Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to startup Windows 7


  • Please log in to reply
15 replies to this topic

#1 isaacm

isaacm

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:29 AM

Posted 03 September 2011 - 03:20 PM

Alright, I'm not panicked. I'm fine, I swear.
I'm a little annoyed though as to the persistence of this possible virus.

The first symptom was my LAPTOP crashing unexpectedly.
My "ACER ASPIRE 7740" restarted immediately and booted into a STARTUP REPAIR.
STARTUP REPAIR was unable to resolve the issue but did say that the problem was with "ci.dll"
I then attempted DISK CHECK. No dice.
I then attempted to retry the prior attempts of running the STARTUP REPAIR search and the SYSTEM MEMORY DIAGNOSTIC tool, to no avail.
Finally, I was able to successfully system restore to a point on 8/31.

This resulted in being able to start and log into windows for the first time in 4 hours.
I then investigated into the problem and searched into "ci.dll".
I attempted to repeatedly remove ci.dll but it continued to recreate itself.
I then found that after restart if I went though "F8" and chose "DISABLE DEVICE SIGNATURE ENFORCEMENT" I could startup every time.

I had then began to think that I the battle was looking good.
After startup, I then hit F8 once again, and I chose DISABLE DEVICE SIGNATURE ENFORCEMENT.
I logged as usual, opened FIREFOX (ver. 6.0.1) and began to further investigate.
My BROWSER then began to redirect me to various AD's and other annoying sites, all not where I wanted to be directed to.
I then fought with the browser to find download and install AVG SECURITY SUITE 2012 (trial), ran a complete search and while that was running...
I continued to investigate. Ctrl + Alt + Del showed that I had two processed that I had never seen and/or have I ever recalled allowing them to run.
The first program was "PING.exe" (which when I attempted to delete it said,
"You require permission from TrustedInstaller to perform this action") which is a "TCP/IP Command"?

The second program was (If I can remember, because it disappeared after a few moments)
"trustedinstaller.exe" the decription says its a windows modules installer.

Also AVG was able to find multiple rootkits and tacking cookies. I will provide the scan results if needed.

Please. I beg you. Save my beloved computer!

Edited by hamluis, 03 September 2011 - 04:31 PM.
Moved from Win 7 to Am I Infected.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:29 AM

Posted 04 September 2011 - 03:46 PM

Hello,please run these toos.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware



And Finally...
Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 isaacm

isaacm
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:29 AM

Posted 04 September 2011 - 10:54 PM

Thanks for the response!
Seriously... I really appreciate it.
You are awesome my friend.

Here are the LOGS:

MiniToolBox by Farbar
Ran by Ice-Rice (administrator) on 04-09-2011 at 19:25:59
Windows 7 Home Premium Service Pack 1 (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 4

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Ice-Rice-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.wa.comcast.net.

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : C2-17-FE-A9-C9-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-26-2D-87-FD-65
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.wa.comcast.net.
Description . . . . . . . . . . . : Atheros AR5B93 Wireless Network Adapter
Physical Address. . . . . . . . . : C4-17-FE-A9-C9-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:62e8:7bf0:1234:f154:41f4:196c:1b8b(Preferred)
Temporary IPv6 Address. . . . . . : 2002:62e8:7bf0:1234:7089:aa7e:7a2b:b64(Preferred)
Link-local IPv6 Address . . . . . : fe80::f154:41f4:196c:1b8b%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.104(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, September 04, 2011 6:27:25 PM
Lease Expires . . . . . . . . . . : Monday, September 05, 2011 6:27:25 PM
Default Gateway . . . . . . . . . : fe80::200:ff:fe00:0%10
192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 197400574
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-FD-17-A6-C4-17-FE-A9-C9-C9
DNS Servers . . . . . . . . . . . : 192.168.1.1
68.87.69.150
68.87.85.102
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.click-network.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable Microsoft 6To4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #12
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #8
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #9
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #7
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #10
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #11
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #13
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 21:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #14
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 23:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #16
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 24:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #17
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 22:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #15
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 25:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #18
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 26:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #19
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 27:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #20
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.wa.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.wa.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 28:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #23
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 30:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #22
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 29:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #21
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 35:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #27
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 34:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #26
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 32:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #24
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 33:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #25
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 36:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #28
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 39:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #31
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 37:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #29
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 38:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #30
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 40:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #32
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 41:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #33
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 43:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #35
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 44:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #36
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 42:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #34
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 45:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #37
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 46:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #38
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 47:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #39
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 49:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #41
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 51:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #43
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 50:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #42
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 52:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #44
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 53:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #45
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 56:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:10cd:2bf6:9d17:840f(Preferred)
Link-local IPv6 Address . . . . . : fe80::10cd:2bf6:9d17:840f%68(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{A798D9E8-7E8A-421D-95C6-A7BCCF85CD2F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6D682DC9-0D55-4142-8555-F060EAB3DE74}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: 192.168.1.1
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.127.99
74.125.127.103
74.125.127.147
74.125.127.106
74.125.127.105
74.125.127.104


Pinging google.com [74.125.53.99] with 32 bytes of data:
Reply from 74.125.53.99: bytes=32 time=25ms TTL=52
Reply from 74.125.53.99: bytes=32 time=23ms TTL=52

Ping statistics for 74.125.53.99:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 25ms, Average = 24ms
Server: 192.168.1.1
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70
67.195.160.76
69.147.125.65
72.30.2.43
98.137.149.56


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=66ms TTL=51
Reply from 209.191.122.70: bytes=32 time=54ms TTL=51

