Page 1 of 2 12 LastLast
Results 1 to 10 of 17
  1. #1
    Member
    Join Date
    Apr 2009
    Posts
    29
    Points
    0

    Default Running Slow w/weird popups

    All of a sudden my machine started running really slowly. My antivirus caught a trojan so I eliminated it. However, the computer was still running slowly and I would get some popups randomly while on the internet.
    I deleted all of the questionable files and the Help2Go Detective told me there were some suspicious entries that it could not fix. Logs below.

    Thanks!

    TS

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 06/20/2012 at 03:07 PM

    Application Version : 5.1.1002

    Core Rules Database Version : 8767
    Trace Rules Database Version: 6579

    Scan type : Quick Scan
    Total Scan Time : 00:16:45

    Operating System Information
    Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
    Administrator

    Memory items scanned : 659
    Memory threats detected : 0
    Registry items scanned : 30228
    Registry threats detected : 1
    File items scanned : 7303
    File threats detected : 489

    Adware.Tracking Cookie
    .atdmt.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .paypal.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .traffichaus.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    C:\Documents and Settings\tshade\Cookies\7TXKRJQL.txt [ /www.windowsmedia.com ]
    .pointroll.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .histats.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .histats.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    C:\Documents and Settings\tshade\Cookies\5N8HA2MQ.txt [ /zgstats.com ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .sportingnews.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .apmebf.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .mediaplex.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .apmebf.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adinterax.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .eyewonder.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .specificclick.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .eyewonder.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .technoratimedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .enoratraffic.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    wstat.wibiya.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .overture.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .dmtracker.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    fls.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .foxinteractivemedia.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adultfriendfinder.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adultfriendfinder.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ads2.zeusclicks.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .apmebf.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .clickbooth.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .superstats.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    Sex And XXX Dating For Adult Singles! Find Your Match For Free Sex Easily And Quickly! - XXXMATCH.COM [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    Sex And XXX Dating For Adult Singles! Find Your Match For Free Sex Easily And Quickly! - XXXMATCH.COM [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    wt.xxxmatch.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .accountonline.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    a.intentmedia.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    a.intentmedia.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    a.intentmedia.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .usatoday1.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .nextag.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .nextag.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .nextag.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .mediaplex.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    tracking.waterfrontmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    pornografish.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .mediaforge.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .carfax.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .technoratimedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .bizrate.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .sonymediasoftware.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .c.gigcount.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    dc.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    stat.ed.cupidplc.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .getclicky.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .static.getclicky.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    in.getclicky.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adviva.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .churchanddwightnew.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .hornymatches.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    a.iad.lpsnmedia.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ads.saymedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .kanoodle.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .linksynergy.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .linksynergy.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .linksynergy.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    OpenX [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .traveladvertising.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .burstnet.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .gsicace.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .gsimedia.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .clickcountr.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    SiteEncore [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    SiteEncore [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adxpose.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .cracked.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .cracked.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .cracked.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .cracked.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .cracked.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .cracked.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .nextag.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .hearstugo.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .bs.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .burstnet.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .game-advertising-online.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .hornymatches.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .hornymatches.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .hornymatches.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .hornymatches.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .hornymatches.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .hornymatches.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .hornymatches.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .media.adfrontiers.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .BurstMedia [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .mediaforge.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .247realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adinterax.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    advertising.rivustv.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .tradedoubler.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .tradedoubler.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    adserv.crossrhythms.co.uk [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .yadro.ru [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .bizrate.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .bizrate.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .bizrate.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    wmedia.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    wmedia.rotator.hadj7.adjuggler.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    adx.kat.ph [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .limaconsulting.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .overture.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    counter.hitslink.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .mm.chitika.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    cn.clickable.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .xiti.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .burstnet.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .steelhousemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .steelhousemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .steelhousemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    pt.trafficjunky.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    pt.trafficjunky.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    sitestats.ets.org [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .statcounter.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ox-d.secure-clicks.org [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .syndication.traffichaus.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .syndication.traffichaus.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ads.crakmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .homestore.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .fim.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    statse.webtrendslive.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .clickfuse.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .accounts.google.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .accounts.google.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    accounts.google.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .edge.jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .edge.jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .traveladvertising.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .247realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .burstnet.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .click360.sitescout.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adlegend.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adlegend.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .t.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .d3.zedo.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .d3.zedo.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .d3.zedo.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .myroitracking.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .clicksor.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .clicksor.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .clicksor.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .c.atdmt.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .c.atdmt.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    edge.jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    edge.jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    edge.jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ad2.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .t.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .media2.legacy.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .burstnet.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .traveladvertising.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .traveladvertising.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .media2.legacy.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    openx.jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    edge.jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .media.adfrontiers.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .technoratimedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .t.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .mediaplex.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .atwola.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    openx.jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    openx.jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    matcher.realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    accounts.google.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    accounts.google.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .accountonline.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    mediaservices-d.openxenterprise.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .t.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .t.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .pointroll.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .intermundomedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .intermundomedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .fastclick.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .finder.cox.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .finder.cox.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .finder.cox.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    edge.jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .dealtime.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .dealtime.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .dealtime.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .dealtime.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .dealtime.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .dealtime.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .dealtime.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    stat.dealtime.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    DealTime: Search, sort and save on great deals! [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    edge.jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    edge.jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    openx.jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    openx.jeetyetmedia.com [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\TSHADE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\W2NQRDDU.DEFAULT\COOKIES.SQLITE ]

    System.BrokenFileAssociation
    HKCR\.exe

    Malwarebytes Anti-Malware 1.61.0.1400
    Malwarebytes : Free anti-malware, anti-virus and spyware removal download

    Database version: v2012.06.20.07

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    tshade :: TIMOTHY-F559E2E [administrator]

    6/20/2012 3:11:28 PM
    mbam-log-2012-06-20 (15-11-28).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 197951
    Time elapsed: 11 minute(s), 31 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\Documents and Settings\tshade\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Quarantined and deleted successfully.

    (end)


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 3:40:00 PM, on 6/20/2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\WINDOWS\system32\WLTRAY.exe
    C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Alwil Software\Avast5\avastUI.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\PROGRA~1\AD-AWA~1\AdAware.exe
    C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Documents and Settings\tshade\Application Data\Dropbox\bin\Dropbox.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Documents and Settings\tshade\My Documents\Downloads\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe" /MINIMIZED
    O4 - HKCU\..\Run: [Bhisodinirey] rundll32.exe "C:\WINDOWS\msre32.dll",Startup
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: Dropbox.lnk = C:\Documents and Settings\tshade\Application Data\Dropbox\bin\Dropbox.exe
    O4 - Global Startup: hp psc 1000 series.lnk = ?
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1287189605449
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

    --
    End of file - 8393 bytes

  2. #2
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello and welcome to Help2Go

    We apologize for the delay in responding to your request for help. Here at Help2Go we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

    Please take note:

    1. If you have since resolved the original problem you were having, we would appreciate you letting us know.
    2. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
      • If you are unsure about any of these characteristics just post what you can and we will guide you.
    3. Please tell us if you have your original Windows CD/DVD available.
    4. If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.
    5. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
    6. Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.
    7. If you have already posted a DDS log, please do so again, as your situation may have changed.
    8. Use the 'Add Reply' and add the new log to this thread.


    We need to see some information about what is happening in your machine. Please perform the following scan again:

    • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
    • Notepad will open with the results.
    • Follow the instructions that pop up for posting the results.
    • Close the program window, and delete the program from your desktop.
    Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

    Information on A/V control HERE


    We also need a new log from the GMER anti-rootkit Scanner.

    Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step. Then proceed to run aswMbr.exe as noted below.

    Please first disable any CD emulation programs using the steps found in this topic:

    Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:


    Note:
    If you are unable to run a Gmer scan due the fact you are running a 64bit machine please run the following tool and post its log.

    Please download aswMBR ( 511KB ) to your desktop.
    • Double click the aswMBR.exe icon to run it
    • Click the Scan button to start the scan
    • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.




    Thanks and again sorry for the delay.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  3. The Following User Says Thank You to fireman4it For This Useful Post:


  4. #3
    Member
    Join Date
    Apr 2009
    Posts
    29
    Points
    0

    Default

    No problem about the delay, thanks for the help!

    I am running Windows XP 32-bit.

    The machine was running fine and then my anti-virus caught a trojan and I deleted it. However, things have not been the same since. Machine as a whole is much slower, including we browsing and I get new window popups for no reason. Logs below. Thanks again!


    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
    Run by tshade at 13:02:16 on 2012-06-24
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.952 [GMT -5:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    AV: Lavasoft Ad-Aware *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
    FW: Lavasoft Ad-Aware *Disabled*
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Alwil Software\Avast5\avastUI.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
    C:\Documents and Settings\tshade\Application Data\Dropbox\bin\Dropbox.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
    C:\PROGRA~1\AD-AWA~1\AdAware.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\WINDOWS\system32\wscntfy.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uInternet Settings,ProxyOverride = *.local
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [BitTorrent] "c:\program files\bittorrent\BitTorrent.exe" /MINIMIZED
    uRun: [Bhisodinirey] rundll32.exe "c:\windows\msre32.dll",Startup
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
    mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
    mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
    mRun: [Ad-Aware Browsing Protection] "c:\documents and settings\all users\application data\ad-aware browsing protection\adawarebp.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    StartupFolder: c:\docume~1\tshade\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\tshade\application data\dropbox\bin\Dropbox.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hppsc1~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpohmr08.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1287189605449
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
    Notify: AtiExtEvent - Ati2evxx.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\tshade\application data\mozilla\firefox\profiles\w2nqrddu.default\
    FF - prefs.js: browser.startup.homepage - AOL.com - News, Sports, Weather, Entertainment, Local & Lifestyle
    FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z206&form=ZGAADF&install_date=20111126&q=
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\nos\bin\np_gp.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_257.dll
    .
    ---- FIREFOX POLICIES ----
    .
    FF - user.js: extensions.autoDisableScopes - 14
    .
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-2-15 435032]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-15 314456]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-15 20568]
    S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
    .
    =============== Created Last 30 ================
    .
    2012-06-23 18:17:33 -------- d-----w- c:\documents and settings\tshade\application data\WildTangent
    2012-06-20 19:55:37 -------- d-----w- c:\documents and settings\tshade\application data\Malwarebytes
    2012-06-20 19:54:58 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
    2012-06-20 19:54:53 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-06-20 19:54:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-06-20 19:49:38 -------- d-----w- c:\documents and settings\tshade\application data\SUPERAntiSpyware.com
    2012-06-20 19:48:51 -------- d-----w- c:\program files\SUPERAntiSpyware
    2012-06-20 19:48:51 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
    2012-06-19 15:48:28 -------- d-----w- c:\documents and settings\tshade\application data\BigFish All My Gods
    2012-06-19 15:10:06 -------- d-----w- c:\documents and settings\tshade\application data\Islands2
    2012-06-18 02:18:59 -------- d-----w- c:\documents and settings\tshade\.config
    2012-06-12 22:42:24 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
    2012-06-08 04:05:16 -------- d-----w- c:\documents and settings\all users\application data\Tarma Installer
    2012-06-08 03:50:51 -------- d-----w- c:\program files\MSXML 4.0
    2012-06-07 14:14:25 -------- d-----w- c:\documents and settings\tshade\local settings\application data\adaware
    2012-06-07 14:14:18 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Browsing Protection
    2012-06-07 14:13:56 77816 ----a-w- c:\windows\system32\drivers\sbapifs.sys
    2012-06-07 14:13:56 21240 ----a-w- c:\windows\system32\drivers\sbaphd.sys
    2012-06-07 14:13:55 93816 ----a-w- c:\windows\system32\drivers\sbhips.sys
    2012-06-07 14:13:53 217976 ----a-w- c:\windows\system32\drivers\sbtis.sys
    2012-06-07 14:13:31 94584 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
    2012-06-07 14:13:26 335224 ----a-w- c:\windows\system32\drivers\SbFw.sys
    2012-06-07 14:13:15 -------- d-----w- c:\windows\system32\drivers\VDD
    2012-06-07 14:13:10 -------- d-----w- c:\program files\Ad-Aware Antivirus
    2012-06-07 14:08:19 -------- d-----w- c:\documents and settings\tshade\application data\Ad-Aware Antivirus
    2012-06-07 14:03:23 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
    2012-06-07 14:03:23 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
    2012-06-04 01:35:06 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-06-01 17:58:18 -------- d-----w- c:\program files\Life Quest 2 - Metropoville
    2012-06-01 17:41:41 -------- d-----w- c:\program files\Island Tribe 2
    2012-05-28 23:15:40 -------- d-----w- c:\program files\Dropbox
    .
    ==================== Find3M ====================
    .
    2012-06-15 21:57:48 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-06-02 20:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
    2012-06-02 20:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
    2012-06-02 20:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
    2012-06-02 20:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
    2012-06-02 20:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
    2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
    2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll
    2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys
    2012-05-11 14:42:33 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec
    2012-05-04 13:12:30 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-05-04 12:32:19 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-04-19 01:56:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2012-04-19 01:56:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
    .
    ============= FINISH: 13:07:27.36 ===============










