3CCE7A87CC3E75FD9556977CF2EF6DC40AD\i386\ssadadb.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15 30312 c:\windows\system32\DRVSTORE\ssadadb2_6FBFB7BD831F97C0C49FFC637EF8E261B1BD5DBD\i386\ssadadb.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11 15112 c:\windows\system32\DRVSTORE\ss_mdm2_216D7BF32263B1148A5B933A3315794CD0A5873E\i386\ss_mdfl.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11 12424 c:\windows\system32\DRVSTORE\ss_mdm2_216D7BF32263B1148A5B933A3315794CD0A5873E\i386\ss_cmnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11 12424 c:\windows\system32\DRVSTORE\ss_bus_A0C703FB8469957D809DD9D797EA905CBA4B0AE3\i386\ss_whnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11 83592 c:\windows\system32\DRVSTORE\ss_bus_A0C703FB8469957D809DD9D797EA905CBA4B0AE3\i386\ss_bus.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01 98560 c:\windows\system32\DRVSTORE\ss_bsdm2_1A96E7D9912D595BE4A69BD8225CE5C1BE7B01F9\i386\ss_bserd.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01 12160 c:\windows\system32\DRVSTORE\ss_bsdm2_1A96E7D9912D595BE4A69BD8225CE5C1BE7B01F9\i386\ss_bcmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 12416 c:\windows\system32\DRVSTORE\ss_bsdm2_10B17303D78CD94FDDF50F961E3454D4DD5E1A7A\i386\ss_bcmnt.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01 14976 c:\windows\system32\DRVSTORE\ss_bmdm2_6FA434819A60DA857A32001FF758385CD6AE326D\i386\ss_bmdfl.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01 12160 c:\windows\system32\DRVSTORE\ss_bmdm2_6FA434819A60DA857A32001FF758385CD6AE326D\i386\ss_bcmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 14848 c:\windows\system32\DRVSTORE\ss_bmdm2_25CD552B0C6354F58CE1CF1AC1C75967943356E3\i386\ss_bmdfl.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 12416 c:\windows\system32\DRVSTORE\ss_bmdm2_25CD552B0C6354F58CE1CF1AC1C75967943356E3\i386\ss_bcmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 12288 c:\windows\system32\DRVSTORE\ss_bbus_12BC85144F8D71EFF2F5EFF4FD945E30B2447D45\i386\ss_bwhnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 98432 c:\windows\system32\DRVSTORE\ss_bbus_12BC85144F8D71EFF2F5EFF4FD945E30B2447D45\i386\ss_bbus.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01 12160 c:\windows\system32\DRVSTORE\ss_bbus_104629A5B566D618A5FF3E6A22926FFCF4AD511E\i386\ss_bwhnt.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01 90112 c:\windows\system32\DRVSTORE\ss_bbus_104629A5B566D618A5FF3E6A22926FFCF4AD511E\i386\ss_bbus.sys
+ 2011-10-17 01:33 . 2009-12-24 05:00 25728 c:\windows\system32\DRVSTORE\smhwadb_EE9BB6D5D9C21037CF057BBECBF62CEC8189405D\smhwadb.sys
+ 2011-10-17 01:33 . 2005-07-25 14:04 48640 c:\windows\system32\DRVSTORE\ser2pl_7E6CB372993C5A68E0D6B1FAF1BD37119C1AB0C1\ser2pl.sys
+ 2011-10-17 01:33 . 2009-12-15 03:30 55056 c:\windows\system32\DRVSTORE\ptqhbus_DF19F5DE0112DD08FC27D2DC1E6913B846827DA8\i386\PTQHBUS.sys
+ 2011-10-19 22:20 . 2010-10-13 05:23 58128 c:\windows\system32\DRVSTORE\psmnbus_787B03E3473C86BBDA1EB6175DE3CDA64682B398\i386\PSMNBUS.sys
+ 2011-10-19 22:20 . 2009-07-10 17:01 25856 c:\windows\system32\DRVSTORE\motoandroi_DEB26C1D504C5061D2F03F61E789E25BBF45D268\motoandroid.sys
+ 2011-10-17 01:33 . 2009-07-10 17:01 25856 c:\windows\system32\DRVSTORE\motoandroi_281A0D1CF14FCFFB1B61021B981311BFDC53E1D2\motoandroid.sys
+ 2011-10-19 22:20 . 2011-02-18 03:37 25984 c:\windows\system32\DRVSTORE\lgvzandnet_B94A47D2A0B8519069621028736D8B5E3158BB98\lgvzandnetadb.sys
+ 2011-10-19 22:20 . 2011-02-18 03:34 23296 c:\windows\system32\DRVSTORE\lgvzandnet_5FD88285C4761F821D84D10B0269DD56226E2811\lgvzandnetdiag.sys
+ 2011-10-19 22:20 . 2010-07-21 09:29 25856 c:\windows\system32\DRVSTORE\lgandnetad_828CC4E848AA2E5AB725EC954380613DA3C3BD0E\lgandnetadb.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52 24960 c:\windows\system32\DRVSTORE\lgandmodem_EACE95D5500F7BB1470F9966CA72CB0182E42591\lgandmodem.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52 19968 c:\windows\system32\DRVSTORE\lgandgps_EACE95D5500F7BB1470F9966CA72CB0182E42591\lgandgps.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52 20864 c:\windows\system32\DRVSTORE\lganddiag_EACE95D5500F7BB1470F9966CA72CB0182E42591\lganddiag.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52 14336 c:\windows\system32\DRVSTORE\lgandbus_EACE95D5500F7BB1470F9966CA72CB0182E42591\lgandbus.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52 25728 c:\windows\system32\DRVSTORE\lgandadb_894C09737C7AC28B0F57FE45236D047AA1696840\lgandadb.sys
+ 2011-10-17 01:33 . 2008-03-13 18:52 51528 c:\windows\system32\DRVSTORE\ftdiport_7C3FFC3E04092913979D7E6D761354E5BA36EC6C\i386\ftserui2.dll
+ 2011-10-17 01:33 . 2008-03-13 18:50 72000 c:\windows\system32\DRVSTORE\ftdiport_7C3FFC3E04092913979D7E6D761354E5BA36EC6C\i386\ftser2k.sys
+ 2011-10-17 01:33 . 2008-03-13 18:52 54088 c:\windows\system32\DRVSTORE\ftdiport_7C3FFC3E04092913979D7E6D761354E5BA36EC6C\i386\ftcserco.dll
+ 2011-10-17 01:33 . 2008-03-13 18:51 57536 c:\windows\system32\DRVSTORE\ftdibus_9E256B7D98A828C5E32AA2A56664AF336E092846\i386\ftdibus.sys
+ 2012-03-06 22:52 . 2007-08-31 19:14 38656 c:\windows\system32\DRVSTORE\embda_754491038463AF55DC013DBF40581C2B1BFEE429\emOEM.sys
+ 2012-03-06 22:52 . 2006-12-15 21:54 61440 c:\windows\system32\DRVSTORE\embda_754491038463AF55DC013DBF40581C2B1BFEE429\emMON.exe
+ 2012-03-06 22:52 . 2007-08-31 19:15 24448 c:\windows\system32\DRVSTORE\emaudio_754491038463AF55DC013DBF40581C2B1BFEE429\emAudio.sys
+ 2011-10-19 22:20 . 2010-08-27 00:40 57672 c:\windows\system32\DRVSTORE\c771bus_E1FC5BC5187A501E8DCF9CA386B28E99E3607840\i386\C771BUS.sys
+ 2011-10-19 22:21 . 2010-03-30 16:31 25728 c:\windows\system32\DRVSTORE\android_us_A65B3A0A9A75EAE67D1FF8F0010750EB9A19D1E3\fxxandroidusb.sys
+ 2011-10-17 01:33 . 2009-11-04 14:54 24576 c:\windows\system32\DRVSTORE\android_us_829DB379FCCB62629A656828AF4B687423D00255\androidusb.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06 28032 c:\windows\system32\drivers\sustucau.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06 47360 c:\windows\system32\drivers\sustucap.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06 47360 c:\windows\system32\drivers\sustucam.sys
+ 2008-04-14 00:15 . 2008-04-14 05:15 49408 c:\windows\system32\drivers\stream.sys
- 2008-04-14 00:15 . 2008-04-14 04:15 49408 c:\windows\system32\drivers\stream.sys
+ 2008-04-14 12:00 . 2011-07-08 14:02 10496 c:\windows\system32\drivers\ndistapi.sys
+ 2008-01-14 10:06 . 2011-09-29 07:04 21632 c:\windows\system32\drivers\ManyCam.sys
+ 2009-09-23 14:41 . 2009-03-18 20:35 26176 c:\windows\system32\drivers\hamachi.sys
- 2009-09-23 14:41 . 2009-03-18 21:35 26176 c:\windows\system32\drivers\hamachi.sys
+ 2008-07-29 19:09 . 2008-07-29 19:09 39424 c:\windows\system32\drivers\fantom.sys
+ 2010-01-13 04:10 . 2010-02-11 04:19 53248 c:\windows\system32\drivers\ati2erec.dll
+ 2012-04-11 19:31 . 2012-03-06 23:01 53848 c:\windows\system32\drivers\aswTdi.sys
+ 2012-04-11 19:31 . 2012-03-06 23:02 35672 c:\windows\system32\drivers\aswRdr.sys
+ 2012-04-11 19:31 . 2012-03-06 23:01 95704 c:\windows\system32\drivers\aswmon2.sys
+ 2012-04-11 19:31 . 2012-03-06 23:01 89048 c:\windows\system32\drivers\aswmon.sys
+ 2012-04-11 19:31 . 2012-03-06 23:01 20696 c:\windows\system32\drivers\aswFsBlk.sys
+ 2012-04-11 19:31 . 2012-03-06 22:58 24920 c:\windows\system32\drivers\aavmker4.sys
- 2010-01-14 02:09 . 2011-04-25 16:11 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-01-14 02:09 . 2012-05-11 14:42 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-01-13 03:03 . 2012-06-02 19:19 35864 c:\windows\system32\dllcache\wups.dll
+ 2010-01-13 03:03 . 2012-06-02 19:19 53784 c:\windows\system32\dllcache\wuauclt.exe
+ 2010-01-12 03:54 . 2008-04-14 10:42 53760 c:\windows\system32\dllcache\vfwwdm32.dll
- 2010-01-12 03:54 . 2008-04-14 09:42 53760 c:\windows\system32\dllcache\vfwwdm32.dll
+ 2008-04-14 00:15 . 2008-04-14 05:15 49408 c:\windows\system32\dllcache\stream.sys
- 2008-04-14 00:15 . 2008-04-14 04:15 49408 c:\windows\system32\dllcache\stream.sys
+ 2008-04-14 12:00 . 2011-11-18 12:35 60416 c:\windows\system32\dllcache\packager.exe
+ 2008-04-14 12:00 . 2011-09-26 15:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2008-04-14 12:00 . 2011-07-08 14:02 10496 c:\windows\system32\dllcache\ndistapi.sys
+ 2008-04-14 12:00 . 2012-05-11 14:42 67072 c:\windows\system32\dllcache\mshtmled.dll
+ 2010-01-14 02:09 . 2012-05-11 14:42 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2010-01-14 02:09 . 2011-04-25 16:11 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 23040 c:\windows\system32\dllcache\mciseq.dll
+ 2008-04-14 12:00 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll
+ 2008-04-14 12:00 . 2012-05-11 14:42 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2008-04-14 12:00 . 2011-04-25 16:11 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2008-04-14 12:00 . 2011-04-25 16:11 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-14 12:00 . 2012-05-11 14:42 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2008-04-14 12:00 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2008-04-14 12:00 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2008-04-14 12:00 . 2012-06-02 19:19 97304 c:\windows\system32\dllcache\cdm.dll
+ 2008-04-14 12:00 . 2011-10-28 05:31 33280 c:\windows\system32\csrsrv.dll
- 2008-04-14 12:00 . 2011-04-26 11:07 33280 c:\windows\system32\csrsrv.dll
- 2010-01-13 03:08 . 2011-09-29 01:48 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-13 03:08 . 2012-03-20 05:57 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-13 03:08 . 2012-03-20 05:57 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2010-01-13 03:08 . 2011-09-29 01:48 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-12-01 11:53 . 2012-03-20 05:57 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2010-01-13 03:08 . 2011-09-29 01:48 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2012-01-04 04:35 . 2010-10-24 05:56 49664 c:\windows\system32\CamCodec.dll
+ 2011-09-19 07:07 . 2011-09-19 07:07 58368 c:\windows\system32\bdmpegv.dll
+ 2011-09-19 07:07 . 2011-09-19 07:07 15360 c:\windows\system32\bdmjpeg.dll
+ 2005-10-29 04:49 . 2005-10-29 04:49 25600 c:\windows\system32\bcsprsrc.dll
+ 2005-10-28 21:40 . 2005-10-28 21:40 96792 c:\windows\system32\basecsp.dll
- 2010-01-13 04:10 . 2001-11-09 15:01 24064 c:\windows\system32\ativcoxx.dll
+ 2010-01-13 04:10 . 2001-11-09 16:01 24064 c:\windows\system32\ativcoxx.dll
+ 2010-01-13 04:10 . 2010-02-11 03:53 17408 c:\windows\system32\atitvo32.dll
- 2010-01-13 04:10 . 2005-04-15 01:45 17408 c:\windows\system32\atitvo32.dll
+ 2010-01-13 04:10 . 2010-02-11 04:32 53248 c:\windows\system32\ATIDDC.DLL
- 2010-01-13 04:10 . 2005-04-15 02:09 53248 c:\windows\system32\ATIDDC.DLL
+ 2010-02-11 04:23 . 2010-02-11 04:23 45056 c:\windows\system32\aticalrt.dll
+ 2010-02-11 04:22 . 2010-02-11 04:22 45056 c:\windows\system32\aticalcl.dll
+ 2010-01-13 04:10 . 2010-02-11 04:35 26112 c:\windows\system32\Ati2mdxx.exe
+ 2010-01-13 04:10 . 2010-02-11 04:35 43520 c:\windows\system32\ati2edxx.dll
+ 2012-01-11 20:59 . 2012-01-11 20:59 12920 c:\windows\system32\apl001.sys
+ 2012-01-11 20:59 . 2012-01-11 20:59 10872 c:\windows\system32\apf001.sys
+ 2010-02-11 03:59 . 2010-02-11 03:59 49664 c:\windows\system32\amdpcom32.dll
+ 2010-03-21 23:47 . 2012-05-29 19:33 87952 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
+ 2012-04-26 13:05 . 2012-04-26 13:05 86016 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2012-04-26 12:50 . 2012-04-26 12:50 73408 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2012-04-26 12:50 . 2012-04-26 12:50 64512 c:\windows\system32\Adobe\Shockwave 11\gcapi_dll.dll
+ 2012-04-26 13:06 . 2012-04-26 13:06 12800 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2011-12-26 08:54 . 2011-12-26 08:54 15120 c:\windows\Microsoft.NET\Framework\v4.0.30319\webengine.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 57616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2011-12-26 08:54 . 2011-12-26 08:54 33552 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe
+ 2011-12-25 08:49 . 2011-12-25 08:49 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2012-01-11 08:05 . 2012-01-11 08:05 97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
- 2011-01-10 08:08 . 2011-01-10 08:08 97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
- 2011-06-18 08:01 . 2011-06-18 08:01 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2011-06-18 08:01 . 2011-06-18 08:01 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2011-06-18 08:01 . 2011-06-18 08:01 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2011-01-10 08:08 . 2011-01-10 08:08 29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
+ 2012-01-11 08:05 . 2012-01-11 08:05 29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
- 2011-06-18 08:01 . 2011-06-18 08:01 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2011-06-18 08:01 . 2011-06-18 08:01 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04 70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
- 2011-01-10 08:08 . 2011-01-10 08:08 70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
- 2011-01-10 08:08 . 2011-01-10 08:08 24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04 24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
- 2011-01-10 08:08 . 2011-01-10 08:08 81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04 81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04 33144 c:\windows\Microsoft.NET\assembly\GA<
-
Good job but that's not the complete ComboFix log. You can find the log in C:Combofix. Please post the entire log.