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 54ms, Maximum = 66ms, Average = 60ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...c2 17 fe a9 c9 c9 ......Microsoft Virtual WiFi Miniport Adapter
11...00 26 2d 87 fd 65 ......Broadcom NetLink ™ Gigabit Ethernet
10...c4 17 fe a9 c9 c9 ......Atheros AR5B93 Wireless Network Adapter
1...........................Software Loopback Interface 1
36...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
26...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #12
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
18...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #4
19...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #5
17...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
20...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #6
22...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #8
23...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #9
21...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #7
24...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #10
25...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #11
28...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #13
29...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #14
31...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #16
32...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #17
30...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #15
33...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #18
34...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #19
35...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #20
69...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
41...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #23
38...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #22
37...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #21
45...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #27
44...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #26
42...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #24
43...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #25
46...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #28
49...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #31
47...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #29
48...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #30
50...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #32
51...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #33
53...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #35
54...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #36
52...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #34
55...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #37
56...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #38
57...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #39
59...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #41
61...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #43
60...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #42
62...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #44
63...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #45
68...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
89...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
70...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.104 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.104 281
192.168.1.104 255.255.255.255 On-link 192.168.1.104 281
192.168.1.255 255.255.255.255 On-link 192.168.1.104 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.104 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.104 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 281 ::/0 fe80::200:ff:fe00:0
1 306 ::1/128 On-link
68 58 2001::/32 On-link
68 306 2001:0:4137:9e76:10cd:2bf6:9d17:840f/128
On-link
10 33 2002:62e8:7bf0:1234::/64 On-link
10 281 2002:62e8:7bf0:1234:7089:aa7e:7a2b:b64/128
On-link
10 281 2002:62e8:7bf0:1234:f154:41f4:196c:1b8b/128
On-link
10 281 fe80::/64 On-link
68 306 fe80::/64 On-link
68 306 fe80::10cd:2bf6:9d17:840f/128
On-link
10 281 fe80::f154:41f4:196c:1b8b/128
On-link
1 306 ff00::/8 On-link
68 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/03/2011 02:31:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: hotfix.exe, version: 1.4.1581.0, time stamp: 0x4a44a63c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc00000fd
Fault offset: 0x7398e294
Faulting process id: 0x16d4
Faulting application start time: 0xhotfix.exe0
Faulting application path: hotfix.exe1
Faulting module path: hotfix.exe2
Report Id: hotfix.exe3

Error: (09/03/2011 02:31:16 PM) (Source: MsiInstaller) (User: Ice-Rice)Ice-Rice
Description: Product: Microsoft SQL Server 2005 Express Edition - Update 'GDR 4060 for SQL Server Database Services 2005 ENU (KB2494113)' could not be installed. Error code 1603. Additional information is available in the log file C:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\LOG\Hotfix\SQL9_Hotfix_KB2494113_sqlrun_sql.msp.log.

Error: (09/03/2011 02:31:16 PM) (Source: MsiInstaller) (User: Ice-Rice)Ice-Rice
Description: Product: Microsoft SQL Server 2005 Express Edition -- Error 29527. The setup has encountered an unexpected error in datastore. The action is RestoreSetupParams. The error is : Source File Name: datastore\cachedpropertycollection.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: CachedPropertyCollection::findProperty
Source Line Number: 138
----------------------------------------------------------
Failed to read property "InstallIds" {"MachineConfiguration", "", "ICE-RICE-PC"} from cache
Source File Name: datastore\cachedpropertycollection.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: CachedPropertyCollection::setProperty
Source Line Number: 164
----------------------------------------------------------
Unable to write property into cache: IsClustered
Source File Name: datastore\datastorecacheschema.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: DataStoreCacheSchema::writeProperty
Source Line Number: 115
----------------------------------------------------------
Unable to write property into cache: "IsClustered"
Source File Name: datastore\datastorecachexmlschema.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: DataStoreCacheXMLSchema::initScopeRecord
Source Line Number: 81
----------------------------------------------------------
XmlRW Error: Failure loading xmlrw.dll
Source File Name: datastore\datastorecachexmlschema.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: DataStoreCacheXMLSchema::initScopeRecord
Source Line Number: 80
----------------------------------------------------------
CheckAllProcedures() returned: 2

Error: (09/03/2011 08:51:23 AM) (Source: Application Error) (User: )
Description: Faulting application name: ping.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc964
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x73c34f0d
Faulting process id: 0xb20
Faulting application start time: 0xping.exe0
Faulting application path: ping.exe1
Faulting module path: ping.exe2
Report Id: ping.exe3

Error: (09/03/2011 02:43:39 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (09/03/2011 00:14:36 AM) (Source: Application Error) (User: )
Description: Faulting application name: hotfix.exe, version: 1.4.1581.0, time stamp: 0x4a44a63c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc00000fd
Fault offset: 0x73c8e294
Faulting process id: 0xda8
Faulting application start time: 0xhotfix.exe0
Faulting application path: hotfix.exe1
Faulting module path: hotfix.exe2
Report Id: hotfix.exe3

Error: (09/03/2011 00:14:33 AM) (Source: MsiInstaller) (User: Ice-Rice)Ice-Rice
Description: Product: Microsoft SQL Server 2005 Express Edition - Update 'GDR 4060 for SQL Server Database Services 2005 ENU (KB2494113)' could not be installed. Error code 1603. Additional information is available in the log file C:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\LOG\Hotfix\SQL9_Hotfix_KB2494113_sqlrun_sql.msp.log.

