Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hello4 Virus; I got it, and got rid of most of it.... how do I finish it off?


  • This topic is locked This topic is locked
20 replies to this topic

#1 Ross MacDonald

Ross MacDonald

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 08 August 2011 - 07:04 PM

I read and followed the instructions on how to get rid of this nasty bugger on my comp last night, and for the most part, it worked (registry Key, Rkill, MBAM). I had to run MBAM a few times, but it got it all ( I think). My computer now almost orperates properly.... the only problem that I am having is that the windows still pop up when I boot my comp. I can use the internet again (I'm on the computer right now, out of safe mode), and it seems like all my .exe's will operate, but I am still having to close 30+ windows that all say "Blank Window 2" like they did when the virus was running (pretty sure I got it from thechive.com). I've run MBAM a few more times, and come up with nothing each time. I've been doing full scans (that were taking 2.5 hours when the virus was going, but only about 45 minutes now).

Can anyone offer some advice on how I can get these phantom windows to stop opening? I'd like to get this thing running properly again.


I'm like most (I think) people who get a virus... don't know much about computers. I'm good at following directions though

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 AM

Posted 08 August 2011 - 07:26 PM

Hello and welcome.

Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.


>>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.

Re run RKill....

Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.



Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Ross MacDonald

Ross MacDonald
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 09 August 2011 - 07:38 PM

I did as you said; I accidentally save it under the administrator account so I'll have to post the logs in jsut a few minutes.

The computer seems to be running better, but I do still have a few issues;

a) when I run rkill, three windows pop up, all saying 'installation failed' but rkill runs anyway
B) a window (C:\Documents and Settings\USER.NAME\Application Data\Google pops up when I start in normal mode
c) Something called HHProducts Assistant comes up and tries to install something; that may or may not be legitimate, but it wasn't there before, and I'm not trying to install anything and my disk drive is empty.


From Security Check;

Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
eTrust Vet Antivirus
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Java™ 6 Update 17
Java™ SE Runtime Environment 6 Update 1
Java™ 6 Update 2
Java 2 Runtime Environment, SE v1.4.2_03
Out of date Java installed!
Adobe Flash Player 10.1.85.3
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Reader 9.4.4
Out of date Adobe Reader installed!
Mozilla Firefox (x86 en-US..) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