SysProt Antirootkit
Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).
http://sites.google.com/site/sysprotantirootkit/ (http://sites.google.com/site/sysprotantirootkit/)
Unzip it into a folder on your desktop.
- Double click Sysprot.exe to start the program.
- Click on the Log tab.
- In the Write to log box select the following items.
- Process << Selected
- Kernel Modules << Selected
- SSDT << Selected
- Kernel Hooks << Selected
- IRP Hooks << NOT Selected
- Ports << NOT Selected
- Hidden Files << Selected
- At the bottom of the page
- Hidden Objects Only << Selected
- Click on the Create Log button on the bottom right.
- After a few seconds a new window should appear.
- Select Scan Root Drive. Click on the Start button.
- When it is complete a new window will appear to indicate that the scan is finished.
- The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.
-
Yea, I pasted the whole thing here, and wrote a little at the end, but I guess there might be a limit or a glitch of some sort. I'll try again.
ComboFix 12-07-27.02 - Harris Family 07/26/2012 15:55:04.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.931 [GMT -4:00]
Running from: c:\documents and settings\Harris Family\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\documents and settings\Harris Family\Application Data\Toolbar4
c:\windows\system32\SET2E6.tmp
c:\windows\system32\SET76C.tmp
c:\windows\system32\SET770.tmp
c:\windows\system32\SET771.tmp
c:\windows\system32\SET776.tmp
c:\windows\system32\SET77A.tmp
c:\windows\system32\SET7D0.tmp
c:\windows\system32\SET7D2.tmp
c:\windows\system32\SET7D6.tmp
c:\windows\system32\SET7DE.tmp
c:\windows\system32\SETE38.tmp
c:\windows\system32\SETE39.tmp
c:\windows\system32\SETE3D.tmp
c:\windows\system32\SETE3E.tmp
c:\windows\system32\SETE3F.tmp
c:\windows\system32\SETE43.tmp
c:\windows\system32\SETE45.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-06-26 to 2012-07-26 )))))))))))))))))))))))))))))))
.
.
2012-07-26 19:35 . 2012-07-26 19:35 -------- d-----w- c:\program files\Oracle
2012-07-26 19:34 . 2012-07-26 19:31 143872 ----a-w- c:\windows\system32javacpl.cpl
2012-07-26 19:33 . 2012-07-06 02:07 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-07-23 20:18 . 2012-07-23 20:18 -------- d-----w- c:\documents and settings\Harris Family\Application Data\SUPERAntiSpyware.com
2012-07-23 20:18 . 2012-07-23 20:18 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-07-23 20:18 . 2012-07-23 20:18 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2012-07-23 20:17 . 2012-07-23 20:17 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERSetup
2012-07-23 17:22 . 2012-07-03 17:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-20 23:23 . 2012-07-22 04:08 -------- d-----w- c:\documents and settings\Harris Family\Application Data\vlc
2012-07-20 23:20 . 2012-07-20 23:20 -------- d-----w- c:\program files\VideoLAN
2012-07-12 07:22 . 2012-07-12 07:22 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-07-08 19:11 . 2012-07-08 19:11 -------- d-----w- c:\windows\system32\wbem\Repository
2012-07-05 19:57 . 2012-07-05 19:53 3130440 ----a-w- c:\windows\system32\pbsvc_blr.exe
2012-07-05 19:56 . 2012-07-05 19:56 -------- d-----w- c:\program files\NVIDIA Corporation
2012-07-05 19:55 . 2012-07-05 19:55 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 22:30 . 2012-04-02 23:13 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-11 22:30 . 2011-09-29 03:46 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 02:06 . 2011-10-19 17:17 772544 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-07-06 02:06 . 2010-09-07 18:43 687544 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-05 19:58 . 2012-05-28 06:43 138056 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-07-05 19:58 . 2012-01-10 20:02 138056 ----a-w- c:\documents and settings\Harris Family\Application Data\PnkBstrK.sys
2012-07-05 19:57 . 2012-05-28 06:42 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-07-05 19:57 . 2012-01-10 20:02 189248 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-07-05 19:57 . 2012-05-28 06:42 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-06-20 16:56 . 2012-01-30 04:25 71104 ----a-w- c:\windows\CouponPrinter.ocx
2012-06-13 13:19 . 2008-04-14 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:50 . 2008-04-14 12:00 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2008-04-14 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2008-04-14 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 19:19 . 2009-08-07 00:24 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19 . 2010-01-13 03:03 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 19:19 . 2010-01-13 03:03 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19 . 2010-01-13 03:03 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 19:19 . 2009-08-07 00:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19 . 2010-01-13 03:03 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 19:19 . 2010-01-13 03:03 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 19:19 . 2009-08-07 00:24 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 19:19 . 2009-08-07 00:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19 . 2008-04-14 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 19:19 . 2009-08-07 00:24 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:19 . 2010-01-13 03:03 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 19:19 . 2010-01-13 03:03 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 19:18 . 2010-02-01 09:47 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 19:18 . 2010-02-01 09:47 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 19:18 . 2010-02-01 09:47 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22 . 2008-04-14 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-30 20:32 . 2012-01-10 20:11 282104 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-05-16 15:08 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:42 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:42 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-05-04 13:16 . 2008-04-14 12:00 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32 . 2008-04-14 00:01 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2010-01-13 03:01 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-18 18:57 . 2012-06-19 01:31 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\ERDNT\cache\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . D9F19E78F98834CB411D6AD3C68D181A . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
.
((((((((((((((((((((((((((((( SnapShot@2011-09-29_05.36.58 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 06:19 . 2007-11-07 06:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 12:05 . 2008-07-29 12:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 10:07 . 2008-07-29 10:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 10:07 . 2008-07-29 10:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2006-12-02 05:26 . 2006-12-02 05:26 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-02 05:25 . 2006-12-02 05:25 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2009-07-12 00:41 . 2009-07-12 00:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2012-03-10 00:57 . 2012-03-10 00:57 49152 c:\windows\WinSxS\MSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8\MOM.EXE
+ 2012-01-11 08:05 . 2012-01-11 08:05 21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
- 2011-01-10 08:08 . 2011-01-10 08:08 21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
+ 2012-03-10 00:57 . 2012-03-10 00:57 86016 c:\windows\WinSxS\MSIL_LOG_90ba9c70f846762e_2.0.3693.42530_x-ww_47e32df4\LOG.EXE
+ 2012-03-10 00:57 . 2012-03-10 00:57 49152 c:\windows\WinSxS\MSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733\CLI.EXE
+ 2012-03-10 00:57 . 2012-03-10 00:57 49152 c:\windows\WinSxS\MSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0\CCC.EXE
+ 2012-07-26 19:19 . 2012-07-26 19:19 16384 c:\windows\Temp\Perflib_Perfdata_c58.dat
+ 2012-07-26 19:36 . 2012-07-26 19:36 16384 c:\windows\Temp\Perflib_Perfdata_9b8.dat
+ 2010-04-27 18:45 . 2010-04-27 18:45 72856 c:\windows\system32\xliveinstallhost.exe
- 2010-05-02 19:32 . 2007-04-04 22:53 81768 c:\windows\system32\xinput1_3.dll
+ 2010-05-02 19:32 . 2007-04-04 23:53 81768 c:\windows\system32\xinput1_3.dll
- 2010-05-02 19:33 . 2010-02-04 14:01 74072 c:\windows\system32\XAPOFX1_4.dll
+ 2010-05-02 19:33 . 2010-02-04 15:01 74072 c:\windows\system32\XAPOFX1_4.dll
+ 2010-05-02 19:32 . 2008-07-31 15:41 68616 c:\windows\system32\XAPOFX1_1.dll
- 2010-05-02 19:32 . 2008-07-31 14:41 68616 c:\windows\system32\XAPOFX1_1.dll
- 2010-05-02 19:33 . 2010-02-04 14:01 22360 c:\windows\system32\X3DAudio1_7.dll
+ 2010-05-02 19:33 . 2010-02-04 15:01 22360 c:\windows\system32\X3DAudio1_7.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56 14848 c:\windows\system32\wsmprovhost.exe
+ 2009-10-09 19:56 . 2009-10-09 19:56 12288 c:\windows\system32\wsmplpxy.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56 12288 c:\windows\system32\winrssrv.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56 22528 c:\windows\system32\winrshost.exe
+ 2009-10-09 21:22 . 2009-10-09 21:22 69632 c:\windows\system32\winrs.exe
+ 2009-10-09 19:56 . 2009-10-09 19:56 25088 c:\windows\system32\winrmprov.dll
+ 2009-10-09 19:56 . 2009-10-09 19:56 24064 c:\windows\system32\WindowsPowerShell\v1.0\pwrshsip.dll
+ 2010-01-12 03:54 . 2008-04-14 10:42 53760 c:\windows\system32\vfwwdm32.dll
- 2010-01-12 03:54 . 2008-04-14 09:42 53760 c:\windows\system32\vfwwdm32.dll
+ 1998-12-24 15:23 . 1998-12-24 15:23 40960 c:\windows\system32\VBAME.DLL
- 2008-04-14 12:00 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
+ 2008-04-14 12:00 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
+ 2012-06-21 06:53 . 2012-06-02 19:19 45080 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.6.7600.256\wups2.dll
+ 2012-06-21 06:53 . 2012-06-02 19:19 35864 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.6.7600.256\wups.dll
+ 2011-06-16 07:34 . 2011-06-16 07:34 79872 c:\windows\system32\SlotMaximizerAg.dll
+ 1998-03-25 00:54 . 1998-03-25 00:54 15872 c:\windows\system32\SCP32.DLL
+ 2012-03-06 23:16 . 2005-04-15 02:10 73728 c:\windows\system32\ReinstallBackups\0001\DriverFiles\Oemdspif.dll
+ 2012-03-06 23:16 . 2001-11-09 15:01 24064 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ativcoxx.dll
+ 2012-03-06 23:16 . 2005-04-15 01:45 17408 c:\windows\system32\ReinstallBackups\0001\DriverFiles\atitvo32.dll
+ 2012-03-06 23:16 . 2005-04-15 02:11 94208 c:\windows\system32\ReinstallBackups\0001\DriverFiles\atipdlxx.dll
+ 2012-03-06 23:16 . 2005-04-08 20:42 87540 c:\windows\system32\ReinstallBackups\0001\DriverFiles\atiicdxx.dat
+ 2012-03-06 23:16 . 2005-04-15 02:09 53248 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ATIDDC.DLL