Error: (09/03/2011 00:14:33 AM) (Source: MsiInstaller) (User: Ice-Rice)Ice-Rice
Description: Product: Microsoft SQL Server 2005 Express Edition -- Error 29527. The setup has encountered an unexpected error in datastore. The action is RestoreSetupParams. The error is : Source File Name: datastore\cachedpropertycollection.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: CachedPropertyCollection::findProperty
Source Line Number: 138
----------------------------------------------------------
Failed to read property "InstallIds" {"MachineConfiguration", "", "ICE-RICE-PC"} from cache
Source File Name: datastore\cachedpropertycollection.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: CachedPropertyCollection::setProperty
Source Line Number: 164
----------------------------------------------------------
Unable to write property into cache: IsClustered
Source File Name: datastore\datastorecacheschema.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: DataStoreCacheSchema::writeProperty
Source Line Number: 115
----------------------------------------------------------
Unable to write property into cache: "IsClustered"
Source File Name: datastore\datastorecachexmlschema.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: DataStoreCacheXMLSchema::initScopeRecord
Source Line Number: 81
----------------------------------------------------------
XmlRW Error: Failure loading xmlrw.dll
Source File Name: datastore\datastorecachexmlschema.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: DataStoreCacheXMLSchema::initScopeRecord
Source Line Number: 80
----------------------------------------------------------
CheckAllProcedures() returned: 2

Error: (09/02/2011 11:10:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: hotfix.exe, version: 1.4.1581.0, time stamp: 0x4a44a63c
Faulting module name: hotfix.exe, version: 1.4.1581.0, time stamp: 0x4a44a63c
Exception code: 0xc0000409
Fault offset: 0x0009154b
Faulting process id: 0xf34
Faulting application start time: 0xhotfix.exe0
Faulting application path: hotfix.exe1
Faulting module path: hotfix.exe2
Report Id: hotfix.exe3

Error: (09/02/2011 11:10:52 PM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Microsoft SQL Server 2005 Express Edition - Update 'GDR 4060 for SQL Server Database Services 2005 ENU (KB2494113)' could not be installed. Error code 1603. Additional information is available in the log file C:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\LOG\Hotfix\SQL9_Hotfix_KB2494113_sqlrun_sql.msp.log.


System errors:
=============
Error: (09/04/2011 06:29:52 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (09/04/2011 06:29:52 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (09/04/2011 06:29:52 PM) (Source: DCOM) (User: )
Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/04/2011 06:29:50 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (09/04/2011 06:29:00 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (09/04/2011 06:28:40 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (09/04/2011 06:28:21 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (09/04/2011 06:27:31 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (09/03/2011 11:32:57 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgfws service.

Error: (09/03/2011 11:32:26 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.


Microsoft Office Sessions:
=========================
Error: (09/03/2011 02:31:17 PM) (Source: Application Error)(User: )
Description: hotfix.exe1.4.1581.04a44a63cunknown0.0.0.000000000c00000fd7398e29416d401cc6a80b27acd62c:\7e269b35f9a58da26f6f60bda5c307\hotfix.exeunknown0e6df0d7-d674-11e0-a9d2-aabb8359c27b

Error: (09/03/2011 02:31:16 PM) (Source: MsiInstaller)(User: Ice-Rice)Ice-Rice
Description: Microsoft SQL Server 2005 Express EditionGDR 4060 for SQL Server Database Services 2005 ENU (KB2494113)1603C:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\LOG\Hotfix\SQL9_Hotfix_KB2494113_sqlrun_sql.msp.log(NULL)(NULL)

Error: (09/03/2011 02:31:16 PM) (Source: MsiInstaller)(User: Ice-Rice)Ice-Rice
Description: Product: Microsoft SQL Server 2005 Express Edition -- Error 29527. The setup has encountered an unexpected error in datastore. The action is RestoreSetupParams. The error is : Source File Name: datastore\cachedpropertycollection.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: CachedPropertyCollection::findProperty
Source Line Number: 138
----------------------------------------------------------
Failed to read property "InstallIds" {"MachineConfiguration", "", "ICE-RICE-PC"} from cache
Source File Name: datastore\cachedpropertycollection.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: CachedPropertyCollection::setProperty
Source Line Number: 164
----------------------------------------------------------
Unable to write property into cache: IsClustered
Source File Name: datastore\datastorecacheschema.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: DataStoreCacheSchema::writeProperty
Source Line Number: 115
----------------------------------------------------------
Unable to write property into cache: "IsClustered"
Source File Name: datastore\datastorecachexmlschema.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: DataStoreCacheXMLSchema::initScopeRecord
Source Line Number: 81
----------------------------------------------------------
XmlRW Error: Failure loading xmlrw.dll
Source File Name: datastore\datastorecachexmlschema.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: DataStoreCacheXMLSchema::initScopeRecord
Source Line Number: 80
----------------------------------------------------------
CheckAllProcedures() returned: 2
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/03/2011 08:51:23 AM) (Source: Application Error)(User: )
Description: ping.exe6.1.7600.163854a5bc964unknown0.0.0.000000000c000041d73c34f0db2001cc6a084e22e4beC:\Windows\Syswow64\ping.exeunknown92906a76-d644-11e0-98b6-a6174aeb5e5c

Error: (09/03/2011 02:43:39 AM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (09/03/2011 00:14:36 AM) (Source: Application Error)(User: )
Description: hotfix.exe1.4.1581.04a44a63cunknown0.0.0.000000000c00000fd73c8e294da801cc6a090a0531f4c:\664c9bce5c41c9b03271cf4c04dbae\hotfix.exeunknown60f8f6ae-d5fc-11e0-98b6-a6174aeb5e5c

Error: (09/03/2011 00:14:33 AM) (Source: MsiInstaller)(User: Ice-Rice)Ice-Rice
Description: Microsoft SQL Server 2005 Express EditionGDR 4060 for SQL Server Database Services 2005 ENU (KB2494113)1603C:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\LOG\Hotfix\SQL9_Hotfix_KB2494113_sqlrun_sql.msp.log(NULL)(NULL)