CA eTrust Vet Antivirus ISafe.exe
CA eTrust Vet Antivirus VetMsg.exe
``````````End of Log````````````

#4 Ross MacDonald

Ross MacDonald
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 09 August 2011 - 08:03 PM

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 08/08/2011 at 21:57:02.
Operating System: Microsoft Windows XP


Processes terminated by Rkill or while it was running:



Rkill completed on 08/08/2011 at 21:57:15.


http://www.bleepingcomputer.com/forums/topic413492.html

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/08/2011 at 11:21 PM

Application Version : 5.0.1108

Core Rules Database Version : 7533
Trace Rules Database Version: 5345

Scan type : Complete Scan
Total Scan Time : 01:19:19

Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 273
Memory threats detected : 0
Registry items scanned : 38975
Registry threats detected : 25
File items scanned : 120308
File threats detected : 385

Trojan.Agent/Gen-Replacer
[SoundMAXPnP] C:\PROGRAM FILES\ANALOG DEVICES\CORE\SMAX4PNP.EXE
C:\PROGRAM FILES\ANALOG DEVICES\CORE\SMAX4PNP.EXE
[SunJavaUpdateSched] C:\PROGRAM FILES\JAVA\JRE6\BIN\JUSCHED.EXE
C:\PROGRAM FILES\JAVA\JRE6\BIN\JUSCHED.EXE
[UpdateManager] C:\PROGRAM FILES\COMMON FILES\SONIC\UPDATE MANAGER\SGTRAY.EXE
C:\PROGRAM FILES\COMMON FILES\SONIC\UPDATE MANAGER\SGTRAY.EXE
[MMTray] C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
[mmtask] C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MMTASK.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MMTASK.EXE
[QuickTime Task] C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
[CaAvTray] C:\PROGRAM FILES\CA\ETRUST VET ANTIVIRUS\CAVTRAY.EXE
C:\PROGRAM FILES\CA\ETRUST VET ANTIVIRUS\CAVTRAY.EXE
[CAVRID] C:\PROGRAM FILES\CA\ETRUST VET ANTIVIRUS\CAVRID.EXE
C:\PROGRAM FILES\CA\ETRUST VET ANTIVIRUS\CAVRID.EXE
[Adobe Photo Downloader] C:\PROGRAM FILES\ADOBE\PHOTOSHOP ALBUM STARTER EDITION\3.0\APPS\APDPROXY.EXE
C:\PROGRAM FILES\ADOBE\PHOTOSHOP ALBUM STARTER EDITION\3.0\APPS\APDPROXY.EXE
[AdobeVersionCue] C:\PROGRAM FILES\ADOBE\ADOBE VERSION CUE\CONTROLPANEL\VERSIONCUETRAY.EXE
C:\PROGRAM FILES\ADOBE\ADOBE VERSION CUE\CONTROLPANEL\VERSIONCUETRAY.EXE
[HP Software Update] C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE
C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE
[Acrobat Assistant 8.0] C:\PROGRAM FILES\ADOBE\ACROBAT 8.0\ACROBAT\ACROTRAY.EXE
C:\PROGRAM FILES\ADOBE\ACROBAT 8.0\ACROBAT\ACROTRAY.EXE
[Adobe Reader Speed Launcher] C:\PROGRAM FILES\ADOBE\READER 9.0\READER\READER_SL.EXE
C:\PROGRAM FILES\ADOBE\READER 9.0\READER\READER_SL.EXE
[Adobe ARM] C:\PROGRAM FILES\COMMON FILES\ADOBE\ARM\1.0\ADOBEARM.EXE
C:\PROGRAM FILES\COMMON FILES\ADOBE\ARM\1.0\ADOBEARM.EXE
[AppleSyncNotifier] C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\APPLESYNCNOTIFIER.EXE
C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\APPLESYNCNOTIFIER.EXE
[iTunesHelper] C:\PROGRAM FILES\ITUNES\ITUNESHELPER.EXE
C:\PROGRAM FILES\ITUNES\ITUNESHELPER.EXE
[ApnUpdater] C:\PROGRAM FILES\ASK.COM\UPDATER\UPDATER.EXE
C:\PROGRAM FILES\ASK.COM\UPDATER\UPDATER.EXE
[DellSupport] C:\PROGRAM FILES\DELL SUPPORT\DSAGNT.EXE
C:\PROGRAM FILES\DELL SUPPORT\DSAGNT.EXE
C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\MSMSGS.EXE
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\MSMSGS.EXE#Path
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SGTRAY.EXE
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\smax4pnp.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\smax4pnp.exe#Path
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\LOCAL SETTINGS\APPLICATION DATA\XDM .EXE
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\LOCAL SETTINGS\APPLICATION DATA\XDM.EXE
C:\PROGRAM FILES\EFAX MESSENGER 4.4\J2GDLLCMD.EXE
C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAM .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE
C:\PROGRAM FILES\SECCOPY\SECCOPY .EXE
C:\PROGRAM FILES\SECCOPY\SECCOPY.EXE
C:\WINDOWS\SYSTEM32\K38ETL.COM
C:\WINDOWS\TEMP\FXR .EXE
C:\WINDOWS\TEMP\YTGCMO\SETUP.EXE
C:\WINDOWS\Prefetch\QTTASK.EXE-1876A1A1.pf
C:\WINDOWS\Prefetch\SECCOPY.EXE-35280272.pf
C:\WINDOWS\Prefetch\XDM.EXE-353F039D.pf

Trojan.Hugipon
HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4\Parameters
HKLM\System\CURRENTCONTROLSET\SERVICES\6TO4\Parameters#ServiceDll

Adware.Tracking Cookie
C:\Documents and Settings\Administrator\Cookies\administrator@adbrite[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.bleepingcomputer[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@collective-media[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@kontera[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[1].txt
139.memecounter.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
a.ads2.msads.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
ads2.msads.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
b.ads2.msads.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
cdn.complexmedianetwork.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
cdn4.specificclick.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
content.yieldmanager.edgesuite.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
convoad.technoratimedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
core.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
doubleclick.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
files.adbrite.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
i.adultswim.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
ia.media-imdb.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
indieclick.3janecdn.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
interclick.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
m1.2mdn.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
macromedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
media.cnbc.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
media.entertonement.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
media.ign.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
media.kyte.tv [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
media.mtvnservices.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
media.myfoxmaine.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
media.nbcdfw.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
media.scanscout.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
media.tattomedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
media.uniquepeek.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
media.vmixcore.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
media.wfaa.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
media.whosay.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