    GMER 1.0.15.15641 - GMER - Rootkit Detector and Remover
    Rootkit quick scan 2012-06-24 13:43:28
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD3200BEVE-00A0HT0 rev.11.01A11
    Running: mq9f43vn.exe; Driver: C:\DOCUME~1\tshade\LOCALS~1\Temp\pwtdqfoc.sys


    ---- System - GMER 1.0.15 ----

    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xB56B5BDA]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xB56B5A45]

    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xB570A7A2]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

    AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Ip SbFw.sys (GFI Firewall SDK TDI Firewall Driver/GFI Software)
    AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Tcp SbFw.sys (GFI Firewall SDK TDI Firewall Driver/GFI Software)
    AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Udp SbFw.sys (GFI Firewall SDK TDI Firewall Driver/GFI Software)
    AttachedDevice \Driver\Tcpip \Device\RawIp SbFw.sys (GFI Firewall SDK TDI Firewall Driver/GFI Software)
    AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

    ---- EOF - GMER 1.0.15 ----









    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-06-24 13:46:36
    -----------------------------
    13:46:36.597 OS Version: Windows 5.1.2600 Service Pack 3
    13:46:36.597 Number of processors: 1 586 0x905
    13:46:36.627 ComputerName: TIMOTHY-F559E2E UserName: tshade
    13:46:51.459 Initialize success
    13:47:14.923 AVAST engine defs: 12062400
    13:47:45.176 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
    13:47:45.176 Disk 0 Vendor: WDC_WD3200BEVE-00A0HT0 11.01A11 Size: 305245MB BusType: 3
    13:47:45.226 Disk 0 MBR read successfully
    13:47:45.226 Disk 0 MBR scan
    13:47:45.256 Disk 0 unknown MBR code
    13:47:45.276 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 99997 MB offset 2048
    13:47:45.306 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 205244 MB offset 204796620
    13:47:45.356 Disk 0 scanning sectors +625137345
    13:47:45.486 Disk 0 scanning C:\WINDOWS\system32\drivers
    13:48:46.584 Service scanning
    13:49:27.503 Modules scanning
    13:50:24.225 Disk 0 trace - called modules:
    13:50:24.255 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
    13:50:24.565 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a38aab8]
    13:50:24.565 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a3923b8]
    13:50:26.859 AVAST engine scan C:\WINDOWS
    13:51:05.013 AVAST engine scan C:\WINDOWS\system32
    14:11:48.391 AVAST engine scan C:\WINDOWS\system32\drivers
    14:12:49.810 AVAST engine scan C:\Documents and Settings\tshade
    14:19:46.208 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\tshade\Desktop\MBR.dat"
    14:19:46.439 The log file has been saved successfully to "C:\Documents and Settings\tshade\Desktop\aswMBR.txt"

  5. #4
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello,

    Please run the following tools and post there logs. Can you also tell me more about these popups. For instance what do the say are they websites? Are adsites?

    1.
    Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
    • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
      Vista/Windows 7 users right-click and select Run As Administrator.
    • If TDSSKiller does not run, try renaming it.
    • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
    • Click the Start Scan button.
    • Do not use the computer during the scan
    • If the scan completes with nothing found, click Close to exit.
    • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
      Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
    • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C.
    • Copy and paste the contents of that file in your next reply.


    2.
    Install Recovery Console and Run ComboFix

    This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

    Download Combofix from any of the links below, and save it to your desktop.

    Link 1
    Link 2
    • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
    • Close any open windows, including this one.
    • Double click on ComboFix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    • If you did not have it installed, you will see the prompt below. Choose YES.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
    should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    • Click on Yes, to continue scanning for malware.
    • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
    Leave your computer alone while ComboFix is running.
    ComboFix will restart your computer if malware is found; allow it to do so.


    Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.


    Things to include in your next reply::
    TdssKiller log
    Combofix.txt
    How is your machine running now?
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  6. The Following User Says Thank You to fireman4it For This Useful Post:


  7. #5
    Member
    Join Date
    Apr 2009
    Posts
    29
    Points
    0

    Default

    The popups were both adsites and websites. But they don't happen all of the time...In fact I haven't had a popup for a couple of days.

    I could not locate the combofix.txt file. Combofix restarted the computer so there must have been something wrong correct? I did a full file search and looked myself in windows explorer and couldn't find it...any help there would be great.

    So TDSS log below.