Error: (09/03/2011 00:14:33 AM) (Source: MsiInstaller)(User: Ice-Rice)Ice-Rice
Description: Product: Microsoft SQL Server 2005 Express Edition -- Error 29527. The setup has encountered an unexpected error in datastore. The action is RestoreSetupParams. The error is : Source File Name: datastore\cachedpropertycollection.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: CachedPropertyCollection::findProperty
Source Line Number: 138
----------------------------------------------------------
Failed to read property "InstallIds" {"MachineConfiguration", "", "ICE-RICE-PC"} from cache
Source File Name: datastore\cachedpropertycollection.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: CachedPropertyCollection::setProperty
Source Line Number: 164
----------------------------------------------------------
Unable to write property into cache: IsClustered
Source File Name: datastore\datastorecacheschema.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: DataStoreCacheSchema::writeProperty
Source Line Number: 115
----------------------------------------------------------
Unable to write property into cache: "IsClustered"
Source File Name: datastore\datastorecachexmlschema.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: DataStoreCacheXMLSchema::initScopeRecord
Source Line Number: 81
----------------------------------------------------------
XmlRW Error: Failure loading xmlrw.dll
Source File Name: datastore\datastorecachexmlschema.cpp
Compiler Timestamp: Sat Oct 25 08:47:05 2008
Function Name: DataStoreCacheXMLSchema::initScopeRecord
Source Line Number: 80
----------------------------------------------------------
CheckAllProcedures() returned: 2
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2011 11:10:56 PM) (Source: Application Error)(User: )
Description: hotfix.exe1.4.1581.04a44a63chotfix.exe1.4.1581.04a44a63cc00004090009154bf3401cc6a002fb55489c:\74eb93480a16efc3123ba27150\hotfix.exec:\74eb93480a16efc3123ba27150\hotfix.exe7bf476a2-d5f3-11e0-8e81-c9e5fd031e40

Error: (09/02/2011 11:10:52 PM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Microsoft SQL Server 2005 Express EditionGDR 4060 for SQL Server Database Services 2005 ENU (KB2494113)1603C:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\LOG\Hotfix\SQL9_Hotfix_KB2494113_sqlrun_sql.msp.log(NULL)(NULL)