+ 2012-03-06 23:16 . 2005-04-15 02:10 25088 c:\windows\system32\ReinstallBackups\0001\DriverFiles\Ati2mdxx.exe
+ 2012-03-06 23:16 . 2005-04-15 02:10 46080 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2evxx.dll
+ 2012-03-06 23:16 . 2005-04-15 01:45 36864 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2erec.dll
+ 2012-03-06 23:16 . 2005-04-15 02:10 39936 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2edxx.dll
+ 2012-03-10 00:46 . 2005-04-15 02:10 73728 c:\windows\system32\ReinstallBackups\0000\DriverFiles\Oemdspif.dll
+ 2012-03-10 00:46 . 2001-11-09 15:01 24064 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ativcoxx.dll
+ 2012-03-10 00:46 . 2005-04-15 01:45 17408 c:\windows\system32\ReinstallBackups\0000\DriverFiles\atitvo32.dll
+ 2012-03-10 00:46 . 2005-04-15 02:11 94208 c:\windows\system32\ReinstallBackups\0000\DriverFiles\atipdlxx.dll
+ 2012-03-10 00:46 . 2005-04-08 20:42 87540 c:\windows\system32\ReinstallBackups\0000\DriverFiles\atiicdxx.dat
+ 2012-03-10 00:46 . 2005-04-15 02:09 53248 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ATIDDC.DLL
+ 2012-03-10 00:46 . 2005-04-15 02:10 25088 c:\windows\system32\ReinstallBackups\0000\DriverFiles\Ati2mdxx.exe
+ 2012-03-10 00:46 . 2005-04-15 02:10 46080 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2evxx.dll
+ 2012-03-10 00:46 . 2005-04-15 01:45 36864 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2erec.dll
+ 2012-03-10 00:46 . 2005-04-15 02:10 39936 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2edxx.dll
+ 2012-03-09 20:29 . 2011-12-30 22:03 21336 c:\windows\system32\RegistryDefragBootTime.exe
+ 2009-10-09 21:22 . 2009-10-09 21:22 42496 c:\windows\system32\pwrshplugin.dll
+ 2005-10-29 04:49 . 2005-10-29 04:49 84480 c:\windows\system32\pintool.exe
+ 2008-04-14 12:00 . 2012-06-14 07:22 85886 c:\windows\system32\perfc009.dat
+ 2008-04-14 12:00 . 2011-11-18 12:35 60416 c:\windows\system32\packager.exe
+ 2011-10-26 02:21 . 2011-10-26 02:21 56832 c:\windows\system32\OVDecoder.dll
+ 2000-01-11 04:33 . 2000-01-11 04:33 65586 c:\windows\system32\OUTLWAB.DLL
+ 2011-10-26 02:21 . 2011-10-26 02:21 56832 c:\windows\system32\OpenVideo.dll
+ 2011-10-26 02:19 . 2011-10-26 02:19 44032 c:\windows\system32\OpenCL.dll
+ 2008-04-14 12:00 . 2011-09-26 15:41 20480 c:\windows\system32\oleaccrc.dll
+ 2007-02-22 14:48 . 2007-02-22 14:48 68896 c:\windows\system32\NiViSv32.dll
+ 1998-08-09 14:07 . 1998-08-09 14:07 94208 c:\windows\system32\MSSTKPRP.DLL
+ 1999-01-22 18:46 . 1999-01-22 18:46 65536 c:\windows\system32\MSRTEDIT.DLL
+ 1999-10-13 21:12 . 1999-10-13 21:12 28944 c:\windows\system32\MSRECR40.DLL
+ 1997-07-11 04:00 . 1997-07-11 04:00 22016 c:\windows\system32\MSIMRT32.DLL
+ 1997-07-11 04:00 . 1997-07-11 04:00 10544 c:\windows\system32\MSIMRT16.DLL
+ 1997-07-11 04:00 . 1997-07-11 04:00 14336 c:\windows\system32\MSIMRT.DLL
+ 2008-04-14 12:00 . 2012-05-11 14:42 67072 c:\windows\system32\mshtmled.dll
- 2009-03-08 09:31 . 2011-04-25 16:11 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 09:31 . 2012-05-11 14:42 55296 c:\windows\system32\msfeedsbs.dll
+ 2011-11-11 00:15 . 2011-11-11 00:15 19240 c:\windows\system32\mlfcache.dat
+ 1998-06-17 06:08 . 1998-06-17 06:08 53248 c:\windows\system32\MFC42ENU.DLL
+ 1999-03-03 15:05 . 1999-03-03 15:05 81920 c:\windows\system32\MDT2FW95.DLL
- 2008-04-14 12:00 . 2008-04-14 12:00 23040 c:\windows\system32\mciseq.dll
+ 2008-04-14 12:00 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll
+ 1998-10-01 16:00 . 1998-10-01 16:00 40208 c:\windows\system32\MAPISRVR.EXE
+ 2011-11-22 15:50 . 2011-11-22 15:50 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
- 2011-02-02 13:35 . 2011-02-02 13:35 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
- 2011-02-02 13:35 . 2011-02-02 13:35 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
+ 2011-11-22 15:50 . 2011-11-22 15:50 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
+ 2011-11-22 15:50 . 2011-11-22 15:50 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
- 2011-02-02 13:35 . 2011-02-02 13:35 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
+ 2011-11-22 15:50 . 2011-11-22 15:50 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
- 2011-02-02 13:35 . 2011-02-02 13:35 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2002-10-21 19:29 . 2002-10-21 19:29 76800 c:\windows\system32\Lvgl13n.dll
+ 2002-10-21 19:30 . 2002-10-21 19:30 74240 c:\windows\system32\Lvdx13n.dll
+ 2002-10-21 19:01 . 2002-10-21 19:01 30208 c:\windows\system32\LTWND13n.DLL
+ 2002-10-24 21:12 . 2002-10-24 21:12 53248 c:\windows\system32\LTWEB13n.dll
+ 2002-10-24 21:10 . 2002-10-24 21:10 35328 c:\windows\system32\LTTWN13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 32256 c:\windows\system32\LTTMB13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 95232 c:\windows\system32\LTPDG13N.DLL
+ 2002-10-21 19:02 . 2002-10-21 19:02 61952 c:\windows\system32\LTNET13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 51200 c:\windows\system32\LTLST13N.DLL
+ 2002-10-21 19:01 . 2002-10-21 19:01 35328 c:\windows\system32\LTISI13N.DLL
+ 2000-07-07 10:49 . 2000-07-07 10:49 69120 c:\windows\system32\LTDLL.DLL
+ 2002-10-24 21:10 . 2002-10-24 21:10 65024 c:\windows\system32\LTBAR13N.DLL
+ 2002-10-21 19:05 . 2002-10-21 19:05 25600 c:\windows\system32\LFXWD13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 47104 c:\windows\system32\lfXpm13n.dll
+ 2002-10-24 21:11 . 2002-10-24 21:11 45056 c:\windows\system32\lfXbm13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05 20480 c:\windows\system32\LFWPG13N.DLL
+ 2002-10-21 19:38 . 2002-10-21 19:38 33280 c:\windows\system32\LFWMP13N.DLL
+ 2002-10-21 19:38 . 2002-10-21 19:38 76800 c:\windows\system32\Lfwmf13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05 19968 c:\windows\system32\LFWFX13N.DLL
+ 2002-10-21 19:34 . 2002-10-21 19:34 33280 c:\windows\system32\LFVEC13N.DLL
+ 2002-10-21 19:05 . 2002-10-21 19:05 24576 c:\windows\system32\LFTGA13N.DLL
+ 2002-10-21 19:37 . 2002-10-21 19:37 33792 c:\windows\system32\LFSMP13n.dll
+ 2002-10-10 02:53 . 2002-10-10 02:53 82944 c:\windows\system32\LFSHP13N.DLL
+ 2002-10-21 19:05 . 2002-10-21 19:05 20480 c:\windows\system32\LFSGI13N.DLL
+ 2002-10-21 19:37 . 2002-10-21 19:37 58368 c:\windows\system32\LFSCT13N.DLL
+ 2002-10-21 19:06 . 2002-10-21 19:06 17920 c:\windows\system32\lfRaw13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05 20480 c:\windows\system32\LFRAS13N.DLL
+ 2002-10-21 19:38 . 2002-10-21 19:38 69632 c:\windows\system32\LFPTK13n.dll
+ 2002-10-21 19:05 . 2002-10-21 19:05 55296 c:\windows\system32\LFPSD13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 31232 c:\windows\system32\LFPNM13n.dll
+ 2002-10-21 19:04 . 2002-10-21 19:04 26112 c:\windows\system32\LFPCX13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04 65536 c:\windows\system32\Lfpct13n.dll
+ 2002-10-24 21:11 . 2002-10-24 21:11 19968 c:\windows\system32\LFPCD13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04 18944 c:\windows\system32\LFMSP13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04 18944 c:\windows\system32\LFMAC13N.DLL
+ 2002-10-21 19:04 . 2002-10-21 19:04 31744 c:\windows\system32\LFLMB13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 29184 c:\windows\system32\LFLMA13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 90112 c:\windows\system32\LFJBG13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 19968 c:\windows\system32\LFITG13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 20992 c:\windows\system32\LFIMG13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 27136 c:\windows\system32\LFIFF13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 48128 c:\windows\system32\LFICA13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 35328 c:\windows\system32\LFGIF13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 84480 c:\windows\system32\LFFPX13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 38400 c:\windows\system32\LFFLC13N.DLL
+ 2002-10-22 16:51 . 2002-10-22 16:51 73216 c:\windows\system32\LFFAX13N.DLL
+ 2002-10-21 19:03 . 2002-10-21 19:03 37888 c:\windows\system32\LFEPS13N.DLL
+ 2002-10-21 19:32 . 2002-10-21 19:32 94208 c:\windows\system32\LFDRW13N.DLL
+ 2002-10-21 19:32 . 2002-10-21 19:32 79872 c:\windows\system32\Lfdgn13n.dll
+ 2002-10-24 21:11 . 2002-10-24 21:11 21504 c:\windows\system32\lfCUT13n.dll
+ 2002-07-23 20:37 . 2002-07-23 20:37 90112 c:\windows\system32\Lfcmx13n.dll
+ 2002-10-21 19:03 . 2002-10-21 19:03 31744 c:\windows\system32\LFCLP13N.DLL
+ 2002-10-21 19:31 . 2002-10-21 19:31 90624 c:\windows\system32\Lfcgm13n.dll
+ 2002-10-21 19:02 . 2002-10-21 19:02 35840 c:\windows\system32\LFCAL13N.DLL
+ 2002-10-21 19:02 . 2002-10-21 19:02 30208 c:\windows\system32\LFBMP13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 23040 c:\windows\system32\LFAWD13N.DLL
+ 2002-10-21 19:02 . 2002-10-21 19:02 18944 c:\windows\system32\LFAVI13N.DLL
+ 2002-10-24 21:11 . 2002-10-24 21:11 25600 c:\windows\system32\LFANI13N.DLL
+ 2002-06-28 21:02 . 2002-06-28 21:02 91136 c:\windows\system32\LFACS13N.DLL
- 2008-04-14 12:00 . 2011-04-25 16:11 25600 c:\windows\system32\jsproxy.dll
+ 2008-04-14 12:00 . 2012-05-11 14:42 25600 c:\windows\system32\jsproxy.dll
+ 1999-10-28 22:49 . 1999-10-28 22:49 26384 c:\windows\system32\FM20ENU.DLL
+ 1999-02-16 19:38 . 1999-02-16 19:38 38912 c:\windows\system32\EXSEC32.DLL
+ 2011-10-19 22:20 . 2010-10-20 14:04 12616 c:\windows\system32\DRVSTORE\sy11ser2_C8055990E74A8336FB891A1C51483808C1A377B4\i386\sy11cmnt.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04 14920 c:\windows\system32\DRVSTORE\sy11nmea2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11mdfl.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04 12616 c:\windows\system32\DRVSTORE\sy11nmea2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11cmnt.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04 14920 c:\windows\system32\DRVSTORE\sy11mdm2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11mdfl.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04 12616 c:\windows\system32\DRVSTORE\sy11mdm2_D56651AD79544BB1225E0042EE42B59A5660CBB5\i386\sy11cmnt.sys
+ 2011-10-19 22:20 . 2010-10-20 14:04 12488 c:\windows\system32\DRVSTORE\sy11bus_3B750B8957F0495C30C6A1637C4365210D2F7D96\i386\sy11whnt.sys
+ 2011-10-19 22:20 . 2009-11-25 15:06 28032 c:\windows\system32\DRVSTORE\sustucau_DFCD71BD0A5B77107C2A164AECAF8B184C1DAC23\x32\sustucau.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06 28032 c:\windows\system32\DRVSTORE\sustucau_C9E6DF1C8048DC72D36CCAEEE3BACCDB441567F5\x32\sustucau.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06 47360 c:\windows\system32\DRVSTORE\sustucap_C0F16DE8BAD19A3D9B57336A0A69209EB10E7CCF\x32\sustucap.sys
+ 2011-10-19 22:20 . 2009-11-25 15:06 47360 c:\windows\system32\DRVSTORE\sustucap_1EDD86B8B9BFED1A6DCE1575A58CC70E11B53813\x32\sustucap.sys