    19:24:41.0225 0708 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
    19:24:41.0966 0708 ============================================================
    19:24:41.0966 0708 Current date / time: 2012/06/24 19:24:41.0966
    19:24:41.0966 0708 SystemInfo:
    19:24:41.0966 0708
    19:24:41.0966 0708 OS Version: 5.1.2600 ServicePack: 3.0
    19:24:41.0966 0708 Product type: Workstation
    19:24:41.0966 0708 ComputerName: TIMOTHY-F559E2E
    19:24:41.0966 0708 UserName: tshade
    19:24:41.0966 0708 Windows directory: C:\WINDOWS
    19:24:41.0966 0708 System windows directory: C:\WINDOWS
    19:24:41.0966 0708 Processor architecture: Intel x86
    19:24:41.0966 0708 Number of processors: 1
    19:24:41.0966 0708 Page size: 0x1000
    19:24:41.0966 0708 Boot type: Normal boot
    19:24:41.0966 0708 ============================================================
    19:24:43.0859 0708 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
    19:24:43.0859 0708 Drive \Device\Harddisk1\DR3 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
    19:24:43.0859 0708 ============================================================
    19:24:43.0859 0708 \Device\Harddisk0\DR0:
    19:24:43.0859 0708 MBR partitions:
    19:24:43.0859 0708 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC34EACC
    19:24:43.0859 0708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC34F2CC, BlocksNum 0x190DE3F5
    19:24:43.0859 0708 \Device\Harddisk1\DR3:
    19:24:43.0859 0708 MBR partitions:
    19:24:43.0859 0708 \Device\Harddisk1\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
    19:24:43.0859 0708 ============================================================
    19:24:43.0899 0708 C: <-> \Device\Harddisk0\DR0\Partition0
    19:24:43.0939 0708 E: <-> \Device\Harddisk0\DR0\Partition1
    19:24:44.0350 0708 H: <-> \Device\Harddisk1\DR3\Partition0
    19:24:44.0350 0708 ============================================================
    19:24:44.0350 0708 Initialize success
    19:24:44.0350 0708 ============================================================
    19:24:46.0573 3440 ============================================================
    19:24:46.0573 3440 Scan started
    19:24:46.0573 3440 Mode: Manual;
    19:24:46.0573 3440 ============================================================
    19:24:47.0935 3440 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    19:24:47.0975 3440 !SASCORE - ok
    19:24:48.0456 3440 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
    19:24:48.0456 3440 Aavmker4 - ok
    19:24:48.0476 3440 Abiosdsk - ok
    19:24:48.0486 3440 abp480n5 - ok
    19:24:48.0666 3440 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    19:24:48.0676 3440 ACPI - ok
    19:24:48.0726 3440 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
    19:24:48.0736 3440 ACPIEC - ok
    19:24:49.0267 3440 Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
    19:24:49.0497 3440 Ad-Aware Service - ok
    19:24:49.0507 3440 adpu160m - ok
    19:24:49.0577 3440 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    19:24:49.0587 3440 aec - ok
    19:24:49.0697 3440 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
    19:24:49.0707 3440 AFD - ok
    19:24:49.0758 3440 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
    19:24:49.0768 3440 agp440 - ok
    19:24:49.0778 3440 Aha154x - ok
    19:24:49.0788 3440 aic78u2 - ok
    19:24:49.0808 3440 aic78xx - ok
    19:24:49.0858 3440 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
    19:24:49.0858 3440 Alerter - ok
    19:24:49.0898 3440 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
    19:24:49.0898 3440 ALG - ok
    19:24:49.0918 3440 AliIde - ok
    19:24:49.0928 3440 amsint - ok
    19:24:50.0108 3440 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    19:24:50.0128 3440 Apple Mobile Device - ok
    19:24:50.0138 3440 AppMgmt - ok
    19:24:50.0148 3440 asc - ok
    19:24:50.0168 3440 asc3350p - ok
    19:24:50.0178 3440 asc3550 - ok
    19:24:50.0358 3440 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
    19:24:50.0388 3440 aspnet_state - ok
    19:24:50.0439 3440 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
    19:24:50.0449 3440 aswFsBlk - ok
    19:24:50.0549 3440 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
    19:24:50.0549 3440 aswMon2 - ok
    19:24:50.0579 3440 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
    19:24:50.0579 3440 aswRdr - ok
    19:24:50.0869 3440 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
    19:24:50.0879 3440 aswSnx - ok
    19:24:50.0979 3440 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
    19:24:50.0989 3440 aswSP - ok
    19:24:51.0009 3440 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
    19:24:51.0009 3440 aswTdi - ok
    19:24:51.0069 3440 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    19:24:51.0069 3440 AsyncMac - ok
    19:24:51.0180 3440 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    19:24:51.0180 3440 atapi - ok
    19:24:51.0190 3440 Atdisk - ok
    19:24:51.0500 3440 Ati HotKey Poller (450bf8c0bd401a48ffa91d28df665e93) C:\WINDOWS\system32\Ati2evxx.exe
    19:24:59.0341 3440 Ati HotKey Poller - ok
    19:25:00.0884 3440 ati2mtag (246248aada156450be611eceaa5fe033) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
    19:25:01.0905 3440 ati2mtag - ok
    19:25:02.0095 3440 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    19:25:02.0105 3440 Atmarpc - ok
    19:25:02.0256 3440 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
    19:25:02.0266 3440 AudioSrv - ok
    19:25:02.0316 3440 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    19:25:02.0326 3440 audstub - ok
    19:25:02.0606 3440 avast! Antivirus (996e6d052438e8d8dfd501f31560b2e0) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    19:25:02.0616 3440 avast! Antivirus - ok
    19:25:03.0067 3440 BCM43XX (30d20fc98bcfd52e1da778cf19b223d4) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
    19:25:03.0077 3440 BCM43XX - ok
    19:25:03.0197 3440 bcm4sbxp (78123f44be9e4768852a3a017e02d637) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
    19:25:03.0197 3440 bcm4sbxp - ok
    19:25:03.0257 3440 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    19:25:03.0257 3440 Beep - ok
    19:25:03.0437 3440 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
    19:25:03.0477 3440 BITS - ok
    19:25:03.0547 3440 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
    19:25:03.0577 3440 Bonjour Service - ok
    19:25:03.0638 3440 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
    19:25:03.0648 3440 Browser - ok
    19:25:03.0668 3440 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    19:25:03.0668 3440 cbidf2k - ok
    19:25:03.0698 3440 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    19:25:03.0708 3440 CCDECODE - ok
    19:25:03.0708 3440 cd20xrnt - ok
    19:25:03.0748 3440 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    19:25:03.0748 3440 Cdaudio - ok
    19:25:03.0778 3440 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    19:25:03.0778 3440 Cdfs - ok
    19:25:03.0798 3440 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    19:25:03.0798 3440 Cdrom - ok
    19:25:03.0828 3440 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
    19:25:03.0838 3440 cercsr6 - ok
    19:25:03.0838 3440 Changer - ok
    19:25:03.0878 3440 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
    19:25:03.0878 3440 CiSvc - ok
    19:25:03.0918 3440 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
    19:25:03.0938 3440 ClipSrv - ok
    19:25:04.0028 3440 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    19:25:04.0038 3440 clr_optimization_v2.0.50727_32 - ok
    19:25:04.0098 3440 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    19:25:04.0128 3440 clr_optimization_v4.0.30319_32 - ok
    19:25:04.0158 3440 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    19:25:04.0158 3440 CmBatt - ok
    19:25:04.0168 3440 CmdIde - ok
    19:25:04.0198 3440 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
    19:25:04.0198 3440 Compbatt - ok
    19:25:04.0208 3440 COMSysApp - ok
    19:25:04.0218 3440 Cpqarray - ok
    19:25:04.0268 3440 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
    19:25:04.0278 3440 CryptSvc - ok
    19:25:04.0278 3440 dac2w2k - ok
    19:25:04.0288 3440 dac960nt - ok
    19:25:04.0349 3440 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
    19:25:04.0359 3440 DcomLaunch - ok
    19:25:04.0399 3440 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
    19:25:04.0409 3440 Dhcp - ok
    19:25:04.0419 3440 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    19:25:04.0429 3440 Disk - ok
    19:25:04.0429 3440 dmadmin - ok
    19:25:04.0539 3440 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    19:25:04.0559 3440 dmboot - ok
    19:25:04.0579 3440 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    19:25:04.0579 3440 dmio - ok
    19:25:04.0619 3440 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    19:25:04.0619 3440 dmload - ok
    19:25:04.0659 3440 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
    19:25:04.0669 3440 dmserver - ok
    19:25:04.0699 3440 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    19:25:04.0699 3440 DMusic - ok
    19:25:04.0739 3440 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
    19:25:04.0749 3440 Dnscache - ok
    19:25:04.0779 3440 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
    19:25:04.0789 3440 Dot3svc - ok
    19:25:04.0789 3440 dpti2o - ok
    19:25:04.0819 3440 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    19:25:04.0819 3440 drmkaud - ok
    19:25:04.0839 3440 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
    19:25:04.0849 3440 EapHost - ok
    19:25:04.0879 3440 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
    19:25:04.0889 3440 ERSvc - ok
    19:25:04.0939 3440 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
    19:25:04.0959 3440 Eventlog - ok
    19:25:05.0019 3440 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
    19:25:05.0030 3440 EventSystem - ok
    19:25:05.0070 3440 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    19:25:05.0080 3440 Fastfat - ok
    19:25:05.0110 3440 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    19:25:05.0130 3440 FastUserSwitchingCompatibility - ok
    19:25:05.0170 3440 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
    19:25:05.0180 3440 Fdc - ok
    19:25:05.0230 3440 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    19:25:05.0230 3440 Fips - ok
    19:25:05.0240 3440 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
    19:25:05.0260 3440 Flpydisk - ok
    19:25:05.0290 3440 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    19:25:05.0300 3440 FltMgr - ok
    19:25:05.0400 3440 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    19:25:05.0420 3440 FontCache3.0.0.0 - ok
    19:25:05.0440 3440 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    19:25:05.0440 3440 Fs_Rec - ok
    19:25:05.0470 3440 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    19:25:05.0480 3440 Ftdisk - ok
    19:25:05.0520 3440 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
    19:25:05.0520 3440 GEARAspiWDM - ok
    19:25:05.0560 3440 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    19:25:05.0570 3440 Gpc - ok
    19:25:05.0610 3440 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    19:25:05.0630 3440 helpsvc - ok
    19:25:05.0670 3440 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
    19:25:05.0670 3440 HidServ - ok
    19:25:05.0690 3440 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    19:25:05.0700 3440 HidUsb - ok
    19:25:05.0731 3440 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
    19:25:05.0741 3440 hkmsvc - ok
    19:25:05.0751 3440 hpn - ok
    19:25:05.0791 3440 HPZid412 (863cc3a82c63c9f60acf2e85d5310620) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
    19:25:05.0791 3440 HPZid412 - ok
    19:25:05.0801 3440 HPZipr12 (08cb72e95dd75b61f2966b311d0e4366) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
    19:25:05.0801 3440 HPZipr12 - ok
    19:25:05.0841 3440 HPZius12 (ca990306ed4ef732af9695bff24fc96f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
    19:25:05.0841 3440 HPZius12 - ok
    19:25:05.0891 3440 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    19:25:05.0901 3440 HTTP - ok
    19:25:05.0941 3440 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
    19:25:05.0981 3440 HTTPFilter - ok
    19:25:05.0991 3440 i2omgmt - ok
    19:25:05.0991 3440 i2omp - ok
    19:25:06.0021 3440 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    19:25:06.0021 3440 i8042prt - ok
    19:25:06.0141 3440 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    19:25:06.0191 3440 idsvc - ok
    19:25:06.0241 3440 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    19:25:06.0241 3440 Imapi - ok
    19:25:06.0291 3440 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
    19:25:06.0291 3440 ImapiService - ok
    19:25:06.0301 3440 ini910u - ok
    19:25:06.0331 3440 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
    19:25:06.0331 3440 IntelIde - ok
    19:25:06.0371 3440 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    19:25:06.0381 3440 intelppm - ok
