Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirected


  • Please log in to reply
4 replies to this topic

#1 joshwlyons

joshwlyons

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:23 PM

Posted 24 July 2011 - 12:56 PM

hey yall i have had this issue for a while now, i picked up virus and had some issues with losing a bunch of stuff on my comp. now everytime i use google and i click a link it redirects me to several different and unwanted sites. any help would be greatly appreciated. O and just a fyi i am not very computer savy so please dont assume that i understand what you are saying. Thank you very much for your time and help!

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:23 PM

Posted 24 July 2011 - 01:01 PM

Hello and welcome. I moved thos from WIN7 to the Am I Infected forum.

We need to run a couple tools and see how it is after.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.5.9.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.


Reboot into Safe Mode with Networking
How to start Windows 7 in Safe Mode



Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.



Now reboot to Normal and run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
[color=green]Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


Troubleshoot Malwarebytes' Anti-Malware

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 joshwlyons

joshwlyons
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:23 PM

Posted 24 July 2011 - 10:05 PM

2011/07/24 14:15:17.0509 3876 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/24 14:15:18.0114 3876 ================================================================================
2011/07/24 14:15:18.0114 3876 SystemInfo:
2011/07/24 14:15:18.0115 3876
2011/07/24 14:15:18.0115 3876 OS Version: 6.1.7600 ServicePack: 0.0
2011/07/24 14:15:18.0115 3876 Product type: Workstation
2011/07/24 14:15:18.0115 3876 ComputerName: JOSH-PC
2011/07/24 14:15:18.0115 3876 UserName: Josh
2011/07/24 14:15:18.0115 3876 Windows directory: C:\Windows
2011/07/24 14:15:18.0115 3876 System windows directory: C:\Windows
2011/07/24 14:15:18.0115 3876 Processor architecture: Intel x86
2011/07/24 14:15:18.0115 3876 Number of processors: 1
2011/07/24 14:15:18.0115 3876 Page size: 0x1000
2011/07/24 14:15:18.0115 3876 Boot type: Normal boot
2011/07/24 14:15:18.0115 3876 ================================================================================
2011/07/24 14:15:18.0653 3876 Initialize success
2011/07/24 14:15:21.0284 1920 ================================================================================
2011/07/24 14:15:21.0284 1920 Scan started
2011/07/24 14:15:21.0284 1920 Mode: Manual;
2011/07/24 14:15:21.0284 1920 ================================================================================
2011/07/24 14:15:22.0762 1920 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/07/24 14:15:22.0865 1920 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/07/24 14:15:22.0959 1920 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/07/24 14:15:23.0105 1920 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/07/24 14:15:23.0232 1920 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/07/24 14:15:23.0351 1920 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/07/24 14:15:23.0525 1920 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
2011/07/24 14:15:23.0741 1920 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
2011/07/24 14:15:23.0939 1920 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/07/24 14:15:24.0178 1920 ALCXWDM (7997b6f02cbda0e31fa18cc85871b938) C:\Windows\system32\drivers\RTKVAC.SYS
2011/07/24 14:15:24.0457 1920 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/07/24 14:15:24.0562 1920 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/07/24 14:15:24.0691 1920 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/07/24 14:15:24.0838 1920 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/07/24 14:15:24.0948 1920 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/07/24 14:15:25.0062 1920 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
2011/07/24 14:15:25.0173 1920 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/07/24 14:15:25.0269 1920 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
2011/07/24 14:15:25.0435 1920 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/07/24 14:15:25.0602 1920 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/07/24 14:15:25.0696 1920 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/07/24 14:15:25.0859 1920 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/24 14:15:25.0938 1920 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/07/24 14:15:26.0174 1920 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/07/24 14:15:26.0299 1920 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/07/24 14:15:26.0542 1920 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/07/24 14:15:26.0730 1920 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/07/24 14:15:26.0828 1920 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/24 14:15:26.0948 1920 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/07/24 14:15:27.0067 1920 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/07/24 14:15:27.0307 1920 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\system32\DRIVERS\BrSerId.sys
2011/07/24 14:15:27.0414 1920 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/07/24 14:15:27.0533 1920 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/07/24 14:15:27.0639 1920 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\DRIVERS\BrUsbSer.sys
2011/07/24 14:15:27.0730 1920 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/07/24 14:15:28.0046 1920 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS
2011/07/24 14:15:28.0207 1920 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/24 14:15:28.0454 1920 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/24 14:15:28.0707 1920 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/07/24 14:15:28.0813 1920 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/07/24 14:15:29.0038 1920 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/07/24 14:15:29.0528 1920 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/07/24 14:15:29.0735 1920 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/07/24 14:15:29.0944 1920 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/07/24 14:15:30.0084 1920 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/07/24 14:15:30.0289 1920 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/07/24 14:15:30.0568 1920 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
2011/07/24 14:15:30.0746 1920 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/07/24 14:15:30.0965 1920 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/07/24 14:15:31.0164 1920 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/07/24 14:15:31.0293 1920 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/24 14:15:31.0699 1920 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/07/24 14:15:32.0027 1920 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/07/24 14:15:32.0214 1920 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/07/24 14:15:32.0447 1920 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/07/24 14:15:32.0541 1920 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/07/24 14:15:32.0791 1920 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/24 14:15:32.0967 1920 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/07/24 14:15:33.0041 1920 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/07/24 14:15:33.0241 1920 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/24 14:15:33.0389 1920 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/07/24 14:15:33.0564 1920 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/07/24 14:15:33.0663 1920 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/24 14:15:33.0878 1920 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/07/24 14:15:34.0019 1920 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/07/24 14:15:34.0288 1920 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/07/24 14:15:34.0398 1920 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/24 14:15:34.0543 1920 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/07/24 14:15:34.0693 1920 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/07/24 14:15:34.0818 1920 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/07/24 14:15:35.0063 1920 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/07/24 14:15:35.0267 1920 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/07/24 14:15:35.0398 1920 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/07/24 14:15:35.0625 1920 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/07/24 14:15:35.0790 1920 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/24 14:15:35.0947 1920 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
2011/07/24 14:15:36.0141 1920 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/07/24 14:15:36.0328 1920 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/07/24 14:15:36.0536 1920 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/24 14:15:36.0722 1920 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/07/24 14:15:36.0863 1920 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/07/24 14:15:36.0990 1920 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/07/24 14:15:37.0121 1920 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/07/24 14:15:37.0244 1920 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/24 14:15:37.0445 1920 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/24 14:15:37.0618 1920 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/07/24 14:15:37.0793 1920 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/24 14:15:37.0890 1920 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/07/24 14:15:38.0147 1920 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/24 14:15:38.0388 1920 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/07/24 14:15:38.0487 1920 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/07/24 14:15:38.0671 1920 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/07/24 14:15:38.0790 1920 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/07/24 14:15:38.0943 1920 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/07/24 14:15:39.0313 1920 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/07/24 14:15:39.0541 1920 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/07/24 14:15:39.0754 1920 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/07/24 14:15:39.0937 1920 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/24 14:15:40.0043 1920 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/24 14:15:40.0140 1920 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/24 14:15:40.0302 1920 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/07/24 14:15:40.0519 1920 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/07/24 14:15:40.0639 1920 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/07/24 14:15:41.0596 1920 MpNWMon (f32e2d6a1640a469a9ed4f1929a4a861) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/07/24 14:15:41.0911 1920 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/24 14:15:42.0226 1920 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/07/24 14:15:42.0445 1920 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/24 14:15:42.0753 1920 mrxsmb10 (c108952d3660375dcb716b222912e868) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/24 14:15:42.0995 1920 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/24 14:15:43.0272 1920 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/07/24 14:15:43.0600 1920 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/07/24 14:15:43.0952 1920 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/07/24 14:15:44.0102 1920 