media1.break.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
media2.firstshowing.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
mediaforgews.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
medianewsgroup.a.mms.mavenapps.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
mediaplex.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
mediastore.verizonwireless.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
msnbcmedia.msn.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
naiadsystems.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
oddcast.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
pornotube.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
s0.2mdn.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
secure-uk.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
spe.atdmt.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
speed.pointroll.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
tour.collegebleepfest.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
udn.specificclick.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
video.redorbit.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
videomedia.ign.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
widgets.cracked.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
www.blogsmithmedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
www.parentingcounts.org [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
www.pornhub.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
www.pornotube.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
www.sexyandfunny.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4PZR6PLB ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.mtvn.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.viacom.adbureau.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
www.find-fast-answers.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
counter.surfcounters.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.anrtx.tacoda.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.advertise.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.bizzclick.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
www.cpcadnet.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
www.cpcadnet.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.inspiremediagrouponline.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.inspiremediagrouponline.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\V54UF7MK.DEFAULT\COOKIES.SQLITE ]
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@112.2O7[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@247REALMEDIA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@2O7[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@A.INTENTMEDIA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@A.TRIBALFUSION[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@A1.INTERCLICK[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@A1.INTERCLICK[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ACCOUNTONLINE[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@AD.WSOD[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@AD.WSOD[3].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@AD.YIELDMANAGER[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@AD.YIELDMANAGER[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADBRITE[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADINTERAX[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADINTERAX[3].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADS.ADHOSTINGSOLUTIONS[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADS.AS4X.TMCS[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADS.BLEEPINGCOMPUTER[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADS.BLEEPINGCOMPUTER[3].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADS.FOODBUZZ[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADS.MYCRICKET[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADS.PGATOUR[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADS.POINTROLL[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADS.PUBMATIC[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADS.UNDERTONE[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADS.VIMG[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADSERV.BRANDAFFINITY[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADSERVER.ADTECHUS[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADSERVER.BUFFALORISING[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADSERVER.MORE4KIDS[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADTECH[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADVERTISE[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADVERTISING[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADVERTISING[3].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADVIVA[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ADXPOSE[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@APMEBF[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@APMEBF[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@AR.ATWOLA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@AT.ATWOLA[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ATDMT[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ATDMT[3].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ATWOLA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@BRAVENET[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@BS.SERVING-SYS[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@BURSTNET[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@C.GIGCOUNT[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@CADENCE.112.2O7[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@CASALEMEDIA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@CDN1.TRAFFICMP[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@CITI.BRIDGETRACK[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@CLICK.MAIL.HOTELS[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@COLLECTIVE-MEDIA[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@COLLECTIVE-MEDIA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@CONTENT.YIELDMANAGER[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@CONTENT.YIELDMANAGER[3].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@CONTENT.YIELDMANAGER[4].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@DATA.COREMETRICS[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@DC.TREMORMEDIA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@DISCOUNT-TEAK-FURNITURE[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@DMTRACKER[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@DOUBLECLICK[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@DOUBLECLICK[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@DOUBLECLICK[3].