    19:25:06.0401 3440 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    19:25:06.0411 3440 Ip6Fw - ok
    19:25:06.0442 3440 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    19:25:06.0452 3440 IpFilterDriver - ok
    19:25:06.0472 3440 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    19:25:06.0472 3440 IpInIp - ok
    19:25:06.0512 3440 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    19:25:06.0512 3440 IpNat - ok
    19:25:06.0662 3440 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
    19:25:06.0712 3440 iPod Service - ok
    19:25:06.0752 3440 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    19:25:06.0762 3440 IPSec - ok
    19:25:06.0782 3440 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    19:25:06.0792 3440 IRENUM - ok
    19:25:06.0822 3440 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    19:25:06.0822 3440 isapnp - ok
    19:25:06.0902 3440 JavaQuickStarterService (9dba73c2f1e76ec4cb837e67c5743596) C:\Program Files\Java\jre6\bin\jqs.exe
    19:25:06.0902 3440 JavaQuickStarterService - ok
    19:25:06.0922 3440 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    19:25:06.0922 3440 Kbdclass - ok
    19:25:06.0952 3440 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    19:25:06.0952 3440 kmixer - ok
    19:25:06.0992 3440 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    19:25:06.0992 3440 KSecDD - ok
    19:25:07.0032 3440 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
    19:25:07.0052 3440 lanmanserver - ok
    19:25:07.0082 3440 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
    19:25:07.0092 3440 lanmanworkstation - ok
    19:25:07.0102 3440 Lbd - ok
    19:25:07.0113 3440 lbrtfdc - ok
    19:25:07.0153 3440 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
    19:25:07.0163 3440 LmHosts - ok
    19:25:07.0203 3440 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
    19:25:07.0213 3440 Messenger - ok
    19:25:07.0303 3440 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
    19:25:07.0333 3440 Microsoft Office Groove Audit Service - ok
    19:25:07.0373 3440 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    19:25:07.0373 3440 mnmdd - ok
    19:25:07.0413 3440 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
    19:25:07.0423 3440 mnmsrvc - ok
    19:25:07.0473 3440 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    19:25:07.0473 3440 Modem - ok
    19:25:07.0503 3440 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    19:25:07.0513 3440 Mouclass - ok
    19:25:07.0553 3440 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    19:25:07.0553 3440 mouhid - ok
    19:25:07.0573 3440 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    19:25:07.0583 3440 MountMgr - ok
    19:25:07.0633 3440 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    19:25:07.0653 3440 MozillaMaintenance - ok
    19:25:07.0663 3440 mraid35x - ok
    19:25:07.0683 3440 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    19:25:07.0693 3440 MRxDAV - ok
    19:25:07.0773 3440 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    19:25:07.0783 3440 MRxSmb - ok
    19:25:07.0814 3440 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
    19:25:07.0814 3440 MSDTC - ok
    19:25:07.0844 3440 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    19:25:07.0854 3440 Msfs - ok
    19:25:07.0854 3440 MSIServer - ok
    19:25:07.0894 3440 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    19:25:07.0894 3440 MSKSSRV - ok
    19:25:07.0914 3440 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    19:25:07.0914 3440 MSPCLOCK - ok
    19:25:07.0934 3440 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    19:25:07.0934 3440 MSPQM - ok
    19:25:07.0964 3440 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    19:25:07.0974 3440 mssmbios - ok
    19:25:08.0014 3440 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    19:25:08.0014 3440 MSTEE - ok
    19:25:08.0044 3440 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    19:25:08.0054 3440 Mup - ok
    19:25:08.0084 3440 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    19:25:08.0084 3440 NABTSFEC - ok
    19:25:08.0144 3440 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
    19:25:08.0174 3440 napagent - ok
    19:25:08.0224 3440 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    19:25:08.0234 3440 NDIS - ok
    19:25:08.0274 3440 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    19:25:08.0274 3440 NdisIP - ok
    19:25:08.0324 3440 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    19:25:08.0324 3440 NdisTapi - ok
    19:25:08.0354 3440 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    19:25:08.0364 3440 Ndisuio - ok
    19:25:08.0394 3440 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    19:25:08.0404 3440 NdisWan - ok
    19:25:08.0434 3440 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    19:25:08.0434 3440 NDProxy - ok
    19:25:08.0484 3440 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    19:25:08.0494 3440 NetBIOS - ok
    19:25:08.0535 3440 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    19:25:08.0535 3440 NetBT - ok
    19:25:08.0585 3440 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
    19:25:08.0595 3440 NetDDE - ok
    19:25:08.0605 3440 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
    19:25:08.0615 3440 NetDDEdsdm - ok
    19:25:08.0645 3440 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    19:25:08.0645 3440 Netlogon - ok
    19:25:08.0705 3440 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
    19:25:08.0715 3440 Netman - ok
    19:25:08.0815 3440 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    19:25:08.0845 3440 NetTcpPortSharing - ok
    19:25:08.0905 3440 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
    19:25:08.0905 3440 Nla - ok
    19:25:08.0945 3440 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    19:25:08.0955 3440 Npfs - ok
    19:25:09.0025 3440 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    19:25:09.0035 3440 Ntfs - ok
    19:25:09.0035 3440 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    19:25:09.0045 3440 NtLmSsp - ok
    19:25:09.0105 3440 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
    19:25:09.0115 3440 NtmsSvc - ok
    19:25:09.0155 3440 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    19:25:09.0155 3440 Null - ok
    19:25:09.0185 3440 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    19:25:09.0195 3440 NwlnkFlt - ok
    19:25:09.0236 3440 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    19:25:09.0236 3440 NwlnkFwd - ok
    19:25:09.0286 3440 O2SCBUS (dd3764730845a74a7fc1021148803fdd) C:\WINDOWS\system32\DRIVERS\ozscr.sys
    19:25:09.0286 3440 O2SCBUS - ok
    19:25:09.0416 3440 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    19:25:09.0446 3440 odserv - ok
    19:25:09.0496 3440 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    19:25:09.0526 3440 ose - ok
    19:25:09.0566 3440 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
    19:25:09.0566 3440 Parport - ok
    19:25:09.0586 3440 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    19:25:09.0596 3440 PartMgr - ok
    19:25:09.0626 3440 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    19:25:09.0636 3440 ParVdm - ok
    19:25:09.0646 3440 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    19:25:09.0646 3440 PCI - ok
    19:25:09.0656 3440 PCIDump - ok
    19:25:09.0676 3440 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
    19:25:09.0686 3440 PCIIde - ok
    19:25:09.0706 3440 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
    19:25:09.0716 3440 Pcmcia - ok
    19:25:09.0726 3440 PDCOMP - ok
    19:25:09.0736 3440 PDFRAME - ok
    19:25:09.0746 3440 PDRELI - ok
    19:25:09.0756 3440 PDRFRAME - ok
    19:25:09.0756 3440 perc2 - ok
    19:25:09.0766 3440 perc2hib - ok
    19:25:09.0836 3440 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
    19:25:09.0836 3440 PlugPlay - ok
    19:25:09.0886 3440 Pml Driver HPZ12 (fb03f341ff5380394bf2ee52f1979925) C:\WINDOWS\system32\HPZipm12.exe
    19:25:09.0897 3440 Pml Driver HPZ12 - ok
    19:25:09.0927 3440 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    19:25:09.0927 3440 PolicyAgent - ok
    19:25:09.0957 3440 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    19:25:09.0957 3440 PptpMiniport - ok
    19:25:09.0977 3440 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    19:25:09.0987 3440 ProtectedStorage - ok
    19:25:09.0997 3440 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    19:25:10.0007 3440 PSched - ok
    19:25:10.0027 3440 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    19:25:10.0027 3440 Ptilink - ok
    19:25:10.0037 3440 ql1080 - ok
    19:25:10.0047 3440 Ql10wnt - ok
    19:25:10.0047 3440 ql12160 - ok
    19:25:10.0057 3440 ql1240 - ok
    19:25:10.0067 3440 ql1280 - ok
    19:25:10.0097 3440 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    19:25:10.0107 3440 RasAcd - ok
    19:25:10.0147 3440 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
    19:25:10.0167 3440 RasAuto - ok
    19:25:10.0197 3440 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    19:25:10.0207 3440 Rasl2tp - ok
    19:25:10.0267 3440 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
    19:25:10.0317 3440 RasMan - ok
    19:25:10.0327 3440 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    19:25:10.0337 3440 RasPppoe - ok
    19:25:10.0357 3440 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    19:25:10.0367 3440 Raspti - ok
    19:25:10.0397 3440 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    19:25:10.0437 3440 Rdbss - ok
    19:25:10.0457 3440 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    19:25:10.0467 3440 RDPCDD - ok
    19:25:10.0517 3440 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
    19:25:10.0527 3440 RDPWD - ok
    19:25:10.0557 3440 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
    19:25:10.0577 3440 RDSessMgr - ok
    19:25:10.0608 3440 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    19:25:10.0618 3440 redbook - ok
    19:25:12.0971 3440 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
    19:25:12.0981 3440 RemoteAccess - ok
    19:25:13.0021 3440 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
    19:25:13.0291 3440 RpcLocator - ok
    19:25:13.0361 3440 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
    19:25:13.0372 3440 RpcSs - ok
    19:25:13.0412 3440 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
    19:25:13.0432 3440 RSVP - ok
    19:25:13.0452 3440 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    19:25:13.0462 3440 SamSs - ok
    19:25:13.0552 3440 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    19:25:13.0572 3440 SASDIFSV - ok
    19:25:13.0602 3440 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    19:25:13.0602 3440 SASKUTIL - ok
    19:25:13.0872 3440 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
    19:25:14.0002 3440 SBAMSvc - ok
    19:25:14.0143 3440 sbaphd (62ba65cc0b4a4bd1eaff5fed6e2b5069) C:\WINDOWS\system32\drivers\sbaphd.sys
    19:25:14.0143 3440 sbaphd - ok
    19:25:14.0163 3440 sbapifs (3fff8cda4d2f29ca06f1557e85163c30) C:\WINDOWS\system32\drivers\sbapifs.sys
    19:25:14.0173 3440 sbapifs - ok
    19:25:14.0243 3440 SbFw (dc19ff9879775ac86baa9c9282573e87) C:\WINDOWS\system32\drivers\SbFw.sys
    19:25:14.0243 3440 SbFw - ok
    19:25:14.0273 3440 SBFWIMCL (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\sbfwim.sys
    19:25:14.0283 3440 SBFWIMCL - ok
    19:25:14.0293 3440 SBFWIMCLMP (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
    19:25:14.0303 3440 SBFWIMCLMP - ok
    19:25:14.0333 3440 sbhips (1afd7178ab9c4fce2d332da7aa474fa6) C:\WINDOWS\system32\drivers\sbhips.sys
    19:25:14.0333 3440 sbhips - ok
    19:25:14.0363 3440 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\WINDOWS\system32\drivers\SBREdrv.sys
    19:25:14.0373 3440 SBRE - ok
    19:25:14.0393 3440 sbtis (3ccb4c5686d23033fd01835bed868b4b) C:\WINDOWS\system32\drivers\sbtis.sys
    19:25:14.0403 3440 sbtis - ok
    19:25:14.0453 3440 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
    19:25:14.0473 3440 SCardSvr - ok
    19:25:14.0523 3440 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
    19:25:14.0553 3440 Schedule - ok
    19:25:14.0603 3440 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    19:25:14.0603 3440 Secdrv - ok
    19:25:14.0653 3440 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
    19:25:14.0663 3440 seclogon - ok
    19:25:14.0693 3440 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
    19:25:14.0723 3440 SENS - ok
    19:25:14.0774 3440 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    19:25:14.0784 3440 serenum - ok
    19:25:14.0844 3440 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
    19:25:14.0844 3440 Serial - ok
    19:25:14.0924 3440 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    19:25:14.0924 3440 Sfloppy - ok
    19:25:14.0984 3440 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
    19:25:14.0994 3440 SharedAccess - ok
    19:25:15.0044 3440 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    19:25:15.0054 3440 ShellHWDetection - ok
    19:25:15.0064 3440 Simbad - ok
    19:25:15.0104 3440 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    19:25:15.0104 3440 SLIP - ok