=========================== Installed Programs ============================

µTorrent (Version: 3.0.0)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acer Crystal Eye Webcam (Version: 5.2.9.3)
Acer ePower Management (Version: 4.05.3004)
Acer eRecovery Management (Version: 4.05.3005)
Acer GridVista (Version: 3.01.0730)
Acer Updater (Version: 1.01.3017)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.5)
Adobe Flash Player 10 Plugin (Version: 10.3.183.5)
Adobe Reader X (10.1.0) (Version: 10.1.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Alcor Micro USB Card Reader (Version: 1.4.17.35005)
ALPS Touch Pad Driver (Version: 7.105.2015.1105)
ALTools Update
Amazon Kindle
Apple Application Support (Version: 2.0.1)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ASIO4ALL
Audacity 1.2.6
AVG 2012 (Version: 12.0.1796)
AVG 2012 (Version: 12.0.2082)
AVG 2012 (Version: 2012.0.1796)
Big City Adventures-Sydney Australia (Version: 1.0)
Bonjour (Version: 3.0.0.2)
Broadcom Gigabit NetLink Controller (Version: 12.33.03)
CCleaner (Version: 3.09)
CloneDVD2 (Version: 2.9.3.0)
CSI-Hard Evidence (Version: 1.00.000)
D3DX10 (Version: 15.4.2368.0902)
Defraggler (Version: 2.06)
DivX Setup (Version: 2.6.0.34)
DVDFab 8.1.1.5 (26/08/2011) Qt Beta
FileHippo.com Update Checker
FormatFactory 2.70 (Version: 2.70)
Free Launch Bar 64-bit Edition (Version: 2.0.0.0)
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892) (Version: 9.3.4053)
GDR 4053 for SQL Server Tools and Workstation Components 2005 ENU (KB970892) (Version: 9.3.4053)
GMail Drive Shell Extension (Version: 1.0.17)
Google Earth Plug-in (Version: 6.0.3.2197)
Google Talk Plugin (Version: 2.2.2.0)
Google Update Helper (Version: 1.3.21.65)
High-Definition Video Playback (Version: 7.1.12500.33.0)
ImgBurn (Version: 2.5.5.0)
Intel® Control Center (Version: 1.2.0.1006)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2182)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Turbo Boost Technology Monitor (Version: 1.0.186.6)
Intel® Matrix Storage Manager
Internet TV for Windows Media Center (Version: 4.2.2.0)
iRip (Version: 1.0.1.27)
iTunes (Version: 10.4.1.10)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 21 (64-bit) (Version: 6.0.210)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 7 (64-bit) (Version: 7.0.0)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 3.0.05)
League of Legends (Version: 1.25.000)
Lifextender
LSI HDA Modem (Version: 2.2.98)
Media Player Classic - Home Cinema v1.5.2.3456 x64 (Version: 1.5.2.3456)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Express Edition (MYMOVIES) (Version: 9.3.4035.00)
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.3.4035.00)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Management Studio (Version: 10.1.2531.0)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2573.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MiPony 1.5.0 (Version: 1.5.0)
Morrowind
Mozilla Firefox 6.0.1 (x86 en-US) (Version: 6.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 10 ClipartPack (Version: 10.2.10000.11.0)
Nero 10 Menu TemplatePack 1 (Version: 10.2.10000.0.0)
Nero 10 Menu TemplatePack 2 (Version: 10.2.10000.0.0)
Nero 10 Menu TemplatePack 3 (Version: 10.2.10000.0.0)
Nero 10 Menu TemplatePack Basic (Version: 10.2.10000.0.0)
Nero 10 Movie ThemePack 1 (Version: 10.2.10000.11.0)
Nero 10 Movie ThemePack 2 (Version: 10.2.10000.12.0)
Nero 10 Movie ThemePack 3 (Version: 10.2.10000.0.0)
Nero 10 Movie ThemePack 4 (Version: 10.2.10000.11.0)
Nero 10 Movie ThemePack Basic (Version: 10.2.10000.0.0)
Nero 10 PiP EffectPack 1 (Version: 10.2.10000.0.0)
Nero 10 Sample ImagePack (Version: 10.2.10000.11.0)
Nero 10 Sample Videos (Version: 10.2.10000.11.0)
Nero 10 Video TransitionPack 1 (Version: 10.2.10000.0.0)
Nero BackItUp 10 (Version: 5.6.10600.6.100)
Nero BackItUp 10 Help (CHM) (Version: 10.2.10800)
Nero Burning ROM 10 (Version: 10.2.10500.7.100)
Nero BurningROM 10 Help (CHM) (Version: 10.2.10600)
Nero BurnRights 10 (Version: 4.2.10300.0.102)
Nero BurnRights 10 Help (CHM) (Version: 10.2.10700)
Nero Control Center 10 (Version: 10.2.0.0.0)
Nero ControlCenter 10 Help (CHM) (Version: 10.2.10600)
Nero Core Components 10 (Version: 2.0.17200.8.0)
Nero CoverDesigner 10 (Version: 5.2.10400.4.100)
Nero CoverDesigner 10 Help (CHM) (Version: 10.2.10600)
Nero DiscSpeed 10 (Version: 6.2.10200.0.100)
Nero DiscSpeed 10 Help (CHM) (Version: 10.2.10600)
Nero Dolby Files 10 (Version: 2.0.12001.0.10)
Nero Express 10 (Version: 10.2.10500.7.100)
Nero Express 10 Help (CHM) (Version: 10.2.10700)
Nero InfoTool 10 (Version: 7.2.10200.4.100)
Nero InfoTool 10 Help (CHM) (Version: 10.2.10700)
Nero MediaHub 10 (Version: 1.2.10800.14.100)
Nero MediaHub 10 Help (CHM) (Version: 10.2.10500)
Nero Multimedia Suite 10 Platinum HD (Version: 10.5.10000)
Nero Recode 10 (Version: 4.8.10400.3.100)
Nero Recode 10 Help (CHM) (Version: 10.2.10500)
Nero RescueAgent 10 (Version: 3.2.10300.3.100)
Nero RescueAgent 10 Help (CHM) (Version: 10.2.10700)
Nero SoundTrax 10 (Version: 4.8.10200.1.100)
Nero SoundTrax 10 Help (CHM) (Version: 10.2.10600)
Nero StartSmart 10 (Version: 10.2.10400.5.100)
Nero StartSmart 10 Help (CHM) (Version: 10.2.10700)
Nero Update (Version: 1.0.0018)
Nero Vision 10 (Version: 7.2.14000.4.100)
Nero Vision 10 Help (CHM) (Version: 10.2.10800)
Nero WaveEditor 10 (Version: 5.8.10200.1.100)
Nero WaveEditor 10 Help (CHM) (Version: 10.2.10600)
NTI Backup Now 5 (Version: 5.1.2.627)
NTI Backup Now Standard (Version: 5.1.2.627)
NTI Media Maker 8 (Version: 8.0.12.6623)
NVIDIA PhysX (Version: 9.10.0129)
ooVoo (Version: 3.0.4039)
OpenOffice.org 3.3 (Version: 3.3.9567)
Orca (Version: 3.1.3790.0000)
Paint.NET v3.5.8 (Version: 3.58.0)
Pando Media Booster (Version: 2.3.4.0)
Picasa 3 (Version: 3.8)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PunkBuster Services (Version: 0.990)
QuickTime (Version: 7.70.80.34)
Realtek High Definition Audio Driver (Version: 6.0.1.5969)
Recuva (Version: 1.40)
SAMSUNG Mobile USB Modem 1.0 Software
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (Version: 10.1.2531.0)
SimCity 4 Deluxe
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
TeamViewer 6 (Version: 6.0.11052)
TeraCopy 2.2
TES Construction Set
Ubuntu (Version: 11.04-rev211)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VirtualCloneDrive
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows SideShow Managed Runtime 1.0 (Version: 1.0.1.0)
Xilisoft AVI to DVD Converter (Version: 3.0.31.0824)

========================= Memory info: ===================================

Percentage of memory in use: 48%
Total physical RAM: 3764.48 MB
Available physical RAM: 1925.09 MB
Total Pagefile: 7527.16 MB
Available Pagefile: 5209.8 MB
Total Virtual: 4095.88 MB
Available Virtual: 3989.59 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:433.94 GB) (Free:195.7 GB) NTFS
6 Drive u: (UBUNTU) (Fixed) (Total:20 GB) (Free:4.57 GB) NTFS

========================= Users: ========================================

User accounts for \\ICE-RICE-PC

Administrator Guest Ice-Rice

========================= Minidump Files ==================================

No minidump file found

**** End of log ****


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7654

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

9/4/2011 7:39:37 PM
mbam-log-2011-09-04 (19-39-37).txt

Scan type: Quick scan
Objects scanned: 181219
Time elapsed: 5 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lpc (Trojan.Agent) -> Value: lpc -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Ice-Rice\AppData\Roaming\Remote\srjmh47.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Ice-Rice\AppData\Local\Temp\temp1_wirelesskeyview-x64.zip\wirelesskeyview.exe (PUP.WirelessKeyView) -> Quarantined and deleted successfully.
c:\Windows\Temp\425B.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.




GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-09-04 20:47:40
Windows 6.1.7601 Service Pack 1
Running: dtzubeyk.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Bind ????????????????? ?????????????????????0????????????????????????????????????????????????????????????????????? ?????????????????????0??????????????????????N???????????D?????????????? ?????????????????????0????????????????????? ?????????????????????0????????????????????????????????????????????????????????????????????? ???????j???????????h????????????'??????????4??? ????????????????????????"?????t????????????????4??ro??? ???????n???????????????? ???????????????????5?68??? ????????????????????????"???&?????????????????????????????????????????????????HID_Mouse_Inst??? ???????????????????????????r???????????3??????????????????????????????????? ?????????????????????0????????????????????? ???????????????????h?0????????????????????? ?????????????????????0????????????????????? ???????????????????j?0????????????????????? ?????????????????????0????????????????????? ???????????????????k?0????????(???????????? ?????????????????????0????????????????????6.1.7600.16385??? ??????????????????? ???????????????????n?,???????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Route ????????272696320?272696320?272696320?272696320?272696320?272696320?272696320?805438464?1073939458?805438464?1073939458?????Message send failures/sec?Prepare retry count/sec?Commit retry count/sec?Prepared retry count/sec?Replay retry count/sec?Faults received count/sec?Faults sent count/sec?Average participant prepare response time?Average participant prepare response time Base?Average participant commit response time?Average participant commit response time Base?????????~???????????????????????????????????????????????s???????????o????p.ne??????????????????????_TransactionBridgePerfCounters.ini???????????????????????????????????????????????????????????0??????????? ??????????????????.NT?????????????????????ClosePerformanceData????NetBIOSGroup????????????????? ???????????????????????????????5?????e1E??????????CollectPerformanceData??????? ??????????????s???? ??????????????????EraserUtilDrv11010???????????????????????s??? ???????|???????????l?:??????????-?&????????????????????5????N??????????????????????????5?
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export ????????ndis5_ip6_tunnel????? ?????? ?????????????????,??????????????????t??????????????L?h??????8?????????????????????????c????????????????????????????k\??? ?????????????????????????????????????????e? ??????????? ?????????????????????????????????? ????????????????????d??????s\????6??????????????????????????8??????1d??{8ECC055D-047F-11D1-A537-0000F8753ED1}?rot??? ???????&??????????????????????<????????e??? ???????&??????????????????????>????????e???????3???????????p?p?p?p?p?q?r???s???d????????????????????r??????????????????????????-??????????????????????????????v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-28531|Desc=@FirewallAPI.dll,-28534|EmbedCtxt=@FirewallAPI.dll,-28502|????? ????????????????????????????????????????????s00c??? ?????????????????????0??L????????? ??????EF5??? ??????????????????TEREDO.ndi??????? ???????????????????&???????i???????????????????S??{8ECC055D-047F-11D1-A537-0000F8753ED1}???h???????h?
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Bind ????????-4??? ????????????????????????"?????X???e???????????????????????????????????????????????????????? ???????T?????????????,????????Z? ?W????????????????????????????????????????????}??\\?\HID#VID_062A&PID_6301&Col01#7&1ce6928&0&0000#{378de44c-56ef-11d1-bc8c-00a0c91405dd}???????\??????????????t???????????f??????so??????????????????????????????????????????? ???????????????????@?,????????z?????#"?"???????????6??sE??? ???????????????????u?0????????????????????????????? ???????U???????????@?,????????$???<???????????????????????????????p6???????????????:??????????????????????? ????????????????????????$???6?????????????????????\\?\HDAUDIO#FUNC_01&VEN_8086&DEV_2804&SUBSYS_80860101&REV_1000#4&299738fc&0&0301#{65e8773d-8f56-11d0-a3b9-00a0c9223196}\IntcDAudWaveOut_0???PnPMonitor.Install?2?3??????WpdFs???????? ???????Z?????????????0????????????&???????????????????????? ?????????????????????0????????????&???????????????????????WUDFCoInstaller.dll??}??????????? ??????????????????? ???????U?????????????,????????$???<??
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Route ????????????????????????????????????nettun.inf?UNN??? ??????????????????????????????`????????e??? P??????E?????B78??{3BE24A16-0A5A-43E0-B11D-6A311787D32F}??8C????*??????c????d8E9??TCPIP6TUNNEL?Tcpip6??0????`??????e???e??\Device\{3BE24A16-0A5A-43E0-B11D-6A311787D32F}??2C???????????4??????70??????????????????????????? ???????????????????????????????????????f????????????????-4F7????N??????3?????DE}??{00000000-0000-0000-FFFF-FFFFFFFFFFFF}?BD8??? ???????0?????????????,????????$???<???????????????????????????????3A??? ?????????????????????,????????z?????#B5-??????#?????$??????5???????}??Root\*6TO4MP\0013?????z??????6??????A9??\\?\Root#*6TO4MP#0013#{cac88484-7515-4c03-82e6-71a87abac361}?{????????$??????A???????-??????6-21-2006???????????????????????????????????????????pi??? ?????????????????????????????? ????????v??????v2.10|Action=Block|Active=TRUE|Dir=In|App=%ProgramFiles%\Windows Live\Mesh\wlcrasvc.exe|Svc=wlcrasvc|Name=Inbound service restriction rule for wlcrasvc|Desc=Block all inbound traffic to service wlcra
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export ????????????????????????????????????????????????LegacyDriver?0??????????????????????? ???????z?????h????????????????????????????? ???????~???????????+?????????? ?????????????????*??????N?????pip??????????????6to4mp.ndi????????N??????}?????Dce???s??? ???????????????????u???????????? ?????????? ???????????????????u??????????????????Sr??? ???????????????????u??????????????????????? ???????????????????w??????????????????Si??? ???????????????????y?????????????? ????????~???????????????5??????? ?????????????n?????n????????$????????????rr????????????~???????????$???~????????????????????????????N??????5????D?e????????????y??????????????ISATAP.ndi???p??? f??????????????????????????????????????????????????~??? ???????,?????~?????~????????????0?????????????????????????????????? ???????~???????????~??????????N????????????????~?????????????????????????????????????????s?????????~???????&??LegacyDriver??????N??~???????????~??{8ECC055D-047F-11D1-A537-0000F8753ED1}??????? (??~??????????????McAfee Inc. mfeavfk??????~?~?~?~?~?