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@EHG-REDDOORINTERACTIVE.HITBOX[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@EHG-VERIZON.HITBOX[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@EVITE.112.2O7[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@EYEWONDER[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@FASTCLICK[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@FASTCLICK[3].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@FINDARTICLES[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@GIFTSCOM.122.2O7[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@GOOGLEADS.G.DOUBLECLICK[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@HITBOX[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@HOTWIRE.DB.ADVERTISING[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@IMRWORLDWIDE[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@IN.GETCLICKY[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@INSIGHTEXPRESSAI[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@INTERCLICK[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@INTERCLICK[3].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@INTERMUNDOMEDIA[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@INVITEMEDIA[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@INVITEMEDIA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@KANTARMEDIA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@KONTERA[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@KONTERA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@LEGOLAS-MEDIA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@LFSTMEDIA[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@LIVEPERSON[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@LIVEPERSON[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@LUCIDMEDIA[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@LUCIDMEDIA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@LUCIDMEDIA[3].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@MARKETLIVE.122.2O7[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@MARTHASTEWART.122.2O7[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@MEDIA.ADFRONTIERS[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@MEDIA.MTVNSERVICES[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@MEDIA2.LEGACY[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@MEDIA6DEGREES[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@MEDIABRANDSWW[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@MEDIAFIRE[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@MEDIAFIRE[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@MEDIAPLEX[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@MICROSOFTWINDOWS.112.2O7[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@MLBAM.112.2O7[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@MM.CHITIKA[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@NETWORLDMEDIA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@OPTIMOST[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ORBITZAWAY.122.2O7[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@OVERTURE[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@PARENTINGCOUNTS[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@PAYPAL.112.2O7[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@PETMEDS.DB.ADVERTISING[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@POINTROLL[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@PRO-MARKET[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@QUESTIONMARKET[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@R1-ADS.ACE.ADVERTISING[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@REALMEDIA[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@REVSCI[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@RICHMEDIA.YAHOO[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ROTATOR.ADJUGGLER[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@RU4[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@SERVING-SYS[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@SERVING-SYS[3].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@SMARTADSERVER[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@SOLUTION.WEBORAMA[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@SOLVEMEDIA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@SPECIFICCLICK[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@SPECIFICMEDIA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@STATCOUNTER[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@STATSE.WEBTRENDSLIVE[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@STEELHOUSEMEDIA[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@SUPERSTATS[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@SURLATABLE.122.2O7[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@SURVEYMONKEY.122.2O7[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@T.INVITEMEDIA[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@TACODA.AT.ATWOLA[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@TRACKING.HEARTHSTONEONLINE[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@TRAFFICMP[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@TRAVELADVERTISING[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@TRIBALFUSION[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@USER.LUCIDMEDIA[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@USOC.122.2O7[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@VIACOM.ADBUREAU[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@WWW.ACCOUNTONLINE[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@WWW.BURSTNET[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@WWW.CLICKMANAGE[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@WWW.GOOGLEADSERVICES[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@WWW.GOOGLEADSERVICES[4].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@XITI[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@YIELDMANAGER[1].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@YIELDMANAGER[2].TXT