    19:25:15.0134 3440 Sparrow - ok
    19:25:15.0164 3440 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    19:25:15.0164 3440 splitter - ok
    19:25:15.0214 3440 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
    19:25:15.0234 3440 Spooler - ok
    19:25:15.0264 3440 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    19:25:15.0274 3440 sr - ok
    19:25:15.0334 3440 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
    19:25:15.0364 3440 srservice - ok
    19:25:15.0404 3440 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    19:25:15.0404 3440 Srv - ok
    19:25:15.0444 3440 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
    19:25:15.0475 3440 SSDPSRV - ok
    19:25:15.0535 3440 STAC97 (5813d453ef8ce49d607c255cf128aceb) C:\WINDOWS\system32\drivers\stac97.sys
    19:25:15.0545 3440 STAC97 - ok
    19:25:15.0605 3440 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
    19:25:15.0655 3440 stisvc - ok
    19:25:15.0695 3440 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    19:25:15.0695 3440 streamip - ok
    19:25:15.0725 3440 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    19:25:15.0735 3440 swenum - ok
    19:25:15.0755 3440 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    19:25:15.0765 3440 swmidi - ok
    19:25:15.0775 3440 SwPrv - ok
    19:25:15.0795 3440 symc810 - ok
    19:25:15.0815 3440 symc8xx - ok
    19:25:15.0825 3440 sym_hi - ok
    19:25:15.0835 3440 sym_u3 - ok
    19:25:15.0885 3440 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    19:25:15.0895 3440 sysaudio - ok
    19:25:15.0945 3440 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
    19:25:15.0975 3440 SysmonLog - ok
    19:25:16.0025 3440 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
    19:25:16.0085 3440 TapiSrv - ok
    19:25:16.0156 3440 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    19:25:16.0156 3440 Tcpip - ok
    19:25:16.0206 3440 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    19:25:16.0206 3440 TDPIPE - ok
    19:25:16.0236 3440 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    19:25:16.0246 3440 TDTCP - ok
    19:25:16.0286 3440 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    19:25:16.0286 3440 TermDD - ok
    19:25:16.0356 3440 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
    19:25:16.0376 3440 TermService - ok
    19:25:16.0436 3440 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    19:25:16.0446 3440 Themes - ok
    19:25:16.0456 3440 TosIde - ok
    19:25:16.0506 3440 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
    19:25:16.0536 3440 TrkWks - ok
    19:25:16.0586 3440 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    19:25:16.0596 3440 Udfs - ok
    19:25:16.0606 3440 ultra - ok
    19:25:16.0646 3440 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    19:25:16.0656 3440 Update - ok
    19:25:16.0696 3440 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
    19:25:16.0726 3440 upnphost - ok
    19:25:16.0746 3440 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
    19:25:16.0786 3440 UPS - ok
    19:25:16.0846 3440 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
    19:25:16.0846 3440 USBAAPL - ok
    19:25:16.0897 3440 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
    19:25:16.0897 3440 usbaudio - ok
    19:25:16.0937 3440 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    19:25:16.0937 3440 usbccgp - ok
    19:25:16.0987 3440 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    19:25:16.0987 3440 usbehci - ok
    19:25:17.0007 3440 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    19:25:17.0007 3440 usbhub - ok
    19:25:17.0047 3440 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    19:25:17.0067 3440 usbprint - ok
    19:25:17.0087 3440 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    19:25:17.0097 3440 usbscan - ok
    19:25:17.0127 3440 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    19:25:17.0127 3440 USBSTOR - ok
    19:25:17.0167 3440 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    19:25:17.0177 3440 usbuhci - ok
    19:25:17.0207 3440 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
    19:25:17.0217 3440 usbvideo - ok
    19:25:17.0257 3440 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    19:25:17.0257 3440 VgaSave - ok
    19:25:17.0277 3440 ViaIde - ok
    19:25:17.0297 3440 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
    19:25:17.0307 3440 VolSnap - ok
    19:25:17.0377 3440 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
    19:25:17.0397 3440 VSS - ok
    19:25:17.0457 3440 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
    19:25:17.0497 3440 W32Time - ok
    19:25:17.0537 3440 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    19:25:17.0548 3440 Wanarp - ok
    19:25:17.0558 3440 WDICA - ok
    19:25:17.0588 3440 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    19:25:17.0588 3440 wdmaud - ok
    19:25:17.0648 3440 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
    19:25:17.0668 3440 WebClient - ok
    19:25:17.0758 3440 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
    19:25:17.0778 3440 winmgmt - ok
    19:25:17.0808 3440 wltrysvc - ok
    19:25:17.0848 3440 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
    19:25:17.0858 3440 WmdmPmSN - ok
    19:25:17.0898 3440 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
    19:25:17.0918 3440 WmiApSrv - ok
    19:25:18.0078 3440 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
    19:25:18.0138 3440 WMPNetworkSvc - ok
    19:25:18.0339 3440 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    19:25:18.0389 3440 WPFFontCache_v0400 - ok
    19:25:18.0509 3440 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
    19:25:18.0539 3440 wscsvc - ok
    19:25:18.0589 3440 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    19:25:18.0589 3440 WSTCODEC - ok
    19:25:18.0629 3440 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
    19:25:18.0669 3440 wuauserv - ok
    19:25:18.0709 3440 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    19:25:18.0719 3440 WudfPf - ok
    19:25:18.0749 3440 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    19:25:18.0749 3440 WudfRd - ok
    19:25:18.0769 3440 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
    19:25:18.0809 3440 WudfSvc - ok
    19:25:18.0879 3440 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
    19:25:18.0929 3440 WZCSVC - ok
    19:25:18.0970 3440 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
    19:25:18.0990 3440 xmlprov - ok
    19:25:19.0020 3440 MBR (0x1B8) (f46767ae2998ea7510ca3750adfc1357) \Device\Harddisk0\DR0
    19:25:19.0580 3440 \Device\Harddisk0\DR0 - ok
    19:25:19.0891 3440 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR3
    19:25:19.0901 3440 \Device\Harddisk1\DR3 - ok
    19:25:19.0931 3440 Boot (0x1200) (2f0d37db3ad32420492557382f738d5b) \Device\Harddisk0\DR0\Partition0
    19:25:19.0931 3440 \Device\Harddisk0\DR0\Partition0 - ok
    19:25:19.0951 3440 Boot (0x1200) (2f30d4aa0736aca7d034a9ad5ef9456c) \Device\Harddisk0\DR0\Partition1
    19:25:19.0951 3440 \Device\Harddisk0\DR0\Partition1 - ok
    19:25:20.0011 3440 Boot (0x1200) (d7d38125f3ea4ea57f33464d0a75fe59) \Device\Harddisk1\DR3\Partition0
    19:25:20.0011 3440 \Device\Harddisk1\DR3\Partition0 - ok
    19:25:20.0021 3440 ============================================================
    19:25:20.0021 3440 Scan finished
    19:25:20.0021 3440 ============================================================
    19:25:20.0542 1372 Detected object count: 0
    19:25:20.0542 1372 Actual detected object count: 0
    19:25:32.0619 2792 ============================================================
    19:25:32.0619 2792 Scan started
    19:25:32.0619 2792 Mode: Manual;
    19:25:32.0619 2792 ============================================================
    19:25:32.0910 2792 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    19:25:32.0910 2792 !SASCORE - ok
    19:25:32.0990 2792 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
    19:25:32.0990 2792 Aavmker4 - ok
    19:25:33.0000 2792 Abiosdsk - ok
    19:25:33.0010 2792 abp480n5 - ok
    19:25:33.0070 2792 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    19:25:33.0070 2792 ACPI - ok
    19:25:33.0110 2792 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
    19:25:33.0110 2792 ACPIEC - ok
    19:25:33.0240 2792 Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
    19:25:33.0250 2792 Ad-Aware Service - ok
    19:25:33.0260 2792 adpu160m - ok
    19:25:33.0310 2792 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    19:25:33.0310 2792 aec - ok
    19:25:33.0360 2792 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
    19:25:33.0360 2792 AFD - ok
    19:25:33.0390 2792 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
    19:25:33.0390 2792 agp440 - ok
    19:25:33.0400 2792 Aha154x - ok
    19:25:33.0410 2792 aic78u2 - ok
    19:25:33.0430 2792 aic78xx - ok
    19:25:33.0450 2792 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
    19:25:33.0450 2792 Alerter - ok
    19:25:33.0490 2792 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
    19:25:33.0490 2792 ALG - ok
    19:25:33.0500 2792 AliIde - ok
    19:25:33.0510 2792 amsint - ok
    19:25:33.0631 2792 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    19:25:33.0641 2792 Apple Mobile Device - ok
    19:25:33.0651 2792 AppMgmt - ok
    19:25:33.0661 2792 asc - ok
    19:25:33.0671 2792 asc3350p - ok
    19:25:33.0681 2792 asc3550 - ok
    19:25:33.0791 2792 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
    19:25:33.0791 2792 aspnet_state - ok
    19:25:33.0811 2792 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
    19:25:33.0821 2792 aswFsBlk - ok
    19:25:33.0841 2792 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
    19:25:33.0841 2792 aswMon2 - ok
    19:25:33.0871 2792 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
    19:25:33.0871 2792 aswRdr - ok
    19:25:33.0951 2792 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
    19:25:33.0951 2792 aswSnx - ok
    19:25:33.0991 2792 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
    19:25:34.0001 2792 aswSP - ok
    19:25:34.0021 2792 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
    19:25:34.0021 2792 aswTdi - ok
    19:25:34.0061 2792 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    19:25:34.0061 2792 AsyncMac - ok
    19:25:34.0081 2792 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    19:25:34.0081 2792 atapi - ok
    19:25:34.0091 2792 Atdisk - ok
    19:25:34.0161 2792 Ati HotKey Poller (450bf8c0bd401a48ffa91d28df665e93) C:\WINDOWS\system32\Ati2evxx.exe
    19:25:34.0171 2792 Ati HotKey Poller - ok
    19:25:34.0332 2792 ati2mtag (246248aada156450be611eceaa5fe033) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
    19:25:34.0352 2792 ati2mtag - ok
    19:25:34.0392 2792 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    19:25:34.0392 2792 Atmarpc - ok
    19:25:34.0432 2792 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
    19:25:34.0432 2792 AudioSrv - ok
    19:25:34.0462 2792 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    19:25:34.0472 2792 audstub - ok
    19:25:34.0542 2792 avast! Antivirus (996e6d052438e8d8dfd501f31560b2e0) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    19:25:34.0542 2792 avast! Antivirus - ok
    19:25:34.0612 2792 BCM43XX (30d20fc98bcfd52e1da778cf19b223d4) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
    19:25:34.0612 2792 BCM43XX - ok
    19:25:34.0642 2792 bcm4sbxp (78123f44be9e4768852a3a017e02d637) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
    19:25:34.0652 2792 bcm4sbxp - ok
    19:25:34.0692 2792 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    19:25:34.0692 2792 Beep - ok
    19:25:34.0772 2792 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
    19:25:34.0782 2792 BITS - ok
    19:25:34.0902 2792 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
    19:25:34.0912 2792 Bonjour Service - ok
    19:25:34.0963 2792 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
    19:25:34.0963 2792 Browser - ok
    19:25:34.0993 2792 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    19:25:34.0993 2792 cbidf2k - ok
    19:25:35.0033 2792 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    19:25:35.0033 2792 CCDECODE - ok
    19:25:35.0043 2792 cd20xrnt - ok
    19:25:35.0083 2792 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    19:25:35.0083 2792 Cdaudio - ok
    19:25:35.0133 2792 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    19:25:35.0133 2792 Cdfs - ok
    19:25:35.0163 2792 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    19:25:35.0163 2792 Cdrom - ok
    19:25:35.0193 2792 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
    19:25:35.0193 2792 cercsr6 - ok
    19:25:35.0203 2792 Changer - ok
    19:25:35.0233 2792 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
    19:25:35.0243 2792 CiSvc - ok
    19:25:35.0283 2792 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
    19:25:35.0283 2792 ClipSrv - ok
    19:25:35.0373 2792 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    19:25:35.0373 2792 clr_optimization_v2.0.50727_32 - ok