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Bind ?????p???_?e?????????????????:???????????6???????h????z??A??????????????????????????DXGKrnl???????$??????9???????5???????,??????sC??????????????????Base?????e?e????????aux?????? ???1???x????? En????V???????????c?????????????????????Microsoft????_?`????\\?\USB#VID_05AC&PID_1261#000A2700137E22AC#{a5dcbf10-6530-11d2-901f-00c04fb951ed}???Root\*6TO4MP\0012????e?e?????@?@?@???????@??????????-B??????????????? ????????????????????????????$?????????????????????????????????????? ?????????????????????,???????????????P?????????<???????????????????<???????????????<???????????????<???????????????<???????????????<???????????????????????????????<??????????? ?????????????<???????;????????????????D?????T????????R????????? ?????????????????????;????????????????????????? ?????????????????????;??????????????????e?????? ????????????????????????"?????????????????? ???????????????????<???????????????????????r???????? ??????????????? ????i???????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Route ???l?l???s?s?s???????????l???s??eF???????????l???m?????l????? ???????l?????l???????0????????????????????? ???????l???????????h?0?????????????????????m?m?m?m?m?m???????????????????????????????M?????{?y???????l????? ???????l?????l???????0????????????????????C:\Windows\SysWOW64??????{?y????? ???????l???????????h?0?????????????????????????????B??t????????m??Microsoft??????l????? ???????l?????l???????0????????????????????? ???????l???????????i?0??????????????????????????????????????????????????E????????????????F?????m?????l????? ???????l?????l???????0????????????????????? ???????l???????????i?0?????????????????????????????????????m?m?l?l?l?l?????????????????????l?????l????? ???????l?????l???????0???????????????????????l???l???l???l???l???l???l???l???l????????????? ???????l???????????i?0?????????????????????|?y???????l????? ???????l?????l???????0????????????????????? ???????l???????????i?0?????????????????????????????????????l?l?l?l?l?l???????????????????????????????l????? ???????j?????l??????????????????y??????U?
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export ???m? ???????n???u?????m????? ???????m?????m???????0????????????????????Intel AHCI Controller????~?~????? ???????m???????????i?0????????????????????Ice-Rice-PC??e???????????????????n?????m????? ???????m?????m???????0????????????????????? ???????m???????????i?0?????????????????????????m???????????????????????????m??????p??????????????????m????? ???????m?????m???????0????????????????????? ???????m???????????i?0??????????????????????????????????E????????????????F???????????????????????m????? ???????m?????m???????0???????????????????????m???m???m???m???m???m???m???m???m????????????? ???????m???????????i?0????????@???????????? ???????l???????????l??????????(??????????????m????? ???????m?????m???????0????????????????????? ???????m???????????j?0???????????????????????????????????????????????M???????????????m????? ???????j?????m??????????????????|?????S-??? ???????m?????m?? ???????"???*?????????Co???????????????????????m??????????Microsoft????m?m?????????????????????????????????????m?m? ??\SystemRoot\system32\driver
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Bind ???e????????De???????????f??ea??ROOT\RDP_MOU????????(0??4&123d8df6&0????????(0???????????????????????????????????????????e?????????????????f?????e??(0???$???e???????????????????????????????????????????????????_???????????????s??????(0???????e??????????? ??????????????H????????z???????????1?????s?m??????????????????USBSTOR?????? ???<??? ???????e??????????????????cdrom.inf????g?g??????P??n?????????e?????e?e?e?f?h?h?h????????????????????F??f???}??????oem14.inf????f??????????????????$???4????? ??????? ????t?????????? ????????????????????????????????????????? ???????????$???4????? ??????? ????t?????????? ????????????????????????????????????????? ????????$H??f????????????????????????????0?<?????????????????????????????????????h??????n?gl(????X?????????????????????????????????? P??f??????????????{00000000-0000-0000-ffff-ffffffffffff}????????????????????????????????????????????????????X??????????????????????????0???????8???A???e?????????????????s?????????d?????????????????????????????n?????????????????f??????? ?????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Route ???m?o???????????p???v???????u?????m????? ???????m?????m???????0????????????&??????????????????????????m???m????? ???????m?????m???????0????????????????????? ???????m???????????j?0???????????????????????????????????????????????g???????????????g???????m????? ???????m?????m???????0????????????????????Microsoft???? ???????m???????????j?0??????????????????????T??m?????????????????????????????????????????????????m????? ???????m?????m???????0?????????????????????????m??????????t???? ???????m???????????j?0????????T?????????????T??m???????????m?m?m???????????????????????????????????????????m?m???????????m????? ???????m?????m???????0????????????????????? ???????m???????????j?0????????????????????System32\Drivers\ksecdd.sys??????????m???0?????????????????m????? ???????m?????m???????0??????????????????????`??n?????????e????????????????? ???????m???????????j?0????????????????????????????????t???????????????t???t??????m????? ???????m?????m???????0????????????????????? ???????m???????????j?0????????????????????? ???????n?
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export ???m???????m?????_?l?w?m?x?z?x???n??????????????????4???? ?????????????m???????0????????????????????????os??t???? ???m???a??????????????????????ec???R???m???2??????????????????????????????????????????Mc???????n??????s??????????????????????????????????????????????m???m?????j?m?????????m???????????????????????m??????????ksfilter.inf?????m?m?????m???????????????????m??Extended base????@?@?@??????????v.????<??n???????????????2??????ei???|?y????????????????????????? ???????m???????????????????????????????f??? ???????m?????m???????0??L????????? ??????2????? ???????m?????m???????0????????????&???????????????????????? ???????m?????m???????0????????????????????? ???????m???????????i?0????????????????????ksfilter.inf:Microsoft.NTamd64:MSTEE:6.1.7600.16385:sw\{cfd669f1-9bc2-11d0-8299-0000f822fe8a}??????????m????? ???????m?????m???????0????????????????????.NTAMD64?d??? ???????m???????????j?0?????????????????????????????????????????m??????????MSTEE??????m????? ???????m?????m???????0???????????????????????m???m???m???????
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts@C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cake Mania I, II & III\ Cake Mania II\\x00a0Cake Mania 2.lnk 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts@C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cake Mania I, II & III\ Cake Mania II\\x00a0Cake Mania 2.lnk 1