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\COOKIES\LAURIE.MOBILIO@ZEDO[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@AD.YIELDMANAGER[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@ADBRITE[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@ADS.POINTROLL[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@ADVERTISING[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@ATDMT[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@CONTENT.YIELDMANAGER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@CRACKED[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@DOUBLECLICK[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@EHG-TECHTARGET.HITBOX[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@HITBOX[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@IMRWORLDWIDE[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@IMRWORLDWIDE[3].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@INVITEMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@KANOODLE[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@LUCIDMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@MEDIA.ADFRONTIERS[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@MEDIA6DEGREES[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@MSNBC.112.2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@PETFINDER[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@POINTROLL[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@QUESTIONMARKET[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@REVSCI[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@RU4[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@SPECIFICCLICK[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@STATCOUNTER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@ZEDO[2].TXT

Trojan.Agent/Gen-Kryptik
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\HKI457.EXE
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\HKI549.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\6NN05D16.EXE
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\LOCAL SETTINGS\TEMP\HKI359.EXE
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\LOCAL SETTINGS\TEMP\HKI368.EXE
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\LOCAL SETTINGS\TEMP\HKI370.EXE
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\LOCAL SETTINGS\TEMP\HKI371.EXE
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\LOCAL SETTINGS\TEMP\HKI373.EXE
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\LOCAL SETTINGS\TEMP\HKI375.EXE
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\LOCAL SETTINGS\TEMP\HKI379.EXE
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\LOCAL SETTINGS\TEMP\HKI380.EXE
C:\DOCUMENTS AND SETTINGS\LAURIE.MOBILIO\LOCAL SETTINGS\TEMP\HKI381.EXE
C:\WINDOWS\FONTS\K38ETL.COM
C:\WINDOWS\FONTS\K38ETL.COM_
C:\WINDOWS\TEMP\HKI42131.EXE
C:\WINDOWS\TEMP\HKI49302.EXE
C:\WINDOWS\TEMP\HKI49303.EXE
C:\WINDOWS\TEMP\HKI49315.EXE
C:\WINDOWS\TEMP\HKI49317.EXE
C:\WINDOWS\TEMP\HKI49328.EXE
C:\WINDOWS\Prefetch\HKI42131.EXE-08303B91.pf
C:\WINDOWS\Prefetch\HKI49302.EXE-15F15477.pf
C:\WINDOWS\Prefetch\HKI49303.EXE-23DA39C9.pf
C:\WINDOWS\Prefetch\HKI49315.EXE-1A8FC80D.pf
C:\WINDOWS\Prefetch\HKI49317.EXE-055C789B.pf
C:\WINDOWS\Prefetch\HKI49328.EXE-0F761A8A.pf
C:\WINDOWS\Prefetch\K38ETL.COM-0FC47B16.pf

Adware.CouponBar
C:\WINDOWS\SYSTEM32\CPNPRT2.CID

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7417

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

8/9/2011 8:07:24 AM
mbam-log-2011-08-09 (08-07-23).txt

Scan type: Quick scan
Objects scanned: 185293
Time elapsed: 13 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#5 Ross MacDonald

Ross MacDonald
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 12 August 2011 - 09:31 AM

Does any of that mean anything to you? I'm still trying to get everything running right and can't figure it out. Please help!

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 AM

Posted 12 August 2011 - 09:55 AM

Hello, yes ,you had a few ugly infections.. We need to update some things and run one or two more scans.

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7-windows-i586.exe to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.


Similarly Update to Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional


>>>

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.


How is it running now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Ross MacDonald

Ross MacDonald
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 14 August 2011 - 10:49 AM

I ran the updates for both Adobe and Java, and then ran ESET online; but my computer wouldn't open up a txt file to list the three files it quarantined, and I had to hard boot the comp to get it to run again. It seems like if I let the computer go to sleep, once it boots back up it won't really boot back up; it won't allow programs, etc to run. The screen is visible, I can move the mouse, I can open file folders, etc.... but I can't get anything to run, and Task Manager won't come up.

The HPProductsAssistant is still popping up, and the google window is still coming up on every start up.

But right now, after a hard boot, it seems like it is 'running' fine aside from those same two problems I've been having since I got the virus to go away.


Any more advice? I'm running out of time to get this fixed.

#8 Ross MacDonald

Ross MacDonald
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 14 August 2011 - 10:55 AM

Also, I am getting redirected through firefox to bogus sites.... sometimes it's through a link, sometimes they just pop up.

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 AM

Posted 14 August 2011 - 11:04 AM

Let's do one more here,this is pretty quick and see if it stops it.

Are you on a router? Are other machines on it,if so are they redirecting?


Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.5.9.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. [color=green]In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.



If atill... I have seen with FireFox: it may be the Add ons/Plugins. try disabling them one at a time and see which one was at fault.

How to disable extensions and plugins

Keeping your third-party plugins up to date
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Ross MacDonald

Ross MacDonald
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 14 August 2011 - 11:46 AM

\Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
\Device\Harddisk0\DR0 - ok

This is what it found; I ran the program once, and then ahd to hard boot to get the computer to restart; going through windows achieved nothing. I'm posting this in case (as last time) I can't find the txt file

#11 Ross MacDonald

Ross MacDonald
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 14 August 2011 - 11:54 AM

2011/08/14 09:44:11.0968 2396 TDSS rootkit removing tool 2.5.15.0 Aug 11 2011 16:32:13
2011/08/14 09:44:12.0546 2396 ================================================================================
2011/08/14 09:44:12.0546 2396 SystemInfo:
2011/08/14 09:44:12.0546 2396
2011/08/14 09:44:12.0546 2396 OS Version: 5.1.2600 ServicePack: 3.0
2011/08/14 09:44:12.0546 2396 Product type: Workstation
2011/08/14 09:44:12.0546 2396 ComputerName: LAURIE-XPS1
2011/08/14 09:44:12.0546 2396 UserName: Laurie.Mobilio