    19:25:35.0443 2792 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    19:25:35.0443 2792 clr_optimization_v4.0.30319_32 - ok
    19:25:35.0473 2792 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    19:25:35.0473 2792 CmBatt - ok
    19:25:35.0483 2792 CmdIde - ok
    19:25:35.0533 2792 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
    19:25:35.0533 2792 Compbatt - ok
    19:25:35.0553 2792 COMSysApp - ok
    19:25:35.0573 2792 Cpqarray - ok
    19:25:35.0623 2792 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
    19:25:35.0623 2792 CryptSvc - ok
    19:25:35.0634 2792 dac2w2k - ok
    19:25:35.0654 2792 dac960nt - ok
    19:25:35.0724 2792 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
    19:25:35.0734 2792 DcomLaunch - ok
    19:25:35.0774 2792 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
    19:25:35.0784 2792 Dhcp - ok
    19:25:35.0794 2792 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    19:25:35.0794 2792 Disk - ok
    19:25:35.0814 2792 dmadmin - ok
    19:25:35.0924 2792 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    19:25:35.0934 2792 dmboot - ok
    19:25:35.0974 2792 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    19:25:35.0974 2792 dmio - ok
    19:25:36.0014 2792 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    19:25:36.0014 2792 dmload - ok
    19:25:36.0054 2792 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
    19:25:36.0054 2792 dmserver - ok
    19:25:36.0104 2792 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    19:25:36.0104 2792 DMusic - ok
    19:25:36.0144 2792 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
    19:25:36.0144 2792 Dnscache - ok
    19:25:36.0204 2792 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
    19:25:36.0204 2792 Dot3svc - ok
    19:25:36.0214 2792 dpti2o - ok
    19:25:36.0234 2792 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    19:25:36.0244 2792 drmkaud - ok
    19:25:36.0284 2792 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
    19:25:36.0284 2792 EapHost - ok
    19:25:36.0335 2792 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
    19:25:36.0335 2792 ERSvc - ok
    19:25:36.0385 2792 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
    19:25:36.0385 2792 Eventlog - ok
    19:25:36.0435 2792 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
    19:25:36.0445 2792 EventSystem - ok
    19:25:36.0495 2792 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    19:25:36.0495 2792 Fastfat - ok
    19:25:36.0525 2792 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    19:25:36.0535 2792 FastUserSwitchingCompatibility - ok
    19:25:36.0565 2792 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
    19:25:36.0575 2792 Fdc - ok
    19:25:36.0625 2792 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    19:25:36.0625 2792 Fips - ok
    19:25:36.0635 2792 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
    19:25:36.0635 2792 Flpydisk - ok
    19:25:36.0685 2792 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    19:25:36.0685 2792 FltMgr - ok
    19:25:36.0805 2792 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    19:25:36.0805 2792 FontCache3.0.0.0 - ok
    19:25:36.0835 2792 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    19:25:36.0835 2792 Fs_Rec - ok
    19:25:36.0865 2792 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    19:25:36.0865 2792 Ftdisk - ok
    19:25:36.0915 2792 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
    19:25:36.0915 2792 GEARAspiWDM - ok
    19:25:36.0955 2792 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    19:25:36.0965 2792 Gpc - ok
    19:25:37.0015 2792 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    19:25:37.0026 2792 helpsvc - ok
    19:25:37.0066 2792 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
    19:25:37.0066 2792 HidServ - ok
    19:25:37.0086 2792 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    19:25:37.0096 2792 HidUsb - ok
    19:25:37.0136 2792 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
    19:25:37.0146 2792 hkmsvc - ok
    19:25:37.0156 2792 hpn - ok
    19:25:37.0196 2792 HPZid412 (863cc3a82c63c9f60acf2e85d5310620) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
    19:25:37.0196 2792 HPZid412 - ok
    19:25:37.0216 2792 HPZipr12 (08cb72e95dd75b61f2966b311d0e4366) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
    19:25:37.0216 2792 HPZipr12 - ok
    19:25:37.0256 2792 HPZius12 (ca990306ed4ef732af9695bff24fc96f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
    19:25:37.0256 2792 HPZius12 - ok
    19:25:37.0306 2792 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    19:25:37.0316 2792 HTTP - ok
    19:25:37.0366 2792 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
    19:25:37.0366 2792 HTTPFilter - ok
    19:25:37.0386 2792 i2omgmt - ok
    19:25:37.0396 2792 i2omp - ok
    19:25:37.0416 2792 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    19:25:37.0416 2792 i8042prt - ok
    19:25:37.0546 2792 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    19:25:37.0556 2792 idsvc - ok
    19:25:37.0596 2792 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    19:25:37.0596 2792 Imapi - ok
    19:25:37.0636 2792 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
    19:25:37.0646 2792 ImapiService - ok
    19:25:37.0656 2792 ini910u - ok
    19:25:37.0686 2792 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
    19:25:37.0696 2792 IntelIde - ok
    19:25:37.0737 2792 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    19:25:37.0737 2792 intelppm - ok
    19:25:37.0767 2792 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    19:25:37.0767 2792 Ip6Fw - ok
    19:25:37.0807 2792 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    19:25:37.0807 2792 IpFilterDriver - ok
    19:25:37.0837 2792 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    19:25:37.0837 2792 IpInIp - ok
    19:25:37.0877 2792 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    19:25:37.0887 2792 IpNat - ok
    19:25:38.0037 2792 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
    19:25:38.0047 2792 iPod Service - ok
    19:25:38.0087 2792 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    19:25:38.0087 2792 IPSec - ok
    19:25:38.0117 2792 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    19:25:38.0117 2792 IRENUM - ok
    19:25:38.0147 2792 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    19:25:38.0147 2792 isapnp - ok
    19:25:38.0237 2792 JavaQuickStarterService (9dba73c2f1e76ec4cb837e67c5743596) C:\Program Files\Java\jre6\bin\jqs.exe
    19:25:38.0247 2792 JavaQuickStarterService - ok
    19:25:38.0267 2792 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    19:25:38.0267 2792 Kbdclass - ok
    19:25:38.0297 2792 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    19:25:38.0307 2792 kmixer - ok
    19:25:38.0337 2792 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    19:25:38.0347 2792 KSecDD - ok
    19:25:38.0397 2792 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
    19:25:38.0397 2792 lanmanserver - ok
    19:25:38.0428 2792 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
    19:25:38.0438 2792 lanmanworkstation - ok
    19:25:38.0448 2792 Lbd - ok
    19:25:38.0468 2792 lbrtfdc - ok
    19:25:38.0508 2792 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
    19:25:38.0508 2792 LmHosts - ok
    19:25:38.0558 2792 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
    19:25:38.0558 2792 Messenger - ok
    19:25:38.0618 2792 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
    19:25:38.0628 2792 Microsoft Office Groove Audit Service - ok
    19:25:38.0668 2792 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    19:25:38.0668 2792 mnmdd - ok
    19:25:38.0708 2792 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
    19:25:38.0718 2792 mnmsrvc - ok
    19:25:38.0758 2792 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    19:25:38.0758 2792 Modem - ok
    19:25:38.0788 2792 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    19:25:38.0788 2792 Mouclass - ok
    19:25:38.0838 2792 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    19:25:38.0838 2792 mouhid - ok
    19:25:38.0858 2792 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    19:25:38.0868 2792 MountMgr - ok
    19:25:38.0918 2792 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    19:25:38.0928 2792 MozillaMaintenance - ok
    19:25:38.0938 2792 mraid35x - ok
    19:25:38.0958 2792 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    19:25:38.0968 2792 MRxDAV - ok
    19:25:39.0028 2792 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    19:25:39.0038 2792 MRxSmb - ok
    19:25:39.0068 2792 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
    19:25:39.0078 2792 MSDTC - ok
    19:25:39.0109 2792 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    19:25:39.0109 2792 Msfs - ok
    19:25:39.0129 2792 MSIServer - ok
    19:25:39.0159 2792 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    19:25:39.0159 2792 MSKSSRV - ok
    19:25:39.0169 2792 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    19:25:39.0179 2792 MSPCLOCK - ok
    19:25:39.0199 2792 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    19:25:39.0199 2792 MSPQM - ok
    19:25:39.0229 2792 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    19:25:39.0229 2792 mssmbios - ok
    19:25:39.0269 2792 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    19:25:39.0269 2792 MSTEE - ok
    19:25:39.0319 2792 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    19:25:39.0319 2792 Mup - ok
    19:25:39.0379 2792 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    19:25:39.0379 2792 NABTSFEC - ok
    19:25:39.0439 2792 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
    19:25:39.0449 2792 napagent - ok
    19:25:39.0499 2792 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    19:25:39.0499 2792 NDIS - ok
    19:25:39.0539 2792 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    19:25:39.0539 2792 NdisIP - ok
    19:25:39.0579 2792 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    19:25:39.0579 2792 NdisTapi - ok
    19:25:39.0619 2792 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    19:25:39.0619 2792 Ndisuio - ok
    19:25:39.0659 2792 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    19:25:39.0659 2792 NdisWan - ok
    19:25:39.0689 2792 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    19:25:39.0689 2792 NDProxy - ok
    19:25:39.0729 2792 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    19:25:39.0739 2792 NetBIOS - ok
    19:25:39.0800 2792 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    19:25:39.0800 2792 NetBT - ok
    19:25:39.0870 2792 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
    19:25:39.0880 2792 NetDDE - ok
    19:25:39.0890 2792 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
    19:25:39.0890 2792 NetDDEdsdm - ok
    19:25:39.0940 2792 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    19:25:39.0940 2792 Netlogon - ok
    19:25:40.0000 2792 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
    19:25:40.0000 2792 Netman - ok
    19:25:40.0110 2792 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    19:25:40.0110 2792 NetTcpPortSharing - ok
    19:25:40.0170 2792 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
    19:25:40.0180 2792 Nla - ok
    19:25:40.0220 2792 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    19:25:40.0220 2792 Npfs - ok
    19:25:40.0290 2792 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    19:25:40.0300 2792 Ntfs - ok
    19:25:40.0320 2792 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    19:25:40.0320 2792 NtLmSsp - ok
    19:25:40.0380 2792 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
    19:25:40.0390 2792 NtmsSvc - ok
    19:25:40.0430 2792 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    19:25:40.0430 2792 Null - ok
    19:25:40.0460 2792 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    19:25:40.0460 2792 NwlnkFlt - ok
    19:25:40.0480 2792 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    19:25:40.0480 2792 NwlnkFwd - ok
    19:25:40.0531 2792 O2SCBUS (dd3764730845a74a7fc1021148803fdd) C:\WINDOWS\system32\DRIVERS\ozscr.sys
    19:25:40.0541 2792 O2SCBUS - ok
    19:25:40.0651 2792 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    19:25:40.0661 2792 odserv - ok
    19:25:40.0711 2792 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    19:25:40.0711 2792 ose - ok
    19:25:40.0771 2792 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
    19:25:40.0771 2792 Parport - ok
    19:25:40.0801 2792 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    19:25:40.0801 2792 PartMgr - ok
    19:25:40.0851 2792 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    19:25:40.0851 2792 ParVdm - ok
    19:25:40.0861 2792 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    19:25:40.0871 2792 PCI - ok
    19:25:40.0881 2792 PCIDump - ok
    19:25:40.0911 2792 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
    19:25:40.0911 2792 PCIIde - ok
    19:25:40.0941 2792 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
    19:25:40.0951 2792 Pcmcia - ok
    19:25:40.0961 2792 PDCOMP - ok
    19:25:40.0971 2792 PDFRAME - ok