+ 2011-10-19 22:20 . 2009-11-25 15:06 47360 c:\windows\system32\DRVSTORE\sustucam_F6944BDF91F4A423970BB44E6B3D50807D2E59C4\x32\sustucam.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06 47360 c:\windows\system32\DRVSTORE\sustucam_1FF22367248D356C8388AA6F6326380ACFFB8B76\x32\sustucam.sys
+ 2011-10-17 01:33 . 2007-03-20 07:33 28672 c:\windows\system32\DRVSTORE\susidn_183D6B8EF1D89794BD9426AEDC366357BC9AD747\libusb0.sys
+ 2011-10-17 01:33 . 2007-03-20 07:33 43520 c:\windows\system32\DRVSTORE\susidn_183D6B8EF1D89794BD9426AEDC366357BC9AD747\libusb0.dll
+ 2011-10-17 01:33 . 2009-06-30 21:47 25728 c:\windows\system32\DRVSTORE\susandroid_FC9F522E221128D699F3791DC5748637249EF286\androidusb.sys
+ 2011-10-19 22:20 . 2009-06-30 21:47 25728 c:\windows\system32\DRVSTORE\susandroid_33DEEEA9E288DC4CD2A2FBA1153E97C5656C83CF\androidusb.sys
+ 2011-10-17 01:33 . 2007-11-20 23:35 49792 c:\windows\system32\DRVSTORE\sus2pl_83E3644ECEC403037D5191175417DD7D9F6E0A41\sus2pl.sys
+ 2011-10-19 22:20 . 2011-08-25 01:43 77624 c:\windows\system32\DRVSTORE\ssudbus_480379E0B82376A51FBA49F20A6552067343B7C5\i386\ssudbus.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12 12424 c:\windows\system32\DRVSTORE\ssm_ser2_B621C3240C85E19C4E244497B86AA9D67533C4DC\i386\ssm_cmnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12 15112 c:\windows\system32\DRVSTORE\ssm_mdm2_B621C3240C85E19C4E244497B86AA9D67533C4DC\i386\ssm_mdfl.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12 12424 c:\windows\system32\DRVSTORE\ssm_mdm2_B621C3240C85E19C4E244497B86AA9D67533C4DC\i386\ssm_cmnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12 12424 c:\windows\system32\DRVSTORE\ssm_bus_EE9DFA265F838793D1C273D5545AB1C0C5AC6695\i386\ssm_whnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:12 83592 c:\windows\system32\DRVSTORE\ssm_bus_EE9DFA265F838793D1C273D5545AB1C0C5AC6695\i386\ssm_bus.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 12160 c:\windows\system32\DRVSTORE\ssecunic_A24B1C89EAA29049770A027B837B79C454C2BE7F\i386\ssecwhnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 10624 c:\windows\system32\DRVSTORE\ssecunic_A24B1C89EAA29049770A027B837B79C454C2BE7F\i386\sseccrnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 12160 c:\windows\system32\DRVSTORE\ssecsdm2_6084F8D8AAAC4998F190285B0975591A9E522F47\i386\sseccmnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 12160 c:\windows\system32\DRVSTORE\ssecobx2_0E3C23A2AF7322625D7CB5A230D402C8D622EC9B\i386\sseccmnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 25856 c:\windows\system32\DRVSTORE\ssecndis_A24B1C89EAA29049770A027B837B79C454C2BE7F\i386\ssecnd5.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 14976 c:\windows\system32\DRVSTORE\ssecmdm2_E671AB05B6ECA67B0DD4FA29746FD625F717E338\i386\ssecmdfl.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 12160 c:\windows\system32\DRVSTORE\ssecmdm2_E671AB05B6ECA67B0DD4FA29746FD625F717E338\i386\sseccmnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 12160 c:\windows\system32\DRVSTORE\ssecbus_7E9D79E81F4A1719CED202B2FB04E7C48E5B8945\i386\ssecwhnt.sys
+ 2011-10-17 01:33 . 2009-01-15 15:11 86528 c:\windows\system32\DRVSTORE\ssecbus_7E9D79E81F4A1719CED202B2FB04E7C48E5B8945\i386\ssecbus.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41 98688 c:\windows\system32\DRVSTORE\sscesdm2_BB82E7479D7E2F0C90BFE508B21515FFA2AFD8D8\i386\ssceserd.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41 12160 c:\windows\system32\DRVSTORE\sscesdm2_BB82E7479D7E2F0C90BFE508B21515FFA2AFD8D8\i386\sscecmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 12416 c:\windows\system32\DRVSTORE\sscesdm2_7AD4829229782EAD7A14A10BC5E01E956779886D\i386\sscecmnt.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41 14976 c:\windows\system32\DRVSTORE\sscemdm2_95625B00DD45C398488289AAB907DEB21FCFF6CE\i386\sscemdfl.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41 12160 c:\windows\system32\DRVSTORE\sscemdm2_95625B00DD45C398488289AAB907DEB21FCFF6CE\i386\sscecmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 14848 c:\windows\system32\DRVSTORE\sscemdm2_34771A624205C079100D51ABFD3F0EFDC377F971\i386\sscemdfl.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 12416 c:\windows\system32\DRVSTORE\sscemdm2_34771A624205C079100D51ABFD3F0EFDC377F971\i386\sscecmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 12288 c:\windows\system32\DRVSTORE\sscebus_659A3532090130C12253E064E99D5D4049A341E9\i386\sscewhnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 98560 c:\windows\system32\DRVSTORE\sscebus_659A3532090130C12253E064E99D5D4049A341E9\i386\sscebus.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41 12160 c:\windows\system32\DRVSTORE\sscebus_0199D7263C408755807E65867454841681E758C8\i386\sscewhnt.sys
+ 2011-10-17 01:33 . 2009-05-13 15:41 90240 c:\windows\system32\DRVSTORE\sscebus_0199D7263C408755807E65867454841681E758C8\i386\sscebus.sys
+ 2011-10-17 01:33 . 2007-07-03 20:57 11944 c:\windows\system32\DRVSTORE\sscdw2k_1884E0BBC3477068D88D04D6EA7B69C88AE93B94\i386\sscdmdfl.sys
+ 2011-10-17 01:33 . 2007-07-03 20:59 86824 c:\windows\system32\DRVSTORE\sscdsdm2_1E0DD9732FD56E67D2D50B616A3C7C3CC5B8965E\i386\sscdserd.sys
+ 2011-10-17 01:33 . 2007-07-03 20:54 80552 c:\windows\system32\DRVSTORE\sscdbus_E3A7A7036AB81E14A21B18864187D06666BE1000\i386\sscdbus.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15 10472 c:\windows\system32\DRVSTORE\ssadsdm2_CB0D6A64C81E723D813A6F2A9668D95F91F371C0\i386\ssadcmnt.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40 14976 c:\windows\system32\DRVSTORE\ssadmdm2_BB9A889FDC3B66435A9ABCEF20FAFE1691169A32\i386\ssadmdfl.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40 12160 c:\windows\system32\DRVSTORE\ssadmdm2_BB9A889FDC3B66435A9ABCEF20FAFE1691169A32\i386\ssadcmnt.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15 12776 c:\windows\system32\DRVSTORE\ssadmdm2_3B9F84FDB4850DC91A3CAFF448723EA532732F1F\i386\ssadmdfl.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15 10472 c:\windows\system32\DRVSTORE\ssadmdm2_3B9F84FDB4850DC91A3CAFF448723EA532732F1F\i386\ssadcmnt.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40 12160 c:\windows\system32\DRVSTORE\ssadbus_ECD95F04F506242D65A2FBE013D1EFC237EA84E5\i386\ssadwhnt.sys
+ 2011-10-17 01:33 . 2009-09-11 15:40 90240 c:\windows\system32\DRVSTORE\ssadbus_ECD95F04F506242D65A2FBE013D1EFC237EA84E5\i386\ssadbus.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15 10344 c:\windows\system32\DRVSTORE\ssadbus_2112C6E16CA9C1DAD7D12BFCA60FCA72A02EBB81\i386\ssadwhnt.sys
+ 2011-10-17 01:33 . 2009-09-04 16:12 30240 c:\windows\system32\DRVSTORE\ssadadb2_9F2CD3CCE7A87CC3E75FD9556977CF2EF6DC40AD\i386\ssadadb.sys
+ 2011-10-19 22:20 . 2011-01-12 22:15 30312 c:\windows\system32\DRVSTORE\ssadadb2_6FBFB7BD831F97C0C49FFC637EF8E261B1BD5DBD\i386\ssadadb.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11 15112 c:\windows\system32\DRVSTORE\ss_mdm2_216D7BF32263B1148A5B933A3315794CD0A5873E\i386\ss_mdfl.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11 12424 c:\windows\system32\DRVSTORE\ss_mdm2_216D7BF32263B1148A5B933A3315794CD0A5873E\i386\ss_cmnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11 12424 c:\windows\system32\DRVSTORE\ss_bus_A0C703FB8469957D809DD9D797EA905CBA4B0AE3\i386\ss_whnt.sys
+ 2011-10-17 01:33 . 2007-05-02 15:11 83592 c:\windows\system32\DRVSTORE\ss_bus_A0C703FB8469957D809DD9D797EA905CBA4B0AE3\i386\ss_bus.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01 98560 c:\windows\system32\DRVSTORE\ss_bsdm2_1A96E7D9912D595BE4A69BD8225CE5C1BE7B01F9\i386\ss_bserd.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01 12160 c:\windows\system32\DRVSTORE\ss_bsdm2_1A96E7D9912D595BE4A69BD8225CE5C1BE7B01F9\i386\ss_bcmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 12416 c:\windows\system32\DRVSTORE\ss_bsdm2_10B17303D78CD94FDDF50F961E3454D4DD5E1A7A\i386\ss_bcmnt.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01 14976 c:\windows\system32\DRVSTORE\ss_bmdm2_6FA434819A60DA857A32001FF758385CD6AE326D\i386\ss_bmdfl.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01 12160 c:\windows\system32\DRVSTORE\ss_bmdm2_6FA434819A60DA857A32001FF758385CD6AE326D\i386\ss_bcmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 14848 c:\windows\system32\DRVSTORE\ss_bmdm2_25CD552B0C6354F58CE1CF1AC1C75967943356E3\i386\ss_bmdfl.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 12416 c:\windows\system32\DRVSTORE\ss_bmdm2_25CD552B0C6354F58CE1CF1AC1C75967943356E3\i386\ss_bcmnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 12288 c:\windows\system32\DRVSTORE\ss_bbus_12BC85144F8D71EFF2F5EFF4FD945E30B2447D45\i386\ss_bwhnt.sys
+ 2011-10-19 22:20 . 2010-12-21 02:55 98432 c:\windows\system32\DRVSTORE\ss_bbus_12BC85144F8D71EFF2F5EFF4FD945E30B2447D45\i386\ss_bbus.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01 12160 c:\windows\system32\DRVSTORE\ss_bbus_104629A5B566D618A5FF3E6A22926FFCF4AD511E\i386\ss_bwhnt.sys
+ 2011-10-17 01:33 . 2009-03-20 14:01 90112 c:\windows\system32\DRVSTORE\ss_bbus_104629A5B566D618A5FF3E6A22926FFCF4AD511E\i386\ss_bbus.sys
+ 2011-10-17 01:33 . 2009-12-24 05:00 25728 c:\windows\system32\DRVSTORE\smhwadb_EE9BB6D5D9C21037CF057BBECBF62CEC8189405D\smhwadb.sys
+ 2011-10-17 01:33 . 2005-07-25 14:04 48640 c:\windows\system32\DRVSTORE\ser2pl_7E6CB372993C5A68E0D6B1FAF1BD37119C1AB0C1\ser2pl.sys
+ 2011-10-17 01:33 . 2009-12-15 03:30 55056 c:\windows\system32\DRVSTORE\ptqhbus_DF19F5DE0112DD08FC27D2DC1E6913B846827DA8\i386\PTQHBUS.sys
+ 2011-10-19 22:20 . 2010-10-13 05:23 58128 c:\windows\system32\DRVSTORE\psmnbus_787B03E3473C86BBDA1EB6175DE3CDA64682B398\i386\PSMNBUS.sys
+ 2011-10-19 22:20 . 2009-07-10 17:01 25856 c:\windows\system32\DRVSTORE\motoandroi_DEB26C1D504C5061D2F03F61E789E25BBF45D268\motoandroid.sys
+ 2011-10-17 01:33 . 2009-07-10 17:01 25856 c:\windows\system32\DRVSTORE\motoandroi_281A0D1CF14FCFFB1B61021B981311BFDC53E1D2\motoandroid.sys
+ 2011-10-19 22:20 . 2011-02-18 03:37 25984 c:\windows\system32\DRVSTORE\lgvzandnet_B94A47D2A0B8519069621028736D8B5E3158BB98\lgvzandnetadb.sys
+ 2011-10-19 22:20 . 2011-02-18 03:34 23296 c:\windows\system32\DRVSTORE\lgvzandnet_5FD88285C4761F821D84D10B0269DD56226E2811\lgvzandnetdiag.sys
+ 2011-10-19 22:20 . 2010-07-21 09:29 25856 c:\windows\system32\DRVSTORE\lgandnetad_828CC4E848AA2E5AB725EC954380613DA3C3BD0E\lgandnetadb.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52 24960 c:\windows\system32\DRVSTORE\lgandmodem_EACE95D5500F7BB1470F9966CA72CB0182E42591\lgandmodem.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52 19968 c:\windows\system32\DRVSTORE\lgandgps_EACE95D5500F7BB1470F9966CA72CB0182E42591\lgandgps.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52 20864 c:\windows\system32\DRVSTORE\lganddiag_EACE95D5500F7BB1470F9966CA72CB0182E42591\lganddiag.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52 14336 c:\windows\system32\DRVSTORE\lgandbus_EACE95D5500F7BB1470F9966CA72CB0182E42591\lgandbus.sys