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/07/24 14:15:44.0322 1920 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/07/24 14:15:44.0797 1920 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/24 14:15:45.0039 1920 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/24 14:15:45.0180 1920 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/07/24 14:15:45.0502 1920 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/07/24 14:15:45.0738 1920 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/24 14:15:45.0876 1920 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/07/24 14:15:45.0962 1920 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/07/24 14:15:46.0063 1920 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/07/24 14:15:46.0244 1920 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/24 14:15:46.0406 1920 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/07/24 14:15:46.0538 1920 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/07/24 14:15:46.0688 1920 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/24 14:15:46.0797 1920 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/24 14:15:46.0924 1920 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/24 14:15:47.0025 1920 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/07/24 14:15:47.0162 1920 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/24 14:15:47.0276 1920 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/24 14:15:47.0731 1920 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/07/24 14:15:47.0925 1920 NisDrv (17e2c08c5ecfbe94a7c67b1c275ee9d9) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/07/24 14:15:48.0161 1920 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/07/24 14:15:48.0254 1920 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/24 14:15:48.0494 1920 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
2011/07/24 14:15:48.0670 1920 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/07/24 14:15:48.0804 1920 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
2011/07/24 14:15:48.0923 1920 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
2011/07/24 14:15:49.0049 1920 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/07/24 14:15:49.0188 1920 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/07/24 14:15:49.0445 1920 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/07/24 14:15:49.0591 1920 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/07/24 14:15:49.0771 1920 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/07/24 14:15:49.0942 1920 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/07/24 14:15:50.0089 1920 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/07/24 14:15:50.0319 1920 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/07/24 14:15:50.0513 1920 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/07/24 14:15:50.0741 1920 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/07/24 14:15:51.0115 1920 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/24 14:15:51.0379 1920 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/07/24 14:15:51.0615 1920 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/24 14:15:51.0799 1920 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/07/24 14:15:51.0995 1920 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/07/24 14:15:52.0216 1920 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/24 14:15:52.0316 1920 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/24 14:15:52.0519 1920 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/07/24 14:15:52.0721 1920 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/24 14:15:52.0991 1920 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/24 14:15:53.0114 1920 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/24 14:15:53.0317 1920 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/24 14:15:53.0464 1920 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/07/24 14:15:53.0613 1920 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/24 14:15:53.0767 1920 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/24 14:15:53.0874 1920 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/07/24 14:15:53.0971 1920 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/07/24 14:15:54.0142 1920 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/07/24 14:15:54.0414 1920 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/24 14:15:54.0545 1920 RT2500 (ae1e626f00180bfb3ca5a81fffc65332) C:\Windows\system32\DRIVERS\RT2500.sys
2011/07/24 14:15:54.0663 1920 RTL8023xp (4e20765744bfbc16f6d6e5bd5598786b) C:\Windows\system32\DRIVERS\Rtnicxp.sys
2011/07/24 14:15:54.0899 1920 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/07/24 14:15:55.0176 1920 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/07/24 14:15:55.0394 1920 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/07/24 14:15:55.0614 1920 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/07/24 14:15:55.0775 1920 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/07/24 14:15:55.0902 1920 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/07/24 14:15:56.0164 1920 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/07/24 14:15:56.0322 1920 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/07/24 14:15:56.0487 1920 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/07/24 14:15:56.0605 1920 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/07/24 14:15:56.0876 1920 SiS315 (509d96916c7d9218e4083940b8711b9b) C:\Windows\system32\DRIVERS\sisgrp.sys
2011/07/24 14:15:56.0989 1920 SISAGP (fd1dabf8279ecfcd99eed01a7df06114) C:\Windows\system32\DRIVERS\SISAGPX.sys
2011/07/24 14:15:57.0116 1920 SiSkp (2c921a4cce0b3eb372ebf448939fa3bf) C:\Windows\system32\DRIVERS\srvkp.sys