    19:25:40.0981 2792 PDRELI - ok
    19:25:41.0001 2792 PDRFRAME - ok
    19:25:41.0011 2792 perc2 - ok
    19:25:41.0021 2792 perc2hib - ok
    19:25:41.0171 2792 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
    19:25:41.0181 2792 PlugPlay - ok
    19:25:41.0222 2792 Pml Driver HPZ12 (fb03f341ff5380394bf2ee52f1979925) C:\WINDOWS\system32\HPZipm12.exe
    19:25:41.0232 2792 Pml Driver HPZ12 - ok
    19:25:41.0252 2792 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    19:25:41.0262 2792 PolicyAgent - ok
    19:25:41.0292 2792 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    19:25:41.0302 2792 PptpMiniport - ok
    19:25:41.0312 2792 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    19:25:41.0322 2792 ProtectedStorage - ok
    19:25:41.0342 2792 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    19:25:41.0342 2792 PSched - ok
    19:25:41.0362 2792 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    19:25:41.0362 2792 Ptilink - ok
    19:25:41.0382 2792 ql1080 - ok
    19:25:41.0392 2792 Ql10wnt - ok
    19:25:41.0402 2792 ql12160 - ok
    19:25:41.0412 2792 ql1240 - ok
    19:25:41.0432 2792 ql1280 - ok
    19:25:41.0462 2792 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    19:25:41.0462 2792 RasAcd - ok
    19:25:41.0502 2792 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
    19:25:41.0502 2792 RasAuto - ok
    19:25:41.0532 2792 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    19:25:41.0542 2792 Rasl2tp - ok
    19:25:41.0602 2792 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
    19:25:41.0612 2792 RasMan - ok
    19:25:41.0622 2792 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    19:25:41.0632 2792 RasPppoe - ok
    19:25:41.0642 2792 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    19:25:41.0642 2792 Raspti - ok
    19:25:41.0682 2792 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    19:25:41.0682 2792 Rdbss - ok
    19:25:41.0702 2792 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    19:25:41.0712 2792 RDPCDD - ok
    19:25:41.0762 2792 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
    19:25:41.0762 2792 RDPWD - ok
    19:25:41.0812 2792 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
    19:25:41.0822 2792 RDSessMgr - ok
    19:25:41.0862 2792 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    19:25:41.0862 2792 redbook - ok
    19:25:41.0893 2792 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
    19:25:41.0903 2792 RemoteAccess - ok
    19:25:41.0943 2792 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
    19:25:41.0953 2792 RpcLocator - ok
    19:25:42.0023 2792 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
    19:25:42.0033 2792 RpcSs - ok
    19:25:42.0083 2792 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
    19:25:42.0093 2792 RSVP - ok
    19:25:42.0123 2792 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    19:25:42.0123 2792 SamSs - ok
    19:25:42.0223 2792 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    19:25:42.0223 2792 SASDIFSV - ok
    19:25:42.0243 2792 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    19:25:42.0243 2792 SASKUTIL - ok
    19:25:42.0543 2792 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
    19:25:42.0584 2792 SBAMSvc - ok
    19:25:42.0694 2792 sbaphd (62ba65cc0b4a4bd1eaff5fed6e2b5069) C:\WINDOWS\system32\drivers\sbaphd.sys
    19:25:42.0694 2792 sbaphd - ok
    19:25:42.0724 2792 sbapifs (3fff8cda4d2f29ca06f1557e85163c30) C:\WINDOWS\system32\drivers\sbapifs.sys
    19:25:42.0724 2792 sbapifs - ok
    19:25:42.0794 2792 SbFw (dc19ff9879775ac86baa9c9282573e87) C:\WINDOWS\system32\drivers\SbFw.sys
    19:25:42.0794 2792 SbFw - ok
    19:25:42.0824 2792 SBFWIMCL (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\sbfwim.sys
    19:25:42.0824 2792 SBFWIMCL - ok
    19:25:42.0844 2792 SBFWIMCLMP (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
    19:25:42.0854 2792 SBFWIMCLMP - ok
    19:25:42.0884 2792 sbhips (1afd7178ab9c4fce2d332da7aa474fa6) C:\WINDOWS\system32\drivers\sbhips.sys
    19:25:42.0884 2792 sbhips - ok
    19:25:42.0924 2792 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\WINDOWS\system32\drivers\SBREdrv.sys
    19:25:42.0924 2792 SBRE - ok
    19:25:42.0954 2792 sbtis (3ccb4c5686d23033fd01835bed868b4b) C:\WINDOWS\system32\drivers\sbtis.sys
    19:25:42.0954 2792 sbtis - ok
    19:25:43.0014 2792 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
    19:25:43.0014 2792 SCardSvr - ok
    19:25:43.0074 2792 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
    19:25:43.0084 2792 Schedule - ok
    19:25:43.0134 2792 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    19:25:43.0134 2792 Secdrv - ok
    19:25:43.0184 2792 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
    19:25:43.0184 2792 seclogon - ok
    19:25:43.0214 2792 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
    19:25:43.0224 2792 SENS - ok
    19:25:43.0264 2792 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    19:25:43.0264 2792 serenum - ok
    19:25:43.0325 2792 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
    19:25:43.0325 2792 Serial - ok
    19:25:43.0405 2792 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    19:25:43.0405 2792 Sfloppy - ok
    19:25:43.0465 2792 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
    19:25:43.0475 2792 SharedAccess - ok
    19:25:43.0525 2792 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    19:25:43.0535 2792 ShellHWDetection - ok
    19:25:43.0545 2792 Simbad - ok
    19:25:43.0575 2792 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    19:25:43.0585 2792 SLIP - ok
    19:25:43.0615 2792 Sparrow - ok
    19:25:43.0645 2792 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    19:25:43.0645 2792 splitter - ok
    19:25:43.0695 2792 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
    19:25:43.0705 2792 Spooler - ok
    19:25:43.0735 2792 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    19:25:43.0735 2792 sr - ok
    19:25:43.0795 2792 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
    19:25:43.0805 2792 srservice - ok
    19:25:43.0845 2792 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    19:25:43.0855 2792 Srv - ok
    19:25:43.0895 2792 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
    19:25:43.0905 2792 SSDPSRV - ok
    19:25:43.0976 2792 STAC97 (5813d453ef8ce49d607c255cf128aceb) C:\WINDOWS\system32\drivers\stac97.sys
    19:25:43.0976 2792 STAC97 - ok
    19:25:44.0046 2792 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
    19:25:44.0056 2792 stisvc - ok
    19:25:44.0096 2792 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    19:25:44.0096 2792 streamip - ok
    19:25:44.0136 2792 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    19:25:44.0136 2792 swenum - ok
    19:25:44.0166 2792 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    19:25:44.0176 2792 swmidi - ok
    19:25:44.0186 2792 SwPrv - ok
    19:25:44.0206 2792 symc810 - ok
    19:25:44.0216 2792 symc8xx - ok
    19:25:44.0226 2792 sym_hi - ok
    19:25:44.0236 2792 sym_u3 - ok
    19:25:44.0296 2792 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    19:25:44.0306 2792 sysaudio - ok
    19:25:44.0356 2792 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
    19:25:44.0366 2792 SysmonLog - ok
    19:25:44.0416 2792 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
    19:25:44.0426 2792 TapiSrv - ok
    19:25:44.0486 2792 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    19:25:44.0486 2792 Tcpip - ok
    19:25:44.0536 2792 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    19:25:44.0536 2792 TDPIPE - ok
    19:25:44.0556 2792 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    19:25:44.0556 2792 TDTCP - ok
    19:25:44.0596 2792 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    19:25:44.0596 2792 TermDD - ok
    19:25:44.0656 2792 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
    19:25:44.0667 2792 TermService - ok
    19:25:44.0727 2792 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    19:25:44.0737 2792 Themes - ok
    19:25:44.0747 2792 TosIde - ok
    19:25:44.0797 2792 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
    19:25:44.0807 2792 TrkWks - ok
    19:25:44.0867 2792 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    19:25:44.0877 2792 Udfs - ok
    19:25:44.0887 2792 ultra - ok
    19:25:44.0957 2792 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    19:25:44.0957 2792 Update - ok
    19:25:45.0007 2792 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
    19:25:45.0017 2792 upnphost - ok
    19:25:45.0037 2792 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
    19:25:45.0047 2792 UPS - ok
    19:25:45.0087 2792 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
    19:25:45.0087 2792 USBAAPL - ok
    19:25:45.0137 2792 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
    19:25:45.0137 2792 usbaudio - ok
    19:25:45.0177 2792 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    19:25:45.0177 2792 usbccgp - ok
    19:25:45.0217 2792 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    19:25:45.0217 2792 usbehci - ok
    19:25:45.0237 2792 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    19:25:45.0237 2792 usbhub - ok
    19:25:45.0287 2792 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    19:25:45.0287 2792 usbprint - ok
    19:25:45.0307 2792 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    19:25:45.0317 2792 usbscan - ok
    19:25:45.0347 2792 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    19:25:45.0357 2792 USBSTOR - ok
    19:25:45.0388 2792 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    19:25:45.0398 2792 usbuhci - ok
    19:25:45.0428 2792 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
    19:25:45.0438 2792 usbvideo - ok
    19:25:45.0468 2792 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    19:25:45.0468 2792 VgaSave - ok
    19:25:45.0488 2792 ViaIde - ok
    19:25:45.0498 2792 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
    19:25:45.0508 2792 VolSnap - ok
    19:25:45.0578 2792 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
    19:25:45.0588 2792 VSS - ok
    19:25:45.0648 2792 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
    19:25:45.0658 2792 W32Time - ok
    19:25:45.0708 2792 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    19:25:45.0708 2792 Wanarp - ok
    19:25:45.0718 2792 WDICA - ok
    19:25:45.0738 2792 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    19:25:45.0748 2792 wdmaud - ok
    19:25:45.0788 2792 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
    19:25:45.0798 2792 WebClient - ok
    19:25:45.0898 2792 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
    19:25:45.0898 2792 winmgmt - ok
    19:25:45.0928 2792 wltrysvc - ok
    19:25:45.0958 2792 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
    19:25:45.0968 2792 WmdmPmSN - ok
    19:25:45.0998 2792 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
    19:25:46.0008 2792 WmiApSrv - ok
    19:25:46.0169 2792 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
    19:25:46.0179 2792 WMPNetworkSvc - ok
    19:25:46.0359 2792 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    19:25:46.0369 2792 WPFFontCache_v0400 - ok
    19:25:46.0469 2792 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
    19:25:46.0479 2792 wscsvc - ok
    19:25:46.0519 2792 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    19:25:46.0519 2792 WSTCODEC - ok
    19:25:46.0559 2792 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
    19:25:46.0569 2792 wuauserv - ok
    19:25:46.0609 2792 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    19:25:46.0609 2792 WudfPf - ok
    19:25:46.0649 2792 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    19:25:46.0649 2792 WudfRd - ok
    19:25:46.0699 2792 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
    19:25:46.0699 2792 WudfSvc - ok
    19:25:46.0780 2792 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
    19:25:46.0800 2792 WZCSVC - ok
    19:25:46.0840 2792 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
    19:25:46.0850 2792 xmlprov - ok
    19:25:46.0880 2792 MBR (0x1B8) (f46767ae2998ea7510ca3750adfc1357) \Device\Harddisk0\DR0
    19:25:47.0410 2792 \Device\Harddisk0\DR0 - ok
    19:25:47.0430 2792 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR3
    19:25:47.0440 2792 \Device\Harddisk1\DR3 - ok
    19:25:47.0440 2792 Boot (0x1200) (2f0d37db3ad32420492557382f738d5b) \Device\Harddisk0\DR0\Partition0
    19:25:47.0440 2792 \Device\Harddisk0\DR0\Partition0 - ok
    19:25:47.0491 2792 Boot (0x1200) (2f30d4aa0736aca7d034a9ad5ef9456c) \Device\Harddisk0\DR0\Partition1
    19:25:47.0501 2792 \Device\Harddisk0\DR0\Partition1 - ok
    19:25:47.0501 2792 Boot (0x1200) (d7d38125f3ea4ea57f33464d0a75fe59) \Device\Harddisk1\DR3\Partition0
    19:25:47.0501 2792 \Device\Harddisk1\DR3\Partition0 - ok
    19:25:47.0511 2792 ============================================================
    19:25:47.0511 2792 Scan finished
    19:25:47.0511 2792 ============================================================
    19:25:47.0531 1760 Detected object count: 0
    19:25:47.0531 1760 Actual detected object count: 0
    19:25:55.0772 3956 Deinitialize success