+ 2011-10-17 01:33 . 2010-03-31 23:52 25728 c:\windows\system32\DRVSTORE\lgandadb_894C09737C7AC28B0F57FE45236D047AA1696840\lgandadb.sys
+ 2011-10-17 01:33 . 2008-03-13 18:52 51528 c:\windows\system32\DRVSTORE\ftdiport_7C3FFC3E04092913979D7E6D761354E5BA36EC6C\i386\ftserui2.dll
+ 2011-10-17 01:33 . 2008-03-13 18:50 72000 c:\windows\system32\DRVSTORE\ftdiport_7C3FFC3E04092913979D7E6D761354E5BA36EC6C\i386\ftser2k.sys
+ 2011-10-17 01:33 . 2008-03-13 18:52 54088 c:\windows\system32\DRVSTORE\ftdiport_7C3FFC3E04092913979D7E6D761354E5BA36EC6C\i386\ftcserco.dll
+ 2011-10-17 01:33 . 2008-03-13 18:51 57536 c:\windows\system32\DRVSTORE\ftdibus_9E256B7D98A828C5E32AA2A56664AF336E092846\i386\ftdibus.sys
+ 2012-03-06 22:52 . 2007-08-31 19:14 38656 c:\windows\system32\DRVSTORE\embda_754491038463AF55DC013DBF40581C2B1BFEE429\emOEM.sys
+ 2012-03-06 22:52 . 2006-12-15 21:54 61440 c:\windows\system32\DRVSTORE\embda_754491038463AF55DC013DBF40581C2B1BFEE429\emMON.exe
+ 2012-03-06 22:52 . 2007-08-31 19:15 24448 c:\windows\system32\DRVSTORE\emaudio_754491038463AF55DC013DBF40581C2B1BFEE429\emAudio.sys
+ 2011-10-19 22:20 . 2010-08-27 00:40 57672 c:\windows\system32\DRVSTORE\c771bus_E1FC5BC5187A501E8DCF9CA386B28E99E3607840\i386\C771BUS.sys
+ 2011-10-19 22:21 . 2010-03-30 16:31 25728 c:\windows\system32\DRVSTORE\android_us_A65B3A0A9A75EAE67D1FF8F0010750EB9A19D1E3\fxxandroidusb.sys
+ 2011-10-17 01:33 . 2009-11-04 14:54 24576 c:\windows\system32\DRVSTORE\android_us_829DB379FCCB62629A656828AF4B687423D00255\androidusb.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06 28032 c:\windows\system32\drivers\sustucau.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06 47360 c:\windows\system32\drivers\sustucap.sys
+ 2011-10-17 01:33 . 2009-11-25 15:06 47360 c:\windows\system32\drivers\sustucam.sys
+ 2008-04-14 00:15 . 2008-04-14 05:15 49408 c:\windows\system32\drivers\stream.sys
- 2008-04-14 00:15 . 2008-04-14 04:15 49408 c:\windows\system32\drivers\stream.sys
+ 2008-04-14 12:00 . 2011-07-08 14:02 10496 c:\windows\system32\drivers\ndistapi.sys
+ 2008-01-14 10:06 . 2011-09-29 07:04 21632 c:\windows\system32\drivers\ManyCam.sys
+ 2009-09-23 14:41 . 2009-03-18 20:35 26176 c:\windows\system32\drivers\hamachi.sys
- 2009-09-23 14:41 . 2009-03-18 21:35 26176 c:\windows\system32\drivers\hamachi.sys
+ 2008-07-29 19:09 . 2008-07-29 19:09 39424 c:\windows\system32\drivers\fantom.sys
+ 2010-01-13 04:10 . 2010-02-11 04:19 53248 c:\windows\system32\drivers\ati2erec.dll
+ 2012-04-11 19:31 . 2012-03-06 23:01 53848 c:\windows\system32\drivers\aswTdi.sys
+ 2012-04-11 19:31 . 2012-03-06 23:02 35672 c:\windows\system32\drivers\aswRdr.sys
+ 2012-04-11 19:31 . 2012-03-06 23:01 95704 c:\windows\system32\drivers\aswmon2.sys
+ 2012-04-11 19:31 . 2012-03-06 23:01 89048 c:\windows\system32\drivers\aswmon.sys
+ 2012-04-11 19:31 . 2012-03-06 23:01 20696 c:\windows\system32\drivers\aswFsBlk.sys
+ 2012-04-11 19:31 . 2012-03-06 22:58 24920 c:\windows\system32\drivers\aavmker4.sys
- 2010-01-14 02:09 . 2011-04-25 16:11 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-01-14 02:09 . 2012-05-11 14:42 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-01-13 03:03 . 2012-06-02 19:19 35864 c:\windows\system32\dllcache\wups.dll
+ 2010-01-13 03:03 . 2012-06-02 19:19 53784 c:\windows\system32\dllcache\wuauclt.exe
+ 2010-01-12 03:54 . 2008-04-14 10:42 53760 c:\windows\system32\dllcache\vfwwdm32.dll
- 2010-01-12 03:54 . 2008-04-14 09:42 53760 c:\windows\system32\dllcache\vfwwdm32.dll
+ 2008-04-14 00:15 . 2008-04-14 05:15 49408 c:\windows\system32\dllcache\stream.sys
- 2008-04-14 00:15 . 2008-04-14 04:15 49408 c:\windows\system32\dllcache\stream.sys
+ 2008-04-14 12:00 . 2011-11-18 12:35 60416 c:\windows\system32\dllcache\packager.exe
+ 2008-04-14 12:00 . 2011-09-26 15:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2008-04-14 12:00 . 2011-07-08 14:02 10496 c:\windows\system32\dllcache\ndistapi.sys
+ 2008-04-14 12:00 . 2012-05-11 14:42 67072 c:\windows\system32\dllcache\mshtmled.dll
+ 2010-01-14 02:09 . 2012-05-11 14:42 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2010-01-14 02:09 . 2011-04-25 16:11 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 23040 c:\windows\system32\dllcache\mciseq.dll
+ 2008-04-14 12:00 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll
+ 2008-04-14 12:00 . 2012-05-11 14:42 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2008-04-14 12:00 . 2011-04-25 16:11 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2008-04-14 12:00 . 2011-04-25 16:11 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-14 12:00 . 2012-05-11 14:42 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2008-04-14 12:00 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2008-04-14 12:00 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2008-04-14 12:00 . 2012-06-02 19:19 97304 c:\windows\system32\dllcache\cdm.dll
+ 2008-04-14 12:00 . 2011-10-28 05:31 33280 c:\windows\system32\csrsrv.dll
- 2008-04-14 12:00 . 2011-04-26 11:07 33280 c:\windows\system32\csrsrv.dll
- 2010-01-13 03:08 . 2011-09-29 01:48 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-13 03:08 . 2012-03-20 05:57 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-13 03:08 . 2012-03-20 05:57 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2010-01-13 03:08 . 2011-09-29 01:48 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-12-01 11:53 . 2012-03-20 05:57 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2010-01-13 03:08 . 2011-09-29 01:48 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2012-01-04 04:35 . 2010-10-24 05:56 49664 c:\windows\system32\CamCodec.dll
+ 2011-09-19 07:07 . 2011-09-19 07:07 58368 c:\windows\system32\bdmpegv.dll
+ 2011-09-19 07:07 . 2011-09-19 07:07 15360 c:\windows\system32\bdmjpeg.dll
+ 2005-10-29 04:49 . 2005-10-29 04:49 25600 c:\windows\system32\bcsprsrc.dll
+ 2005-10-28 21:40 . 2005-10-28 21:40 96792 c:\windows\system32\basecsp.dll
- 2010-01-13 04:10 . 2001-11-09 15:01 24064 c:\windows\system32\ativcoxx.dll
+ 2010-01-13 04:10 . 2001-11-09 16:01 24064 c:\windows\system32\ativcoxx.dll
+ 2010-01-13 04:10 . 2010-02-11 03:53 17408 c:\windows\system32\atitvo32.dll
- 2010-01-13 04:10 . 2005-04-15 01:45 17408 c:\windows\system32\atitvo32.dll
+ 2010-01-13 04:10 . 2010-02-11 04:32 53248 c:\windows\system32\ATIDDC.DLL
- 2010-01-13 04:10 . 2005-04-15 02:09 53248 c:\windows\system32\ATIDDC.DLL
+ 2010-02-11 04:23 . 2010-02-11 04:23 45056 c:\windows\system32\aticalrt.dll
+ 2010-02-11 04:22 . 2010-02-11 04:22 45056 c:\windows\system32\aticalcl.dll
+ 2010-01-13 04:10 . 2010-02-11 04:35 26112 c:\windows\system32\Ati2mdxx.exe
+ 2010-01-13 04:10 . 2010-02-11 04:35 43520 c:\windows\system32\ati2edxx.dll
+ 2012-01-11 20:59 . 2012-01-11 20:59 12920 c:\windows\system32\apl001.sys
+ 2012-01-11 20:59 . 2012-01-11 20:59 10872 c:\windows\system32\apf001.sys
+ 2010-02-11 03:59 . 2010-02-11 03:59 49664 c:\windows\system32\amdpcom32.dll
+ 2010-03-21 23:47 . 2012-05-29 19:33 87952 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
+ 2012-04-26 13:05 . 2012-04-26 13:05 86016 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2012-04-26 12:50 . 2012-04-26 12:50 73408 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2012-04-26 12:50 . 2012-04-26 12:50 64512 c:\windows\system32\Adobe\Shockwave 11\gcapi_dll.dll
+ 2012-04-26 13:06 . 2012-04-26 13:06 12800 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2011-12-26 08:54 . 2011-12-26 08:54 15120 c:\windows\Microsoft.NET\Framework\v4.0.30319\webengine.dll
+ 2011-12-15 17:08 . 2011-12-15 17:08 57616 c:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
+ 2011-12-26 08:54 . 2011-12-26 08:54 33552 c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe
+ 2011-12-25 08:49 . 2011-12-25 08:49 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2012-01-11 08:05 . 2012-01-11 08:05 97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
- 2011-01-10 08:08 . 2011-01-10 08:08 97624 c:\windows\Microsoft.NET\assembly\GAC_MSIL\XamlBuildTask\v4.0_4.0.0.0__31bf3856ad364e35\XamlBuildTask.dll
- 2011-06-18 08:01 . 2011-06-18 08:01 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2011-06-18 08:01 . 2011-06-18 08:01 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2011-06-18 08:01 . 2011-06-18 08:01 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2011-01-10 08:08 . 2011-01-10 08:08 29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
+ 2012-01-11 08:05 . 2012-01-11 08:05 29544 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml.Hosting\v4.0_4.0.0.0__31bf3856ad364e35\System.Xaml.Hosting.dll
- 2011-06-18 08:01 . 2011-06-18 08:01 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2011-06-18 08:01 . 2011-06-18 08:01 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-06-14 07:16 . 2012-06-14 07:16 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04 70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
- 2011-01-10 08:08 . 2011-01-10 08:08 70040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization.Design\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.Design.dll
- 2011-01-10 08:08 . 2011-01-10 08:08 24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04 24928 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Routing.dll
- 2011-01-10 08:08 . 2011-01-10 08:08 81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04 81272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.RegularExpressions\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-01-11 08:04 . 2012-01-11 08:04 33144 c:\windows\
-
Ok. I guess that will have to do. Are you still getting redirected?
SysProt Antirootkit
Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).
http://sites.google.com/site/sysprotantirootkit/ (http://sites.google.com/site/sysprotantirootkit/)
Unzip it into a folder on your desktop.
- Double click Sysprot.exe to start the program.
- Click on the Log tab.
- In the Write to log box select the following items.
- Process << Selected
- Kernel Modules << Selected
- SSDT << Selected
- Kernel Hooks << Selected
- IRP Hooks << NOT Selected
- Ports << NOT Selected
- Hidden Files << Selected
- At the bottom of the page
- Hidden Objects Only << Selected
- Click on the Create Log button on the bottom right.
- After a few seconds a new window should appear.
- Select Scan Root Drive. Click on the Start button.
- When it is complete a new window will appear to indicate that the scan is finished.
- The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.
-
Lol here you go.
ComboFix
http://pastebin.com/UzJptFLa
SysProt
http://pastebin.com/bA9CrPh9
After the combofix, I stopped getting redirected for a few minutes, but now it's still redirecting me.
I think I can now download DDS if you would still like me to run it on my computer.