2011/08/14 09:44:12.0546 2396 Windows directory: C:\WINDOWS
2011/08/14 09:44:12.0546 2396 System windows directory: C:\WINDOWS
2011/08/14 09:44:12.0546 2396 Processor architecture: Intel x86
2011/08/14 09:44:12.0546 2396 Number of processors: 1
2011/08/14 09:44:12.0546 2396 Page size: 0x1000
2011/08/14 09:44:12.0546 2396 Boot type: Normal boot
2011/08/14 09:44:12.0546 2396 ================================================================================
2011/08/14 09:44:15.0328 2396 Initialize success
2011/08/14 09:44:17.0812 1244 ================================================================================
2011/08/14 09:44:17.0812 1244 Scan started
2011/08/14 09:44:17.0812 1244 Mode: Manual;
2011/08/14 09:44:17.0812 1244 ================================================================================
2011/08/14 09:44:19.0812 1244 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/08/14 09:44:20.0328 1244 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/14 09:44:20.0703 1244 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/08/14 09:44:20.0906 1244 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/08/14 09:44:21.0109 1244 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/14 09:44:21.0312 1244 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/14 09:44:21.0515 1244 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/08/14 09:44:21.0656 1244 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/08/14 09:44:21.0781 1244 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/08/14 09:44:21.0921 1244 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/08/14 09:44:22.0062 1244 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/08/14 09:44:22.0375 1244 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/08/14 09:44:22.0890 1244 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/08/14 09:44:23.0140 1244 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/08/14 09:44:23.0343 1244 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/08/14 09:44:23.0546 1244 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/08/14 09:44:23.0750 1244 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/08/14 09:44:23.0953 1244 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/08/14 09:44:24.0156 1244 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
2011/08/14 09:44:24.0390 1244 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/14 09:44:24.0578 1244 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/14 09:44:24.0906 1244 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/14 09:44:25.0125 1244 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/14 09:44:25.0468 1244 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/14 09:44:25.0812 1244 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/08/14 09:44:25.0906 1244 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/14 09:44:26.0031 1244 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/08/14 09:44:26.0156 1244 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/14 09:44:26.0312 1244 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/14 09:44:26.0515 1244 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/14 09:44:26.0859 1244 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/08/14 09:44:27.0046 1244 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/08/14 09:44:27.0265 1244 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/08/14 09:44:27.0468 1244 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/08/14 09:44:27.0828 1244 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/14 09:44:28.0515 1244 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/14 09:44:29.0421 1244 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/14 09:44:29.0609 1244 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/14 09:44:29.0765 1244 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/14 09:44:29.0953 1244 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/08/14 09:44:30.0187 1244 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/14 09:44:30.0390 1244 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
2011/08/14 09:44:30.0593 1244 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
2011/08/14 09:44:30.0812 1244 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/08/14 09:44:31.0046 1244 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/14 09:44:31.0265 1244 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/08/14 09:44:31.0578 1244 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/14 09:44:31.0984 1244 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/08/14 09:44:32.0328 1244 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/14 09:44:32.0765 1244 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/14 09:44:33.0109 1244 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/14 09:44:33.0359 1244 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/08/14 09:44:33.0562 1244 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/14 09:44:33.0812 1244 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/08/14 09:44:34.0031 1244 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/08/14 09:44:34.0250 1244 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/08/14 09:44:34.0468 1244 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/08/14 09:44:34.0687 1244 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/08/14 09:44:34.0906 1244 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/14 09:44:35.0156 1244 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/08/14 09:44:35.0578 1244 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/08/14 09:44:35.0875 1244 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/14 09:44:36.0125 1244 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2011/08/14 09:44:36.0375 1244 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/14 09:44:36.0593 1244 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/08/14 09:44:36.0796 1244 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/08/14 09:44:37.0015 1244 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/08/14 09:44:37.0203 1244 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/14 09:44:37.0390 1244 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/14 09:44:37.0562 1244 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/14 09:44:37.0750 1244 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/14 09:44:38.0109 1244 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/14 09:44:38.0406 1244 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/14 09:44:38.0609 1244 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/14 09:44:38.0968 1244 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/14 09:44:39.0187 1244 