  8. #6
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hi tshades,

    -------> Look in C:\combofix.txt For the log file.

    Joe

  9. #7
    Member
    Join Date
    Apr 2009
    Posts
    29
    Points
    0

    Default

    Hey Joe,

    When I go to that destination, Combofix is a folder that emulates the "My Computer" folder. So I click on combofix and I get to the contents of "My computer." There is no .txt file there...

  10. #8
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Because we are dealing with Combofix, I am unable to provide anymore instruction on the matter. Please wait for Fireman4it for further assistance.

    Thank- you

    Joe

  11. #9
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello,

    Please run Combofix again from Safemode and post its log.

    Now reboot into Safe Mode.
    This can be done tapping the F8 key as soon as you start your computer
    You will be brought to a menu where you can choose to boot into safe mode.
    Make sure you choose the option without networking support.
    Please see here for additional details.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  12. #10
    Member
    Join Date
    Apr 2009
    Posts
    29
    Points
    0

    Default

    Success! Combofix log below!


    ComboFix 12-06-24.03 - tshade 06/27/2012 22:26:23.2.1 - x86 MINIMAL
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1777 [GMT -5:00]
    Running from: c:\documents and settings\tshade\Desktop\Virus Fighting\ComboFix.exe
    AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    AV: Lavasoft Ad-Aware *Enabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
    FW: Lavasoft Ad-Aware *Disabled* {FF1CD5B7-1553-4625-A258-1775385CED33}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users\Application Data\TEMP
    c:\documents and settings\All Users\Application Data\TEMP\258D2F8B.TMP
    c:\documents and settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk
    c:\windows\system32\SET147.tmp
    c:\windows\system32\SET14B.tmp
    c:\windows\system32\SET14C.tmp
    c:\windows\system32\SET153.tmp
    c:\windows\system32\SET19B.tmp
    H:\autorun.inf
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-05-28 to 2012-06-28 )))))))))))))))))))))))))))))))
    .
    .
    2012-06-28 03:12 . 2012-06-28 03:12 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Ad-Aware Antivirus
    2012-06-27 06:10 . 2012-06-27 06:10 -------- d-----w- c:\documents and settings\All Users\Application Data\GetRight
    2012-06-27 06:07 . 2012-06-27 06:22 -------- d-----w- c:\documents and settings\tshade\Application Data\GetRight
    2012-06-27 06:06 . 2012-06-27 06:07 -------- d-----w- c:\program files\GetRight
    2012-06-23 18:17 . 2012-06-23 18:23 -------- d-----w- c:\documents and settings\tshade\Application Data\WildTangent
    2012-06-20 19:55 . 2012-06-20 19:55 -------- d-----w- c:\documents and settings\tshade\Application Data\Malwarebytes
    2012-06-20 19:54 . 2012-06-20 19:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2012-06-20 19:54 . 2012-04-04 20:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-06-20 19:54 . 2012-06-20 19:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-06-20 19:49 . 2012-06-20 19:49 -------- d-----w- c:\documents and settings\tshade\Application Data\SUPERAntiSpyware.com
    2012-06-20 19:48 . 2012-06-20 19:49 -------- d-----w- c:\program files\SUPERAntiSpyware
    2012-06-20 19:48 . 2012-06-20 19:48 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
    2012-06-19 15:48 . 2012-06-19 15:54 -------- d-----w- c:\documents and settings\tshade\Application Data\BigFish All My Gods
    2012-06-19 15:10 . 2012-06-19 15:20 -------- d-----w- c:\documents and settings\tshade\Application Data\Islands2
    2012-06-18 02:18 . 2012-06-18 02:18 -------- d-----w- c:\documents and settings\tshade\.config
    2012-06-12 22:42 . 2012-05-11 14:42 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
    2012-06-08 04:05 . 2012-06-23 18:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Tarma Installer
    2012-06-08 03:50 . 2012-06-08 03:50 -------- d-----w- c:\program files\MSXML 4.0
    2012-06-07 14:16 . 2012-06-07 14:16 -------- d-----w- c:\documents and settings\LocalService\Application Data\Ad-Aware Antivirus
    2012-06-07 14:14 . 2012-06-07 14:14 -------- d-----w- c:\documents and settings\tshade\Local Settings\Application Data\adaware
    2012-06-07 14:14 . 2012-06-07 14:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Ad-Aware Browsing Protection
    2012-06-07 14:13 . 2011-11-29 11:59 77816 ----a-w- c:\windows\system32\drivers\sbapifs.sys
    2012-06-07 14:13 . 2011-11-29 11:59 21240 ----a-w- c:\windows\system32\drivers\sbaphd.sys
    2012-06-07 14:13 . 2011-12-19 17:44 93816 ----a-w- c:\windows\system32\drivers\sbhips.sys
    2012-06-07 14:13 . 2011-12-19 17:44 217976 ----a-w- c:\windows\system32\drivers\sbtis.sys
    2012-06-07 14:13 . 2011-09-29 17:16 94584 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
    2012-06-07 14:13 . 2011-12-19 17:44 335224 ----a-w- c:\windows\system32\drivers\SbFw.sys
    2012-06-07 14:13 . 2012-06-07 14:13 -------- d-----w- c:\windows\system32\drivers\VDD
    2012-06-07 14:13 . 2012-06-09 03:41 -------- d-----w- c:\program files\Ad-Aware Antivirus
    2012-06-07 14:08 . 2012-06-25 00:28 -------- d-----w- c:\documents and settings\tshade\Application Data\Ad-Aware Antivirus
    2012-06-07 14:03 . 2012-06-17 03:46 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
    2012-06-07 14:03 . 2012-06-17 03:46 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
    2012-06-04 01:35 . 2012-06-15 21:57 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-06-01 17:58 . 2012-06-01 17:59 -------- d-----w- c:\program files\Life Quest 2 - Metropoville
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-06-15 21:57 . 2011-06-23 05:27 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-06-02 20:19 . 2009-08-07 00:24 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
    2012-06-02 20:19 . 2010-10-15 21:12 329240 ----a-w- c:\windows\system32\wucltui.dll
    2012-06-02 20:19 . 2010-10-15 21:12 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
    2012-06-02 20:19 . 2010-10-15 21:12 210968 ----a-w- c:\windows\system32\wuweb.dll
    2012-06-02 20:19 . 2009-08-07 00:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
    2012-06-02 20:19 . 2010-10-16 00:40 45080 ----a-w- c:\windows\system32\wups2.dll
    2012-06-02 20:19 . 2010-10-15 21:12 35864 ----a-w- c:\windows\system32\wups.dll
    2012-06-02 20:19 . 2010-10-15 21:12 53784 ----a-w- c:\windows\system32\wuauclt.exe
    2012-06-02 20:19 . 2009-08-07 00:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
    2012-06-02 20:19 . 2004-08-04 10:00 97304 ----a-w- c:\windows\system32\cdm.dll
    2012-06-02 20:19 . 2009-08-07 00:24 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
    2012-06-02 20:19 . 2010-10-15 21:12 577048 ----a-w- c:\windows\system32\wuapi.dll
    2012-06-02 20:19 . 2010-10-15 21:12 1933848 ----a-w- c:\windows\system32\wuaueng.dll
    2012-05-31 13:22 . 2004-08-04 10:00 599040 ----a-w- c:\windows\system32\crypt32.dll
    2012-05-16 15:08 . 2006-03-04 03:33 916992 ----a-w- c:\windows\system32\wininet.dll
    2012-05-15 13:20 . 2004-08-04 10:00 1863168 ----a-w- c:\windows\system32\win32k.sys
    2012-05-11 14:42 . 2004-08-04 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2012-05-11 14:42 . 2004-08-04 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2012-05-11 11:38 . 2004-08-04 10:00 385024 ----a-w- c:\windows\system32\html.iec
    2012-05-04 13:12 . 2005-03-30 01:23 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-05-04 12:32 . 2005-03-30 01:01 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-05-02 13:46 . 2010-10-15 21:10 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-04-19 01:56 . 2012-04-19 01:56 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2012-04-19 01:56 . 2012-04-19 01:56 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2012-06-17 03:46 . 2011-05-06 04:55 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 94208 ----a-w- c:\documents and settings\tshade\Application Data\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 94208 ----a-w- c:\documents and settings\tshade\Application Data\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 94208 ----a-w- c:\documents and settings\tshade\Application Data\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 94208 ----a-w- c:\documents and settings\tshade\Application Data\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2012-05-13 6379888]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-06-11 3905408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Ad-Aware Antivirus"="c:\program files\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
    "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-19 1347584]
    "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-11-11 344064]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
    "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
    "Ad-Aware Browsing Protection"="c:\documents and settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888]
    .
    c:\documents and settings\tshade\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\documents and settings\tshade\Application Data\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
    .
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    GetRight.lnk - c:\program files\GetRight\GetRight.exe [2012-6-27 4657424]
    hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-9 147456]
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
    @="Ad-Aware Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
    @="Service"
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^tshade^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
    backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
    2008-10-25 16:44 31072 -c--a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "FirewallOverride"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
    "c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Documents and Settings\\tshade\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
    .
    R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 6:38 PM 116608]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
    S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2/15/2012 9:32 AM 435032]
    S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10/15/2010 9:04 PM 314456]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 11:27 AM 12880]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 4:55 PM 67664]
    S1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [6/7/2012 9:13 AM 21240]
    S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [6/7/2012 9:13 AM 335224]
    S1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [10/26/2011 2:23 PM 101112]
    S1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [6/7/2012 9:13 AM 217976]
    S2 Ad-Aware Service;Ad-Aware Service;c:\program files\Ad-Aware Antivirus\AdAwareService.exe [5/3/2012 6:37 PM 1226096]
    S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/15/2010 9:04 PM 20568]
    S2 SBAMSvc;Ad-Aware;c:\program files\Ad-Aware Antivirus\SBAMSvc.exe [12/19/2011 1:20 PM 3289032]
    S2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [6/7/2012 9:13 AM 77816]
    S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/29/2012 1:28 PM 113120]
    S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [6/7/2012 9:13 AM 94584]
    S3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [6/7/2012 9:13 AM 94584]
    S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [6/7/2012 9:13 AM 93816]
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-06-25 c:\windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
    - c:\progra~1\AD-AWA~1\AdAwareLauncher.exe [2012-05-03 23:37]
    .
    2012-06-22 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
    .
    2011-03-05 c:\windows\Tasks\FRU Task 2003-04-10 00:56ewlett-Packard2003-04-10 00:56p psc 1200 series272A572217594EBCF1CEE215E352B92AD073FDE4290987573.job
    - c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-09 23:56]
    .
    .
    ------- Supplementary Scan -------
    .
    uInternet Settings,ProxyOverride = *.local
    IE: Download with GetRight - c:\program files\GetRight\GRdownload.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Open with GetRight Browser - c:\program files\GetRight\GRbrowse.htm
    TCP: DhcpNameServer = 192.168.2.1
    FF - ProfilePath - c:\documents and settings\tshade\Application Data\Mozilla\Firefox\Profiles\w2nqrddu.default\
    FF - prefs.js: browser.startup.homepage - AOL.com - News, Sports, Weather, Entertainment, Local & Lifestyle
    FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z206&form=ZGAADF&install_date=20111126&q=
    FF - user.js: extensions.autoDisableScopes - 14
    .
    - - - - ORPHANS REMOVED - - - -
    .
    HKCU-Run-Bhisodinirey - c:\windows\msre32.dll
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
    Rootkit scan 2012-06-27 22:39
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'winlogon.exe'(208)
    c:\program files\SUPERAntiSpyware\SASWINLO.DLL
    c:\windows\system32\WININET.dll
    c:\windows\system32\Ati2evxx.dll
    c:\windows\System32\BCMLogon.dll
    .
    Completion time: 2012-06-27 22:42:52
    ComboFix-quarantined-files.txt 2012-06-28 03:42
    .
    Pre-Run: 55,183,233,024 bytes free
    Post-Run: 55,723,814,912 bytes free
    .
    - - End Of File - - 502863A50CB2C969A9AF24DBE2B5D30F

Page 1 of 2 12 LastLast