I've read up on the virus. Apparently the virus is trying to make me visit these pages that have advertisements on them to give the hacker money. There's a chain of websites ranging from ninjaa.info, nohair.info, marcity.info ishaker.info and stuff like that.
Those picture are of messages I get from avast when I'm not even clicking on the googled sites.
-
Re-running ComboFix to remove infections:
- Close any open browsers.
- Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
- Open notepad and copy/paste the text in the quotebox below into it:
KillAll::
Firefox::
2797.Trusted Zone: clonewarsadventures.com
2798.Trusted Zone: freerealms.com
2799.Trusted Zone: soe.com
2800.Trusted Zone: sony.com
DDS::
2797.Trusted Zone: clonewarsadventures.com
2798.Trusted Zone: freerealms.com
2799.Trusted Zone: soe.com
2800.Trusted Zone: sony.com
- Save this as CFScript.txt, in the same location as ComboFix.exe
(http://i424.photobucket.com/albums/pp322/digistar/cfscriptb4.gif)
- Referring to the picture above, drag CFScript into ComboFix.exe
- When finished, it shall produce a log for you at C:\ComboFix.txt
- I don't need to see the log from this action.
*************************************************************
Please download aswMBR.exe (http://public.avast.com/%7Egmerek/aswMBR.exe) ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
(http://i424.photobucket.com/albums/pp322/digistar/aswMBR_Scan.jpg)
Click the "Scan" button to start scan
Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives
(http://i424.photobucket.com/albums/pp322/digistar/aswMBR_SaveLog.png)
On completion of the scan click save log, save it to your desktop and post in your next reply
-
I re-ran combofix with the text file.
Heres the aswMBR log.
http://pastebin.com/N41RrYk8
Just some additional information, it may or may not help you, but the virus seems to be trying to redirect me to more different sites randomly. Seems like it's getting more aggressive, but idk.
-
Please don't upload the logs to another site unless the log is too large. It takes time to go search for the log. Just copy and paste in your reply.
Save these instructions so you can have access to them while in Safe Mode.
Please click here (http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/) to download AVP Tool by Kaspersky.
- Save it to your desktop.
- Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
- Double click the setup file to run it.
- Click Next to continue.
- Accept the License agreement and click on next.
- It will, by default, install it to your desktop folder. Click Next.
- It will then open a box There will be a tab that says Automatic scan.
- Under Automatic scan make sure these are checked.
- Hidden Startup Objects
- System Memory
- Disk Boot Sectors.
- My Computer.
- Also any other drives (Removable that you may have)
Leave the rest of the settings as they appear as default.
•Then click on Scan at the to right hand Corner.
•It will automatically Neutralize any objects found.
•If some objects are left un-neutralized then click the button that says Neutralize all
•If it says it cannot be neutralized then choose the delete option when prompted.
•After that is done click on the reports button at the bottom and save it to file name it Kas.
•Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.
Note: This tool will self uninstall when you close it so please save the log before closing it.
***********************************************************
- Download TDSSKiller (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) and save it to your Desktop.
- Extract its contents to your desktop.
- Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
- If an infected file is detected, the default action will be Cure, click on Continue.
- If a suspicious file is detected, the default action will be Skip, click on Continue.
- It may ask you to reboot the computer to complete the process. Click on Reboot Now.
- Click the Report button and copy/paste the contents of it into your next reply
Note:It will also create a log in the C:\ directory..
-
Ran the first file in safe mode, found nothing.
Ran the second file in normal mode, and found one thing, but I'm not sure if avast interfered with the "curing" process. I've attached a picture that may give you information on why avast may have interfered, but I'm not sure.
Here's the log.
00:31:49.0470 1616 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
00:31:49.0798 1616 ============================================================
00:31:49.0798 1616 Current date / time: 2012/08/01 00:31:49.0798
00:31:49.0798 1616 SystemInfo:
00:31:49.0798 1616
00:31:49.0798 1616 OS Version: 5.1.2600 ServicePack: 3.0
00:31:49.0798 1616 Product type: Workstation
00:31:49.0798 1616 ComputerName: HARRIS-CB400F59
00:31:49.0798 1616 UserName: Harris Family
00:31:49.0798 1616 Windows directory: C:\WINDOWS
00:31:49.0798 1616 System windows directory: C:\WINDOWS
00:31:49.0798 1616 Processor architecture: Intel x86
00:31:49.0798 1616 Number of processors: 2
00:31:49.0798 1616 Page size: 0x1000
00:31:49.0798 1616 Boot type: Normal boot
00:31:49.0798 1616 ============================================================
00:31:52.0220 1616 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
00:31:52.0220 1616 ============================================================
00:31:52.0220 1616 \Device\Harddisk0\DR0:
00:31:52.0220 1616 MBR partitions:
00:31:52.0220 1616 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x8D41F04
00:31:52.0220 1616 ============================================================
00:31:53.0016 1616 C: <-> \Device\Harddisk0\DR0\Partition0
00:31:53.0016 1616 ============================================================
00:31:53.0016 1616 Initialize success
00:31:53.0016 1616 ============================================================
00:32:00.0923 5072 ============================================================
00:32:00.0923 5072 Scan started
00:32:00.0923 5072 Mode: Manual;
00:32:00.0923 5072 ============================================================
00:32:01.0251 5072 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
00:32:01.0251 5072 !SASCORE - ok
00:32:01.0360 5072 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
00:32:01.0376 5072 Aavmker4 - ok
00:32:01.0376 5072 Abiosdsk - ok
00:32:01.0376 5072 abp480n5 - ok
00:32:01.0438 5072 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:32:01.0438 5072 ACPI - ok
00:32:01.0470 5072 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
00:32:01.0470 5072 ACPIEC - ok
00:32:01.0532 5072 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:32:01.0532 5072 AdobeFlashPlayerUpdateSvc - ok
00:32:01.0532 5072 adpu160m - ok
00:32:01.0657 5072 AdvancedSystemCareService5 (e410da575ff48d976b41670c6d262a82) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
00:32:01.0673 5072 AdvancedSystemCareService5 - ok
00:32:01.0720 5072 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
00:32:01.0720 5072 aec - ok
00:32:01.0751 5072 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
00:32:01.0751 5072 AFD - ok
00:32:01.0766 5072 Aha154x - ok
00:32:01.0766 5072 aic78u2 - ok
00:32:01.0782 5072 aic78xx - ok
00:32:02.0032 5072 Akamai (29584f02a43e427c4227e3b1d9ff1b22) c:\program files\common files\akamai/netsession_win_4f7fccd.dll
00:32:02.0032 5072 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22
00:32:02.0048 5072 Akamai ( HiddenFile.Multi.Generic ) - warning
00:32:02.0048 5072 Akamai - detected HiddenFile.Multi.Generic (1)
00:32:02.0126 5072 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
00:32:02.0126 5072 Alerter - ok
00:32:02.0157 5072 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
00:32:02.0157 5072 ALG - ok
00:32:02.0173 5072 AliIde - ok
00:32:02.0173 5072 amsint - ok
00:32:02.0188 5072 apf001 - ok
00:32:02.0282 5072 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:32:02.0282 5072 Apple Mobile Device - ok
00:32:02.0313 5072 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
00:32:02.0313 5072 AppMgmt - ok
00:32:02.0313 5072 asc - ok
00:32:02.0329 5072 asc3350p - ok
00:32:02.0329 5072 asc3550 - ok
00:32:02.0438 5072 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:32:02.0454 5072 aspnet_state - ok
00:32:02.0501 5072 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
00:32:02.0501 5072 aswFsBlk - ok
00:32:02.0501 5072 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
00:32:02.0501 5072 aswMon2 - ok
00:32:02.0532 5072 AswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\AswRdr.sys
00:32:02.0548 5072 AswRdr - ok
00:32:02.0595 5072 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
00:32:02.0595 5072 aswSnx - ok
00:32:02.0626 5072 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
00:32:02.0626 5072 aswSP - ok
00:32:02.0641 5072 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
00:32:02.0641 5072 aswTdi - ok
00:32:02.0688 5072 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:32:02.0688 5072 AsyncMac - ok
00:32:02.0688 5072 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
00:32:02.0704 5072 atapi - ok
00:32:02.0704 5072 Atdisk - ok
00:32:02.0766 5072 Ati HotKey Poller (471087b5e1e01cc82604e81ea14781d8) C:\WINDOWS\system32\Ati2evxx.exe
00:32:02.0782 5072 Ati HotKey Poller - ok
00:32:02.0829 5072 ATI Smart (b979ba0120b6db757196a8e2e873fe3c) C:\WINDOWS\system32\ati2sgag.exe
00:32:02.0845 5072 ATI Smart - ok
00:32:03.0032 5072 ati2mtag (c0b86ecb324e50f6bbd529f9d5c6b24b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
00:32:03.0079 5072 ati2mtag - ok
00:32:03.0188 5072 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:32:03.0188 5072 Atmarpc - ok
00:32:03.0235 5072 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
00:32:03.0251 5072 AudioSrv - ok
00:32:03.0266 5072 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
00:32:03.0266 5072 audstub - ok
00:32:03.0345 5072 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:32:03.0345 5072 avast! Antivirus - ok
00:32:03.0391 5072 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
00:32:03.0391 5072 Beep - ok
00:32:03.0438 5072 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
00:32:03.0548 5072 BITS - ok
00:32:03.0626 5072 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
00:32:03.0641 5072 Bonjour Service - ok
00:32:03.0673 5072 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
00:32:03.0688 5072 Browser - ok
00:32:03.0688 5072 catchme - ok
00:32:03.0720 5072 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
00:32:03.0720 5072 cbidf2k - ok
00:32:03.0766 5072 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:32:03.0766 5072 CCDECODE - ok
00:32:03.0766 5072 cd20xrnt - ok
00:32:03.0813 5072 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
00:32:03.0813 5072 Cdaudio - ok
00:32:03.0845 5072 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
00:32:03.0845 5072 Cdfs - ok
00:32:03.0860 5072 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:32:03.0860 5072 Cdrom - ok
00:32:03.0876 5072 cerc6 - ok
00:32:03.0876 5072 Changer - ok
00:32:03.0938 5072 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
00:32:03.0938 5072 CiSvc - ok
00:32:03.0985 5072 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
00:32:04.0001 5072 ClipSrv - ok
00:32:04.0079 5072 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:32:04.0266 5072 clr_optimization_v2.0.50727_32 - ok
00:32:04.0329 5072 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:32:04.0423 5072 clr_optimization_v4.0.30319_32 - ok
00:32:04.0438 5072 CmdIde - ok
00:32:04.0438 5072 COMSysApp - ok
00:32:04.0454 5072 Cpqarray - ok
00:32:04.0501 5072 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
00:32:04.0501 5072 CryptSvc - ok
00:32:04.0501 5072 dac2w2k - ok
00:32:04.0516 5072 dac960nt - ok
00:32:04.0563 5072 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
00:32:04.0579 5072 DcomLaunch - ok
00:32:04.0610 5072 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
00:32:04.0610 5072 Dhcp - ok
00:32:04.0641 5072 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
00:32:04.0657 5072 Disk - ok
00:32:04.0657 5072 dmadmin - ok
00:32:04.0704 5072 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
00:32:04.0720 5072 dmboot - ok
00:32:04.0735 5072 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
00:32:04.0735 5072 dmio - ok
00:32:04.0751 5072 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
00:32:04.0751 5072 dmload - ok
00:32:04.0782 5072 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
00:32:04.0782 5072 dmserver - ok
00:32:04.0813 5072 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
00:32:04.0813 5072 DMusic - ok
00:32:04.0845 5072 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
00:32:04.0860 5072 Dnscache - ok
00:32:04.0876 5072 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
00:32:04.0891 5072 Dot3svc - ok
00:32:04.0891 5072 dpti2o - ok
00:32:04.0907 5072 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
00:32:04.0923 5072 drmkaud - ok
00:32:04.0970 5072 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys
00:32:04.0970 5072 E100B - ok
00:32:04.0970 5072 EagleNT - ok
00:32:04.0985 5072 EagleXNt - ok
00:32:05.0016 5072 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
00:32:05.0016 5072 EapHost - ok
00:32:05.0032 5072 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
00:32:05.0048 5072 ERSvc - ok
00:32:05.0079 5072 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
00:32:05.0095 5072 Eventlog - ok
00:32:05.0141 5072 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
00:32:05.0157 5072 EventSystem - ok
00:32:05.0188 5072 FANTOM (e3b0cd18146f9d51a34969e9bc2458d2) C:\WINDOWS\system32\DRIVERS\fantom.sys
00:32:05.0188 5072 FANTOM - ok
00:32:05.0220 5072 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
00:32:05.0220 5072 Fastfat - ok
00:32:05.0251 5072 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
00:32:05.0282 5072 FastUserSwitchingCompatibility - ok
00:32:05.0298 5072 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
00:32:05.0298 5072 Fdc - ok
00:32:05.0345 5072 FilterService (b73ec688c29f81f9da0fcf63682b3ecb) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
00:32:05.0345 5072 FilterService - ok
00:32:05.0345 5072 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
00:32:05.0345 5072 Fips - ok
00:32:05.0360 5072 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
00:32:05.0360 5072 Flpydisk - ok
00:32:05.0391 5072 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
00:32:05.0407 5072 FltMgr - ok
00:32:05.0516 5072 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:32:05.0516 5072 FontCache3.0.0.0 - ok
00:32:05.0548 5072 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:32:05.0563 5072 Fs_Rec - ok
00:32:05.0563 5072 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:32:05.0579 5072 Ftdisk - ok
00:32:05.0626 5072 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:32:05.0626 5072 Gpc - ok