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/08/14 09:44:39.0406 1244 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/14 09:44:39.0609 1244 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/14 09:44:39.0968 1244 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/14 09:44:40.0156 1244 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/14 09:44:40.0375 1244 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/14 09:44:40.0734 1244 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/08/14 09:44:41.0156 1244 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/14 09:44:41.0484 1244 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/08/14 09:44:41.0703 1244 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/14 09:44:41.0906 1244 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/14 09:44:42.0156 1244 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/14 09:44:42.0296 1244 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/14 09:44:42.0468 1244 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/14 09:44:42.0656 1244 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/14 09:44:42.0843 1244 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/14 09:44:43.0031 1244 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/14 09:44:43.0250 1244 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/14 09:44:43.0453 1244 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/14 09:44:43.0812 1244 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/14 09:44:44.0140 1244 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/14 09:44:44.0390 1244 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/14 09:44:44.0593 1244 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/14 09:44:44.0812 1244 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/14 09:44:45.0078 1244 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/14 09:44:45.0453 1244 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/14 09:44:45.0781 1244 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/14 09:44:46.0015 1244 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/08/14 09:44:46.0406 1244 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/14 09:44:46.0843 1244 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/14 09:44:47.0468 1244 PalmUSBD (803cf09c795290825607505d37819135) C:\WINDOWS\system32\drivers\PalmUSBD.sys
2011/08/14 09:44:47.0765 1244 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/08/14 09:44:48.0015 1244 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/14 09:44:48.0218 1244 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/14 09:44:48.0406 1244 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/14 09:44:48.0796 1244 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/14 09:44:49.0000 1244 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/08/14 09:44:49.0812 1244 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/08/14 09:44:50.0125 1244 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/08/14 09:44:50.0453 1244 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/14 09:44:50.0750 1244 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/08/14 09:44:50.0953 1244 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/14 09:44:51.0187 1244 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/08/14 09:44:51.0406 1244 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/08/14 09:44:51.0609 1244 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/08/14 09:44:51.0828 1244 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/08/14 09:44:52.0046 1244 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/08/14 09:44:52.0328 1244 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/08/14 09:44:52.0765 1244 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/14 09:44:53.0015 1244 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/14 09:44:53.0234 1244 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/14 09:44:53.0437 1244 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/14 09:44:53.0640 1244 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/14 09:44:53.0812 1244 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/14 09:44:54.0031 1244 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/08/14 09:44:54.0234 1244 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/14 09:44:54.0421 1244 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/14 09:44:54.0609 1244 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/08/14 09:44:54.0781 1244 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/08/14 09:44:55.0390 1244 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/14 09:44:55.0625 1244 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
2011/08/14 09:44:55.0937 1244 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/08/14 09:44:56.0156 1244 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/08/14 09:44:56.0359 1244 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/14 09:44:56.0656 1244 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/08/14 09:44:56.0921 1244 smwdm (86c4d93b7b7818d066c52fdb03c6c921) C:\WINDOWS\system32\drivers\smwdm.sys
2011/08/14 09:44:57.0125 1244 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/08/14 09:44:57.0328 1244 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/14 09:44:57.0671 1244 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/14 09:44:58.0140 1244 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/14 09:44:58.0593 1244 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
2011/08/14 09:44:58.0812 1244 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
2011/08/14 09:44:59.0015 1244 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/14 09:44:59.0203 1244 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/14 09:44:59.0406 1244 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/08/14 09:44:59.0609 1244 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/08/14 09:44:59.0812 1244 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/08/14 09:45:00.0031 1244 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/08/14 09:45:00.0234 1244 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/14 09:45:00.0453 1244 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/14 09:45:00.0718 1244 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/14 09:45:01.0125 1244 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/14 09:45:01.0609 1244 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/14 09:45:01.0890 1244 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
2011/08/14 09:45:02.0015 1244 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
2011/08/14 09:45:02.0187 1244 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
2011/08/14 09:45:02.0328 1244 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