2011/07/24 14:15:57.0251 1920 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/07/24 14:15:57.0396 1920 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/07/24 14:15:57.0616 1920 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/07/24 14:15:57.0950 1920 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/07/24 14:15:58.0183 1920 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
2011/07/24 14:15:58.0313 1920 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/24 14:15:58.0547 1920 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/24 14:15:58.0827 1920 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/07/24 14:15:58.0999 1920 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/24 14:15:59.0261 1920 Tcpip (0158d5e9982e9d6a90dfc802f618e130) C:\Windows\system32\drivers\tcpip.sys
2011/07/24 14:15:59.0509 1920 TCPIP6 (0158d5e9982e9d6a90dfc802f618e130) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/24 14:15:59.0722 1920 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/24 14:15:59.0834 1920 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/07/24 14:15:59.0988 1920 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/07/24 14:16:00.0127 1920 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/24 14:16:00.0246 1920 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/24 14:16:00.0505 1920 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/24 14:16:00.0605 1920 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/24 14:16:00.0699 1920 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/07/24 14:16:00.0849 1920 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/24 14:16:01.0050 1920 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/07/24 14:16:01.0162 1920 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/24 14:16:01.0273 1920 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/07/24 14:16:01.0434 1920 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\drivers\usbccgp.sys
2011/07/24 14:16:01.0574 1920 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/07/24 14:16:01.0702 1920 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/24 14:16:01.0876 1920 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/24 14:16:02.0007 1920 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\DRIVERS\usbohci.sys
2011/07/24 14:16:02.0123 1920 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/24 14:16:02.0246 1920 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/07/24 14:16:02.0423 1920 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/24 14:16:02.0547 1920 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\drivers\usbuhci.sys
2011/07/24 14:16:02.0722 1920 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/07/24 14:16:02.0874 1920 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/24 14:16:02.0976 1920 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/07/24 14:16:03.0099 1920 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/07/24 14:16:03.0227 1920 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/07/24 14:16:03.0376 1920 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/07/24 14:16:03.0479 1920 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/07/24 14:16:03.0621 1920 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/07/24 14:16:03.0805 1920 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/07/24 14:16:03.0931 1920 volsnap (7c28b63e4c9e5c3be7ffe53789593619) C:\Windows\system32\DRIVERS\volsnap.sys
2011/07/24 14:16:03.0933 1920 Suspicious file (Forged): C:\Windows\system32\DRIVERS\volsnap.sys. Real md5: 7c28b63e4c9e5c3be7ffe53789593619, Fake md5: 58df9d2481a56edde167e51b334d44fd
2011/07/24 14:16:03.0962 1920 volsnap - detected Rootkit.Win32.TDSS.tdl3 (0)
2011/07/24 14:16:04.0150 1920 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/07/24 14:16:04.0321 1920 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/07/24 14:16:04.0552 1920 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/07/24 14:16:04.0700 1920 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/24 14:16:04.0788 1920 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/24 14:16:04.0973 1920 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\Windows\system32\DRIVERS\wanatw4.sys
2011/07/24 14:16:05.0226 1920 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/07/24 14:16:05.0353 1920 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/24 14:16:05.0651 1920 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/07/24 14:16:05.0750 1920 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/07/24 14:16:06.0099 1920 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/07/24 14:16:06.0213 1920 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/07/24 14:16:06.0528 1920 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/24 14:16:06.0705 1920 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/07/24 14:16:06.0921 1920 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/24 14:16:07.0119 1920 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/07/24 14:16:07.0174 1920 Boot (0x1200) (076b711952d1d6a38eb123488c99c106) \Device\Harddisk0\DR0\Partition0
2011/07/24 14:16:07.0200 1920 ================================================================================
2011/07/24 14:16:07.0200 1920 Scan finished
2011/07/24 14:16:07.0200 1920 ================================================================================
2011/07/24 14:16:07.0228 2300 Detected object count: 1
2011/07/24 14:16:07.0228 2300 Actual detected object count: 1
2011/07/24 14:16:35.0560 2300 volsnap (7c28b63e4c9e5c3be7ffe53789593619) C:\Windows\system32\DRIVERS\volsnap.sys
2011/07/24 14:16:35.0562 2300 Suspicious file (Forged): C:\Windows\system32\DRIVERS\volsnap.sys. Real md5: 7c28b63e4c9e5c3be7ffe53789593619, Fake md5: 58df9d2481a56edde167e51b334d44fd
2011/07/24 14:16:36.0518 2300 Backup copy found, using it..
2011/07/24 14:16:36.0531 2300 C:\Windows\system32\DRIVERS\volsnap.sys - will be cured after reboot
2011/07/24 14:16:36.0531 2300 Rootkit.Win32.TDSS.tdl3(volsnap) - User select action: Cure
2011/07/24 14:16:42.0907 3680 Deinitialize success



SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/24/2011 at 06:49 PM

Application Version : 4.55.1000

Core Rules Database Version : 7452
Trace Rules Database Version: 5264

Scan type : Complete Scan
Total Scan Time : 04:17:18

Memory items scanned : 580
Memory threats detected : 0
Registry items scanned : 8053
Registry threats detected : 1
File items scanned : 211300
File threats detected : 592

System.BrokenFileAssociation
HKCR\.exe

Adware.Tracking Cookie
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@search.clicksare[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@adbureau[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@hpi.rotator.hadj7.adjuggler[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@serving-sys[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@at.atwola[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@ar.atwola[3].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@newmusiccountdown.mevio[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@search.orfind[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@eyeviewads[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@publishers.clickbooth[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@questionmarket[3].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@specificclick[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@lucidmedia[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@overture[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@ads.undertone[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@adserver.adtechus[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@pro-market[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@realmedia[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@mediabrandsww[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@clickbooth[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@content.yieldmanager[3].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@dc.tremormedia[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@liveperson[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@search.findsmy[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@search.toseeking[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@rotator.hadj7.adjuggler[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@www.googleadservices[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@search.amazeclick[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@atwola[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@tribalfusion[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@media6degrees[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@shopica[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@jmp.clickbooth[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@move.122.2o7[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@cdn.jemamedia[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@adbrite[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@viacom.adbureau[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@insightexpressai[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@yieldmanager[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@c.gigcount[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@interclick[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@invitemedia[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@avgtechnologies.112.2o7[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@ads.pointroll[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@network.realmedia[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@counters.gigya[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@imrworldwide[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@2o7[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@ru4[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@collective-media[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@media.adfrontiers[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@bs.serving-sys[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@search.clickbowl[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@educationcom.112.2o7[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@adxpose[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@search.clicksfind[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@search.clicksclick[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@pointroll[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@247realmedia[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@homestore.122.2o7[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@ads.pubmatic[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@tacoda.at.atwola[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@content.yieldmanager[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@eyewonder[3].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@revsci[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@search.boltfind[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@tracking.dsmmadvantage[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@search.clickwhale[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@trafficmp[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@ads.financialcontent[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@ad.yieldmanager[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@search.findxml[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@lfstmedia[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@miva.cinomedia[1].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@a1.interclick[1].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@ad.yieldmanager[2].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@adbrite[2].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@ads.pointroll[2].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@advertising[2].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@apmebf[2].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@ar.atwola[1].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@ar.atwola[2].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@at.atwola[1].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@atdmt[1].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@atwola[1].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@casalemedia[2].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@cdn.at.atwola[1].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@cdn1.trafficmp[2].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@doubleclick[1].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@fastclick[1].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@interclick[2].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@invitemedia[1].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@mediaplex[2].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@pointroll[2].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@ru4[1].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@tacoda[2].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@trafficmp[2].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@yieldmanager[1].txt
C:\Users\Josh\AppData\Local\Temp\Cookies\josh@zedo[1].txt
149.memecounter.com [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
adsatt.espn.go.com [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
cdn.insights.gravity.com [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
cdn4.specificclick.net [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
content.oddcast.com [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
convoad.technoratimedia.net [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
core.insightexpressai.com [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
findwaldo.com [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
ia.media-imdb.com [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
media.mtvnservices.com [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
media.scanscout.com [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
media1.break.com [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
mediaserver.vrxstudios.com [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
msnbcmedia.msn.com [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
s0.2mdn.net [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
secure-us.imrworldwide.com [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
sftrack.searchforce.net [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
udn.specificclick.net [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
uporn.com [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
www.naiadsystems.com [ C:\Users\Josh\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5TTMPTHW ]