00:32:05.0766 5072 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
00:32:05.0766 5072 gupdate - ok
00:32:05.0782 5072 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
00:32:05.0782 5072 gupdatem - ok
00:32:05.0860 5072 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
00:32:05.0860 5072 gusvc - ok
00:32:05.0907 5072 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
00:32:05.0907 5072 hamachi - ok
00:32:06.0032 5072 Hamachi2Svc (f31d7f8a7699575dbb3b3a3ab4aa6216) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
00:32:06.0048 5072 Hamachi2Svc - ok
00:32:06.0141 5072 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:32:06.0141 5072 HDAudBus - ok
00:32:06.0220 5072 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:32:06.0220 5072 helpsvc - ok
00:32:06.0251 5072 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
00:32:06.0251 5072 HidServ - ok
00:32:06.0282 5072 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:32:06.0282 5072 hidusb - ok
00:32:06.0313 5072 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
00:32:06.0313 5072 hkmsvc - ok
00:32:06.0313 5072 hpn - ok
00:32:06.0360 5072 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
00:32:06.0360 5072 HSFHWBS2 - ok
00:32:06.0407 5072 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
00:32:06.0423 5072 HSF_DP - ok
00:32:06.0470 5072 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
00:32:06.0470 5072 HTTP - ok
00:32:06.0516 5072 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
00:32:06.0532 5072 HTTPFilter - ok
00:32:06.0532 5072 i2omgmt - ok
00:32:06.0548 5072 i2omp - ok
00:32:06.0563 5072 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
00:32:06.0579 5072 i8042prt - ok
00:32:06.0766 5072 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
00:32:06.0766 5072 IDriverT - ok
00:32:06.0923 5072 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:32:06.0923 5072 idsvc - ok
00:32:06.0985 5072 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
00:32:06.0985 5072 Imapi - ok
00:32:07.0032 5072 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
00:32:07.0048 5072 ImapiService - ok
00:32:07.0048 5072 ini910u - ok
00:32:07.0063 5072 IntelIde - ok
00:32:07.0095 5072 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:32:07.0095 5072 intelppm - ok
00:32:07.0126 5072 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
00:32:07.0126 5072 Ip6Fw - ok
00:32:07.0157 5072 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:32:07.0157 5072 IpFilterDriver - ok
00:32:07.0157 5072 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:32:07.0157 5072 IpInIp - ok
00:32:07.0188 5072 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:32:07.0188 5072 IpNat - ok
00:32:07.0282 5072 iPod Service (6e27978a4755f4789f912f5f49392f7c) C:\Program Files\iPod\bin\iPodService.exe
00:32:07.0282 5072 iPod Service - ok
00:32:07.0329 5072 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:32:07.0329 5072 IPSec - ok
00:32:07.0360 5072 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
00:32:07.0360 5072 IRENUM - ok
00:32:07.0391 5072 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:32:07.0407 5072 isapnp - ok
00:32:07.0516 5072 JavaQuickStarterService (4f2143570d2250ca4c4a4c98553c82cd) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
00:32:07.0532 5072 JavaQuickStarterService - ok
00:32:07.0579 5072 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:32:07.0579 5072 Kbdclass - ok
00:32:07.0595 5072 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:32:07.0595 5072 kbdhid - ok
00:32:07.0626 5072 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
00:32:07.0626 5072 kmixer - ok
00:32:07.0688 5072 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
00:32:07.0688 5072 KSecDD - ok
00:32:07.0735 5072 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
00:32:07.0751 5072 LanmanServer - ok
00:32:07.0782 5072 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
00:32:07.0798 5072 lanmanworkstation - ok
00:32:07.0813 5072 lbrtfdc - ok
00:32:07.0845 5072 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
00:32:07.0860 5072 LmHosts - ok
00:32:07.0954 5072 LVcKap (9a3d4fc6b86e7e36473079ab76ac703d) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
00:32:07.0985 5072 LVcKap - ok
00:32:08.0110 5072 LVMVDrv (0acbc11f19320af6c19f2e20013d9095) C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
00:32:08.0126 5072 LVMVDrv - ok
00:32:08.0173 5072 lvpopflt (9fb982de1c8dd769f8ed681dd878b12f) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
00:32:08.0188 5072 lvpopflt - ok
00:32:08.0220 5072 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
00:32:08.0220 5072 LVPr2Mon - ok
00:32:08.0329 5072 LVPrcSrv (0ddfdcaa92c7f553328db06ba599bea9) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
00:32:08.0329 5072 LVPrcSrv - ok
00:32:08.0345 5072 LVRS (37072ec9299e825f4335cc554b6fac6a) C:\WINDOWS\system32\DRIVERS\lvrs.sys
00:32:08.0345 5072 LVRS - ok
00:32:08.0391 5072 LVSrvLauncher (a005cee9be199c5e375faa559ca9a7a9) C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
00:32:08.0391 5072 LVSrvLauncher - ok
00:32:08.0735 5072 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
00:32:08.0907 5072 LVUVC - ok
00:32:09.0048 5072 ManyCam (c6d085c7045200143528136a43a65fde) C:\WINDOWS\system32\DRIVERS\ManyCam.sys
00:32:09.0048 5072 ManyCam - ok
00:32:09.0079 5072 McComponentHostService - ok
00:32:09.0126 5072 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
00:32:09.0126 5072 mdmxsdk - ok
00:32:09.0157 5072 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
00:32:09.0173 5072 Messenger - ok
00:32:09.0188 5072 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
00:32:09.0188 5072 mnmdd - ok
00:32:09.0235 5072 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
00:32:09.0235 5072 mnmsrvc - ok
00:32:09.0266 5072 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
00:32:09.0266 5072 Modem - ok
00:32:09.0298 5072 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
00:32:09.0298 5072 MODEMCSA - ok
00:32:09.0313 5072 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:32:09.0313 5072 Mouclass - ok
00:32:09.0313 5072 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:32:09.0329 5072 mouhid - ok
00:32:09.0329 5072 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
00:32:09.0329 5072 MountMgr - ok
00:32:09.0376 5072 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:32:09.0391 5072 MozillaMaintenance - ok
00:32:09.0391 5072 mraid35x - ok
00:32:09.0407 5072 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:32:09.0407 5072 MRxDAV - ok
00:32:09.0470 5072 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:32:09.0485 5072 MRxSmb - ok
00:32:09.0516 5072 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
00:32:09.0532 5072 MSDTC - ok
00:32:09.0548 5072 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
00:32:09.0548 5072 Msfs - ok
00:32:09.0563 5072 MSIServer - ok
00:32:09.0595 5072 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:32:09.0595 5072 MSKSSRV - ok
00:32:09.0641 5072 msloop (64e8b7c65eb4796939c0f64f8170821b) C:\WINDOWS\system32\DRIVERS\loop.sys
00:32:09.0641 5072 msloop - ok
00:32:09.0657 5072 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:32:09.0657 5072 MSPCLOCK - ok
00:32:09.0673 5072 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
00:32:09.0673 5072 MSPQM - ok
00:32:09.0720 5072 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:32:09.0720 5072 mssmbios - ok
00:32:09.0782 5072 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
00:32:09.0782 5072 MSTEE - ok
00:32:09.0829 5072 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
00:32:09.0829 5072 Mup - ok
00:32:09.0876 5072 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:32:09.0876 5072 NABTSFEC - ok
00:32:09.0938 5072 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
00:32:09.0954 5072 napagent - ok
00:32:09.0970 5072 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
00:32:09.0970 5072 NDIS - ok
00:32:10.0032 5072 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:32:10.0032 5072 NdisIP - ok
00:32:10.0063 5072 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:32:10.0079 5072 NdisTapi - ok
00:32:10.0095 5072 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:32:10.0095 5072 Ndisuio - ok
00:32:10.0141 5072 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:32:10.0141 5072 NdisWan - ok
00:32:10.0157 5072 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
00:32:10.0157 5072 NDProxy - ok
00:32:10.0173 5072 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
00:32:10.0173 5072 NetBIOS - ok
00:32:10.0188 5072 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
00:32:10.0188 5072 NetBT - ok
00:32:10.0220 5072 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
00:32:10.0235 5072 NetDDE - ok
00:32:10.0235 5072 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
00:32:10.0251 5072 NetDDEdsdm - ok
00:32:10.0266 5072 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:32:10.0266 5072 Netlogon - ok
00:32:10.0298 5072 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
00:32:10.0313 5072 Netman - ok
00:32:10.0423 5072 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:32:10.0423 5072 NetTcpPortSharing - ok
00:32:10.0470 5072 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
00:32:10.0485 5072 Nla - ok
00:32:10.0501 5072 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
00:32:10.0516 5072 Npfs - ok
00:32:10.0516 5072 npggsvc - ok
00:32:10.0516 5072 npkcrypt - ok
00:32:10.0532 5072 npkcusb - ok
00:32:10.0579 5072 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
00:32:10.0595 5072 Ntfs - ok
00:32:10.0595 5072 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:32:10.0595 5072 NtLmSsp - ok
00:32:10.0641 5072 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
00:32:10.0657 5072 NtmsSvc - ok
00:32:10.0688 5072 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
00:32:10.0688 5072 NuidFltr - ok
00:32:10.0735 5072 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
00:32:10.0735 5072 Null - ok
00:32:10.0782 5072 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:32:10.0782 5072 NwlnkFlt - ok
00:32:10.0798 5072 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:32:10.0798 5072 NwlnkFwd - ok
00:32:10.0829 5072 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
00:32:10.0845 5072 Parport - ok
00:32:10.0845 5072 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
00:32:10.0845 5072 PartMgr - ok
00:32:10.0876 5072 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
00:32:10.0891 5072 ParVdm - ok
00:32:10.0923 5072 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\WINDOWS\system32\drivers\pavboot.sys
00:32:10.0923 5072 pavboot - ok
00:32:10.0938 5072 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
00:32:10.0954 5072 PCI - ok
00:32:10.0954 5072 PCIDump - ok
00:32:10.0954 5072 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
00:32:10.0954 5072 PCIIde - ok
00:32:10.0985 5072 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
00:32:10.0985 5072 Pcmcia - ok
00:32:11.0001 5072 PDCOMP - ok
00:32:11.0001 5072 PDFRAME - ok
00:32:11.0001 5072 PDRELI - ok
00:32:11.0016 5072 PDRFRAME - ok
00:32:11.0016 5072 perc2 - ok
00:32:11.0032 5072 perc2hib - ok
00:32:11.0063 5072 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
00:32:11.0079 5072 PlugPlay - ok
00:32:11.0126 5072 PnkBstrA (681da309716aeb98bc901d7a0458d931) C:\WINDOWS\system32\PnkBstrA.exe
00:32:11.0126 5072 PnkBstrA - ok
00:32:11.0141 5072 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:32:11.0141 5072 PolicyAgent - ok
00:32:11.0188 5072 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:32:11.0188 5072 PptpMiniport - ok
00:32:11.0188 5072 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:32:11.0204 5072 ProtectedStorage - ok
00:32:11.0204 5072 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
00:32:11.0204 5072 PSched - ok
00:32:11.0251 5072 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:32:11.0251 5072 Ptilink - ok
00:32:11.0266 5072 ql1080 - ok
00:32:11.0266 5072 Ql10wnt - ok
00:32:11.0266 5072 ql12160 - ok
00:32:11.0282 5072 ql1240 - ok
00:32:11.0282 5072 ql1280 - ok
00:32:11.0298 5072 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:32:11.0298 5072 RasAcd - ok
00:32:11.0345 5072 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
00:32:11.0360 5072 RasAuto - ok
00:32:11.0360 5072 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:32:11.0360 5072 Rasl2tp - ok
00:32:11.0391 5072 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
00:32:11.0407 5072 RasMan - ok
00:32:11.0423 5072 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:32:11.0423 5072 RasPppoe - ok
00:32:11.0438 5072 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
00:32:11.0438 5072 Raspti - ok
00:32:11.0470 5072 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:32:11.0485 5072 Rdbss - ok
00:32:11.0516 5072 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:32:11.0516 5072 RDPCDD - ok
00:32:11.0579 5072 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:32:11.0579 5072 rdpdr - ok
00:32:11.0641 5072 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
00:32:11.0641 5072 RDPWD - ok
00:32:11.0688 5072 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
00:32:11.0704 5072 RDSessMgr - ok
00:32:11.0735 5072 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
00:32:11.0751 5072 redbook - ok
00:32:11.0782 5072 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
00:32:11.0798 5072 RemoteAccess - ok
00:32:11.0845 5072 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
00:32:11.0860 5072 RemoteRegistry - ok
00:32:11.0891 5072 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
00:32:11.0907 5072 RpcLocator - ok
00:32:11.0954 5072 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
00:32:11.0970 5072 RpcSs - ok
00:32:12.0079 5072 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
00:32:12.0095 5072 RSVP - ok
00:32:12.0126 5072 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
00:32:12.0126 5072 SamSs - ok
00:32:12.0220 5072 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
00:32:12.0220 5072 SASDIFSV - ok
00:32:12.0235 5072 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
00:32:12.0235 5072 SASKUTIL - ok
00:32:12.0298 5072 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
00:32:12.0298 5072 SCardSvr - ok
00:32:12.0360 5072 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
00:32:12.0376 5072 Schedule - ok
00:32:12.0391 5072 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:32:12.0391 5072 Secdrv - ok
00:32:12.0438 5072 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
00:32:12.0454 5072 seclogon - ok
00:32:12.0454 5072 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
00:32:12.0470 5072 SENS - ok
00:32:12.0516 5072 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