2011/08/14 09:45:02.0453 1244 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
2011/08/14 09:45:02.0593 1244 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
2011/08/14 09:45:02.0734 1244 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
2011/08/14 09:45:02.0890 1244 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
2011/08/14 09:45:03.0031 1244 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
2011/08/14 09:45:03.0250 1244 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/08/14 09:45:03.0453 1244 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/14 09:45:03.0640 1244 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/08/14 09:45:03.0859 1244 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/14 09:45:04.0093 1244 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/08/14 09:45:04.0234 1244 usbbus (d9f3bb7c292f194f3b053ce295754eb8) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
2011/08/14 09:45:04.0421 1244 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/14 09:45:04.0625 1244 UsbDiag (c4f77da649f99fad116ea585376fc164) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
2011/08/14 09:45:04.0843 1244 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/14 09:45:05.0046 1244 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/14 09:45:05.0234 1244 USBModem (c0613ce45e617bc671de8ebb1b30d175) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
2011/08/14 09:45:05.0421 1244 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/08/14 09:45:05.0625 1244 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/14 09:45:05.0750 1244 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/14 09:45:06.0000 1244 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/14 09:45:06.0203 1244 VET-FILT (5f5028181917131ce1353cb32f10f612) C:\WINDOWS\system32\drivers\VET-FILT.sys
2011/08/14 09:45:06.0406 1244 VET-REC (fe7425fc0b9995de0e4d5dfaa4705b23) C:\WINDOWS\system32\drivers\VET-REC.sys
2011/08/14 09:45:06.0609 1244 VETEBOOT (5bb0c1b5f8be72132456827394da70b9) C:\WINDOWS\system32\drivers\VETEBOOT.sys
2011/08/14 09:45:06.0843 1244 VETEFILE (8a2e756bb478ddaf4127653a613333be) C:\WINDOWS\system32\drivers\VETEFILE.sys
2011/08/14 09:45:07.0125 1244 VETFDDNT (ac2d78b38367bf6e391659546be8dae5) C:\WINDOWS\system32\drivers\VETFDDNT.sys
2011/08/14 09:45:07.0343 1244 VETMONNT (89e280b1f8d07123e8ea80fdd4d95f51) C:\WINDOWS\system32\drivers\VETMONNT.sys
2011/08/14 09:45:07.0562 1244 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/14 09:45:07.0765 1244 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/08/14 09:45:07.0968 1244 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/08/14 09:45:08.0296 1244 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/14 09:45:08.0500 1244 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/14 09:45:09.0015 1244 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/14 09:45:09.0406 1244 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/14 09:45:09.0546 1244 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/14 09:45:09.0609 1244 MBR (0x1B8) (87f75abb087c82bee3a1fbec42bbabd0) \Device\Harddisk0\DR0
2011/08/14 09:45:09.0609 1244 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/08/14 09:45:09.0640 1244 Boot (0x1200) (d3f3fe1f0351b936e48f2333b04e4595) \Device\Harddisk0\DR0\Partition0
2011/08/14 09:45:09.0656 1244 ================================================================================
2011/08/14 09:45:09.0656 1244 Scan finished
2011/08/14 09:45:09.0656 1244 ================================================================================
2011/08/14 09:45:09.0687 2668 Detected object count: 1
2011/08/14 09:45:09.0687 2668 Actual detected object count: 1
2011/08/14 09:45:15.0281 2668 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/08/14 09:45:15.0281 2668 \Device\Harddisk0\DR0 - ok
2011/08/14 09:45:15.0281 2668 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure
2011/08/14 09:46:14.0437 2256 Deinitialize success

Edited by Ross MacDonald, 14 August 2011 - 11:55 AM.


#12 Ross MacDonald

Ross MacDonald
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 14 August 2011 - 11:58 AM

I'm still getting that hppassistant thingy; I searched a bit on the internet and came up with what HP said was a solution, but I didn't see any difference. Am I correct in um assumption that some file must have gotten deleted in the virus purging process, that HP thinks it needs? All my peripherals seem to be working; printer, mouse, monitor, everything.


Can you offer any suggestion on how to get this window

C:\Documents and Settings\USER.NAME\Application Data\Google

to stop coming up?

I ran the rootkit again and it came up dry (thankfully)... amazing how many freeware malware removal programs there are out there, and how they all do different things.

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 AM

Posted 14 August 2011 - 12:28 PM

What exactly is the HP message?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 Ross MacDonald

Ross MacDonald
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 14 August 2011 - 12:34 PM

It's hpproductassistant trying to get me to put in a disk for HP Product Assistant, but I don't think I have one (I rpbably did at some point, but can't find it now). Unfortunately it's not specific as to why it needs it, or what it is for. I do have an HP printer that I installed probably 6 months ago, but it works fine ( I test printed several pages just to make sure). I'll reboot the computer so I can get the exact wording for you, but it's very non-specific.

#15 Ross MacDonald

Ross MacDonald
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 14 August 2011 - 12:43 PM

It starts with Windows Installer popping up and running... then it goes to an HPProductAssistant window and says "The feature you are trying to use is on a CD-ROM or other removable disk that is not available. Insert the HP Product Assistant Disk and Click OK". But I don't have the disk.... is it something that I can download? I tried to go through Hp Product assistant (in my toolbar) to download an update that I thought might help, but the installation failed on both attempts.

Everything else about the computer, aside from the google window and HP Products Assistant, seems to be working properly now. I can't say thank you enough for your help; I didn't know where to start when all this went down, but bleeping computer has made a world of difference. I'm glad there are people out there as dedicated to making my comp run properly as there are idiots out there creating viruses dedicated to making it run like a steaming pile of poop.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users