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@a1.interclick[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@ad.yieldmanager[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@adbrite[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@ads.addynamix[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@advertising[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@ar.atwola[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@atwola[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@cdn.at.atwola[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@eyewonder[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@questionmarket[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@search.clicksthis[1].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\josh@serving-sys[2].txt
C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Cookies\Low\josh@2o7[2].txt
149.memecounter.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
150.memecounter.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
247realmedia.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
2mdn.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
adsatt.espn.go.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
bannerfarm.ace.advertising.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
interclick.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
m1.2mdn.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
media.mtvnservices.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
media.redlasso.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
media.scanscout.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
media.tattomedia.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
media.tbo.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
media1.break.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
mediaonenetwork.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
memecounter.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
msnbcmedia.msn.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
naiadsystems.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
oddcast.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
pointroll.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
porn.gonzo-movies.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
porno.dreammovies.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
sex.magicmovies.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
speed.pointroll.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
video.pornorama.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
www.blogsmithmedia.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Macromedia\Flash Player\#SharedObjects\2L9SJT58 ]
.atdmt.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.advertising.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.serving-sys.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.realmedia.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.revsci.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.revsci.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.revsci.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.revsci.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
data.coremetrics.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.dominionenterprises.112.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.112.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.insightexpressai.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.insightexpressai.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.insightexpressai.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.insightexpressai.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.insightexpressai.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.insightexpressai.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.insightexpressai.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.zedo.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.prospect.adbureau.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.interclick.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.overture.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.imrworldwide.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.statcounter.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.statcounter.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.statcounter.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.statcounter.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.bfast.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.walmartstores.112.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.tremor.adbureau.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
media.adrevolver.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.ford.112.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.247realmedia.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.247realmedia.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.burstnet.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.stpetersburgtimes.122.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.toyota.112.2o7.net [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.ad.us-ec.adtechus.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
.e-2dj6wfkoskazebo.stats.esomniture.com [ C:\Windows.old\Documents and Settings\Josh Lyons\Application Data\Mozilla\Firefox\Profiles\vo7xw7hx.default\cookies.sqlite ]
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@247realmedia[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@2o7[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@2o7[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@ad.us-ec.adtechus[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@ad.yieldmanager[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@adlegend[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@adopt.euroclick[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@adrevolver[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@ads.gametap[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@advertising[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@amlocalhost.trymedia[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@anad.tacoda[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@anat.tacoda[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@apmebf[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@apmebf[3].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@ar.atwola[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@at.atwola[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@at.atwola[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@atdmt[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@atdmt[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@bgu.directtrack[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@bs.serving-sys[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@directtrack[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@doubleclick[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@ehg-airtran.hitbox[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@ehg-traderpublishing.hitbox[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@eyewonder[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@fastclick[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@fastclick[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@ford.112.2o7[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@glb.adtechus[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@hypertracker[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@interclick[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@interclick[3].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@kelleybluebook.112.2o7[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@livenation.122.2o7[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@media.adrevolver[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@mediaplex[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@microsoftwindows.112.2o7[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@msnap.adbureau[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@overture[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@publishers.clickbooth[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@qnsr[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@questionmarket[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@realmedia[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@revsci[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@revsci[3].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@specificclick[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@statse.webtrendslive[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@tacoda[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@tgn.122.2o7[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@trackapartner[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@traffic.prod.cobaltgroup[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@trafficmp[2].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@www.allteenwebcams[1].txt
C:\Windows.old\Documents and Settings\Josh Lyons\Cookies\josh_lyons@zedo[1].txt
C:\Windows.old\Documents and Settings\NetworkService\Cookies\josh_lyons@2o7[1].txt
C:\Windows.old\Documents and Settings\Rob\Cookies\rob@2o7[2].txt
C:\Windows.old\Windows\Temp\Cookies\josh_lyons@2o7[1].txt

Rogue.Palladium
C:\Users\Josh\AppData\Roaming\uid_pal

Rogue.MSE-Fraud
C:\Users\Josh\AppData\Roaming\install
C:\Users\Josh\AppData\Roaming\completescan