00:32:12.0516 5072 Serial - ok
00:32:12.0548 5072 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
00:32:12.0548 5072 Sfloppy - ok
00:32:12.0610 5072 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
00:32:12.0610 5072 SharedAccess - ok
00:32:12.0657 5072 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
00:32:12.0673 5072 ShellHWDetection - ok
00:32:12.0673 5072 Simbad - ok
00:32:12.0923 5072 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
00:32:12.0954 5072 Skype C2C Service - ok
00:32:13.0095 5072 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
00:32:13.0095 5072 SkypeUpdate - ok
00:32:13.0188 5072 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:32:13.0188 5072 SLIP - ok
00:32:13.0204 5072 Sparrow - ok
00:32:13.0220 5072 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
00:32:13.0220 5072 splitter - ok
00:32:13.0251 5072 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
00:32:13.0266 5072 Spooler - ok
00:32:13.0313 5072 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
00:32:13.0313 5072 sr - ok
00:32:13.0329 5072 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
00:32:13.0345 5072 srservice - ok
00:32:13.0391 5072 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
00:32:13.0407 5072 Srv - ok
00:32:13.0438 5072 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
00:32:13.0454 5072 SSDPSRV - ok
00:32:13.0470 5072 StarOpen - ok
00:32:13.0516 5072 Steam Client Service - ok
00:32:13.0563 5072 STHDA (352b663a81402be7cd7bd4ea27c9998c) C:\WINDOWS\system32\drivers\sthda.sys
00:32:13.0563 5072 STHDA - ok
00:32:13.0610 5072 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
00:32:13.0641 5072 stisvc - ok
00:32:13.0657 5072 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:32:13.0673 5072 streamip - ok
00:32:13.0720 5072 SUSTUCAM (5807c125aaea590a464c7c4aa96a1ba0) C:\WINDOWS\system32\DRIVERS\sustucam.sys
00:32:13.0720 5072 SUSTUCAM - ok
00:32:13.0751 5072 SUSTUCAP (54bf7b09a79f8cccfd0c897e382337db) C:\WINDOWS\system32\DRIVERS\sustucap.sys
00:32:13.0751 5072 SUSTUCAP - ok
00:32:13.0798 5072 SUSTUCAU (cc99a2b9065f6c9dfbd3f57f52238d5c) C:\WINDOWS\system32\DRIVERS\sustucau.sys
00:32:13.0798 5072 SUSTUCAU - ok
00:32:13.0860 5072 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
00:32:13.0860 5072 swenum - ok
00:32:13.0907 5072 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
00:32:13.0907 5072 swmidi - ok
00:32:13.0907 5072 SwPrv - ok
00:32:13.0923 5072 symc810 - ok
00:32:13.0923 5072 symc8xx - ok
00:32:13.0923 5072 sym_hi - ok
00:32:13.0938 5072 sym_u3 - ok
00:32:13.0954 5072 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
00:32:13.0970 5072 sysaudio - ok
00:32:14.0001 5072 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
00:32:14.0016 5072 SysmonLog - ok
00:32:14.0095 5072 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
00:32:14.0110 5072 TapiSrv - ok
00:32:14.0173 5072 Tcpip (d9f19e78f98834cb411d6ad3c68d181a) C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:32:14.0173 5072 Tcpip - ok
00:32:14.0204 5072 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
00:32:14.0220 5072 TDPIPE - ok
00:32:14.0235 5072 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
00:32:14.0235 5072 TDTCP - ok
00:32:14.0251 5072 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
00:32:14.0266 5072 TermDD - ok
00:32:14.0282 5072 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
00:32:14.0298 5072 TermService - ok
00:32:14.0485 5072 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
00:32:14.0501 5072 Themes - ok
00:32:14.0532 5072 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
00:32:14.0548 5072 TlntSvr - ok
00:32:14.0563 5072 TosIde - ok
00:32:14.0595 5072 TPkd (409a577fd5781c717e55a28717514c58) C:\WINDOWS\system32\drivers\TPkd.sys
00:32:14.0610 5072 TPkd - ok
00:32:14.0657 5072 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
00:32:14.0673 5072 TrkWks - ok
00:32:14.0720 5072 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
00:32:14.0720 5072 Udfs - ok
00:32:14.0720 5072 ultra - ok
00:32:14.0782 5072 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
00:32:14.0782 5072 Update - ok
00:32:14.0829 5072 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
00:32:14.0845 5072 upnphost - ok
00:32:14.0876 5072 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
00:32:14.0876 5072 UPS - ok
00:32:14.0907 5072 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
00:32:14.0907 5072 usbaudio - ok
00:32:14.0954 5072 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:32:14.0954 5072 usbccgp - ok
00:32:14.0985 5072 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:32:14.0985 5072 usbehci - ok
00:32:15.0001 5072 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:32:15.0001 5072 usbhub - ok
00:32:15.0048 5072 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
00:32:15.0048 5072 usbprint - ok
00:32:15.0095 5072 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:32:15.0095 5072 usbscan - ok
00:32:15.0126 5072 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:32:15.0126 5072 USBSTOR - ok
00:32:15.0141 5072 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:32:15.0141 5072 usbuhci - ok
00:32:15.0157 5072 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
00:32:15.0173 5072 usbvideo - ok
00:32:15.0204 5072 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
00:32:15.0204 5072 VgaSave - ok
00:32:15.0220 5072 ViaIde - ok
00:32:15.0235 5072 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
00:32:15.0235 5072 VolSnap - ok
00:32:15.0282 5072 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
00:32:15.0298 5072 VSS - ok
00:32:15.0345 5072 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
00:32:15.0360 5072 W32Time - ok
00:32:15.0360 5072 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:32:15.0360 5072 Wanarp - ok
00:32:15.0423 5072 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
00:32:15.0438 5072 Wdf01000 - ok
00:32:15.0438 5072 WDICA - ok
00:32:15.0501 5072 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
00:32:15.0516 5072 wdmaud - ok
00:32:15.0548 5072 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
00:32:15.0563 5072 WebClient - ok
00:32:15.0626 5072 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
00:32:15.0641 5072 winachsf - ok
00:32:15.0720 5072 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
00:32:15.0720 5072 winmgmt - ok
00:32:15.0798 5072 WinRM (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll
00:32:15.0829 5072 WinRM - ok
00:32:16.0001 5072 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:32:16.0016 5072 wlidsvc - ok
00:32:16.0141 5072 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
00:32:16.0157 5072 WmdmPmSN - ok
00:32:16.0204 5072 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
00:32:16.0204 5072 Wmi - ok
00:32:16.0298 5072 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:32:16.0298 5072 WmiApSrv - ok
00:32:16.0438 5072 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
00:32:16.0454 5072 WMPNetworkSvc - ok
00:32:16.0485 5072 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
00:32:16.0501 5072 WpdUsb - ok
00:32:16.0657 5072 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:32:16.0657 5072 WPFFontCache_v0400 - ok
00:32:16.0704 5072 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:32:16.0720 5072 WS2IFSL - ok
00:32:16.0766 5072 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
00:32:16.0782 5072 wscsvc - ok
00:32:16.0829 5072 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:32:16.0829 5072 WSTCODEC - ok
00:32:16.0891 5072 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
00:32:16.0923 5072 wuauserv - ok
00:32:16.0985 5072 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:32:17.0001 5072 WudfPf - ok
00:32:17.0016 5072 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:32:17.0032 5072 WudfRd - ok
00:32:17.0063 5072 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
00:32:17.0079 5072 WudfSvc - ok
00:32:17.0141 5072 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
00:32:17.0157 5072 WZCSVC - ok
00:32:17.0157 5072 XDva391 - ok
00:32:17.0173 5072 XDva393 - ok
00:32:17.0204 5072 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
00:32:17.0313 5072 xmlprov - ok
00:32:17.0345 5072 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
00:32:17.0376 5072 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
00:32:17.0376 5072 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
00:32:17.0407 5072 Boot (0x1200) (437e236a56b6d0a482e3536f962ff9e6) \Device\Harddisk0\DR0\Partition0
00:32:17.0407 5072 \Device\Harddisk0\DR0\Partition0 - ok
00:32:17.0407 5072 ============================================================
00:32:17.0407 5072 Scan finished
00:32:17.0407 5072 ============================================================
00:32:17.0423 4308 Detected object count: 2
00:32:17.0423 4308 Actual detected object count: 2
00:32:35.0282 4308 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
00:32:35.0282 4308 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
00:32:36.0126 4308 \Device\Harddisk0\DR0\# - copied to quarantine
00:32:36.0126 4308 \Device\Harddisk0\DR0 - copied to quarantine
00:32:36.0141 4308 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
00:32:36.0157 4308 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
00:32:43.0688 4308 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
00:32:43.0766 4308 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
00:32:44.0001 4308 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
00:32:44.0126 4308 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
00:32:44.0266 4308 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
00:32:44.0407 4308 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
00:32:44.0407 4308 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
00:32:44.0407 4308 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
00:32:44.0423 4308 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
00:32:44.0548 4308 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
00:32:44.0704 4308 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
00:32:44.0720 4308 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
00:32:44.0720 4308 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
00:32:44.0845 4308 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
00:32:44.0876 4308 \Device\Harddisk0\DR0 - ok
00:32:44.0876 4308 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
00:34:40.0438 4480 Deinitialize success
[year+ old attachment deleted by admin]
-
It appears your system is infected with a rootkit. A rootkit is a powerful piece of malware, that allows hackers full control over your computer for means of sending attacks over the Internet, or using your computer to generate revenue.
Malware experts have recommended that we make it clear that with the system under control of a hacker, your computer might become impossible to clean 100%.
Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. They can disable your antivirus and security tools to prevent detection and removal. This type of exploit allows them to steal sensitive information like passwords, personal and financial data which is sent back to the hacker. To learn more about these types of infections, you can refer to:
What danger is presented by rootkits? (http://www.pandasecurity.com/homeusers/security-info/types-malware/rootkit/#e2)
Rootkits and how to combat them (http://www.viruslist.com/en/analysis?pubid=168740859)
r00tkit Analysis: What Is A Rootkit (http://www.omninerd.com/articles/r00tkit_Analysis_What_Is_A_Rootkit)
If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable. Do NOT change passwords or do any transactions while using the infected computer because the attacker may get the new passwords and transaction information. (If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connecting again.) Banking and credit card institutions should be notified to apprise them of your situation (possible security breach). To protect your information that may have been compromised, I recommend reading these references:
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud? (http://www.dslreports.com/faq/10451)
What Should I Do If I've Become A Victim Of Identity Theft? (http://www.usdoj.gov/criminal/fraud/websites/idtheft.html#whatifvictim)
Identity Theft Victims Guide - What to do (http://www.privacyrights.org/fs/fs17a.htm)
It is dangerous and incorrect to assume the computer is secure even if the malware appears to have been removed. In some instances an infection may have caused so much damage to your system that it cannot
be completely cleaned or repaired so you can never be sure that you have completely removed a rootkit. The malware may leave so many remnants behind that security tools cannot find them. Tools that claim to be able to remove rootkits cannot guarantee that all traces of it will be removed. Many experts in the security community believe that once infected with such a piece of malware, the best course of action would be a reformat and clean reinstall of the OS. This is something I don't like to recommend normally, but in most cases it is the best solution for your safety. Making this decision is based on what the computer is used for, and what information can be accessed from it. For more information, please read these references very carefully:
When should I re-format? How should I reinstall? (http://www.dslreports.com/faq/10063)
Help: I Got Hacked. Now What Do I Do? (http://technet.microsoft.com/en-us/library/cc512587.aspx)
Help: I Got Hacked. Now What Do I Do? Part II (http://technet.microsoft.com/en-us/library/cc512595.aspx)
Where to draw the line? When to recommend a format and reinstall? (http://miekiemoes.blogspot.com/2008/06/malware-removal-where-to-draw-line.html)
Guides for format and reinstall: (http://www.GeekPolice.net/tutorials-guides-f13/how-to-reformat-and-reinstall-your-operating-system-t15119.htm#95115)
how-to-reformat-and-reinstall-your-operating-system-the-easy-way (http://www.helpmyos.com/tutorials-software-alternatives-to-proprietary-f19/how-to-reformat-and-reinstall-your-operating-system-the-easy-way-t1307.htm#3143)
However, if you do not have the resources to reinstall your computer's OS and would like me to attempt to clean it, I will be happy to do so. But please consider carefully before deciding against a reformat.
If you do make that decision, I will do my best to help you clean the computer of any infections, but you must understand that once a machine has been taken over by this type of malware, I cannot guarantee that it will be 100% secure even after disinfection or that the removal will be successful.
Please let me know what you have decided to do in your next post. Should you have any questions, please feel free to ask.