Trojan.Agent/Gen-Nullo[Short]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004462.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004463.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004464.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004465.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004466.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004467.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004468.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004469.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004470.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004471.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004472.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004473.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004474.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004475.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004476.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004477.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004478.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004479.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004480.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004481.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004482.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004483.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004484.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004485.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004490.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004491.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004492.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004493.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004494.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004495.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004496.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004497.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004498.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004499.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004500.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004501.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004502.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004503.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004504.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004505.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004506.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004507.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004508.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004509.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004510.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004513.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004514.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004515.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004524.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004525.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004526.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004527.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004528.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004529.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004530.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004531.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004532.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004533.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004534.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004535.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004536.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004537.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004538.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004539.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004540.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004541.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004542.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004543.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004544.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004553.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004558.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004559.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004560.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004561.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004562.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004563.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004564.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004565.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004566.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004567.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004568.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004569.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004570.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004571.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004572.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004573.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004574.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004575.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004576.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004577.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004578.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004587.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004592.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004593.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004594.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004595.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004596.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004597.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004598.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004599.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004600.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004601.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004602.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004603.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004604.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004605.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004606.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004607.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004608.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004609.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004610.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004611.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004612.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004621.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004631.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004632.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004633.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004634.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004635.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004636.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004637.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004638.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004639.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004640.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004641.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004642.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004643.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004644.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004645.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004646.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004647.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004648.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004649.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004650.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004651.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004652.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004662.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004663.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004664.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004665.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004666.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004667.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004668.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004669.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004670.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004671.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004672.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004673.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004674.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004675.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004676.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004677.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004678.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004679.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004680.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004681.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004682.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004683.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004693.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004694.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004695.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004696.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004697.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004698.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004699.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004700.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004701.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004702.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004703.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004704.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004705.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004706.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004707.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004708.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004709.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004710.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004711.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004712.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004713.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004714.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004724.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004726.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004728.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004729.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004730.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004731.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004732.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004733.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004734.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004735.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004736.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004737.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004738.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004739.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004740.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004741.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004742.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004743.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004744.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004745.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004746.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004747.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004748.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004749.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004750.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004759.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004760.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004761.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004762.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004763.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004764.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004765.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004766.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004767.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004768.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004769.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004770.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004771.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004772.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004773.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004774.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004775.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004776.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004777.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004778.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004779.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004786.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004796.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004798.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004800.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004801.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004802.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004803.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004804.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004805.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004806.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004807.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004808.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004809.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004810.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004811.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004812.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004813.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004814.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004815.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004816.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004817.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004818.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004819.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004820.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004821.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004822.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004833.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004834.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004835.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004836.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004837.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004838.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004839.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004840.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004841.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004842.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004843.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004844.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004845.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004846.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004847.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004848.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004849.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004850.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004851.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004852.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004853.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004854.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004855.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004865.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004866.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004867.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004868.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004869.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004870.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004871.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004872.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004873.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004874.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004875.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004876.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004877.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004878.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004879.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004880.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004881.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004882.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004883.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004884.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004885.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004894.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004895.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004896.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004897.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004898.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004899.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004900.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004901.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004902.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004903.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004904.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004905.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004906.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004907.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004908.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004909.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004910.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004911.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004912.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004913.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004914.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004915.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004917.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1C24013A-44C6-46F7-BFCA-FF8F3A32F849}\RP4\A0004918.EXE

Trojan.Agent/Gen-FakeAlert
C:\WINDOWS.OLD\PROGRAM FILES\ISEEMEDIA\PHOTOVISTA SE 3.02\JRE\BIN\JUSCHED.EXE
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7268

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

7/24/2011 11:05:05 PM
mbam-log-2011-07-24 (23-05-05).txt

Scan type: Quick scan
Objects scanned: 151998
Time elapsed: 12 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 joshwlyons

joshwlyons
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:23 PM

Posted 24 July 2011 - 10:10 PM

boopme.... thank you very much for your help it works like it should now!

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:23 PM

Posted 25 July 2011 - 02:30 PM

You're welcome,looks like we slapped that one around a bit.

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users