---- EOF - GMER 1.0.15 ----




THATS IT!

Note: Love your quote. "But you, be sober in all things, endure hardship, do the work of an evangelist, fulfill your ministry."
You got a brother here.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:29 AM

Posted 05 September 2011 - 02:14 PM

Hello, thanks brother it is important ,so I post it in the Sig.
How is your internet connectipn?

The ci.dll is pary of the app,Alcohol 120%
Try removing that app.

Please run these next and see how it is after.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.5.9.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.



Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the [COLOR=blue]SUPERAntiSpyware Portable Scanner
instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 isaacm

isaacm
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:29 AM

Posted 06 September 2011 - 01:26 AM

My internet connection has been fine as far as I know. (besides my browser being redirected of course)
Why do you ask?

That's quite odd that "ci.dll" is an alcohol 120% file.
Windows uninstaller, my registry, and revo uninstaller, have no trace of alcohol to remove.

Good news though... after superantispyware completed and i reboot my computer, it loaded windows fine.
Here's the logs you requested.

I do have a question though... if this indeed fixed it...
what programs should I keep that you had me download,
and what programs do you suggest i keep/download to maintain my system?

I'm going to go ahead and shut down/startup my sys a couple times to reassure myself that this worked.



Generated 09/05/2011 at 11:00 PM

Application Version : 5.0.1118

Core Rules Database Version : 7645
Trace Rules Database Version: 5457

Scan type : Complete Scan
Total Scan Time : 02:58:12

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 627
Memory threats detected : 0
Registry items scanned : 72979
Registry threats detected : 0
File items scanned : 319942
File threats detected : 347

Adware.Tracking Cookie
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\DD99SBY7.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\3DQKDABJ.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\MC1YY0UB.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\BVDAIW3S.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\PDR6REKO.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\DS0LPQQ4.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\90VM522A.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\YKTI5CDB.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\3N61EDHP.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\V7PRWTVR.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\0H2PI6OB.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\60ESA9W9.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\93IFS6VP.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\5DZ091BA.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\VQ1S7REC.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\ZCIBR6KL.txt
C:\Users\Ice-Rice\AppData\Roaming\Microsoft\Windows\Cookies\QE3A9DIK.txt
.doubleclick.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediabrandsww.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstnet.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.subaruofamerica.112.2o7.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserving.autotrader.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.anrtx.tacoda.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.r1-ads.ace.advertising.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.carfax.112.2o7.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
traffic.prod.cobaltgroup.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.247realmedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.content.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.247realmedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media2.legacy.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kaspersky.122.2o7.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dmtracker.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.cracked.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.cracked.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.content.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.indieclick.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
optimize.indieclick.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
network.realmedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getclicky.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.static.getclicky.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\ICE-RICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
s0.2mdn.net [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\9MV84XLJ ]
sftrack.searchforce.net [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\9MV84XLJ ]
.realmedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.r1-ads.ace.advertising.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.chimeraadvertising.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.andomedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.mediabrandsww.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.game-advertising-online.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.googleads.g.doubleclick.net [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\ICE-RICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W604Q6IP.DEFAULT\COOKIES.SQLITE ]
ad.insightexpressai.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FJ8HLUQ3 ]
content.oddcast.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FJ8HLUQ3 ]
convoad.technoratimedia.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FJ8HLUQ3 ]
media.scanscout.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FJ8HLUQ3 ]
media1.break.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FJ8HLUQ3 ]
objects.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FJ8HLUQ3 ]
origin-media.scanscout.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FJ8HLUQ3 ]
secure-us.imrworldwide.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FJ8HLUQ3 ]
sftrack.searchforce.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FJ8HLUQ3 ]

Trojan.Dropper/Win-NV
C:\WINDOWS\SYSWOW64\FASTUSERSWITCHINGCOMPATIBILITYEX.DLL






SUPERAntiSpyware Scan Log
http://www.superantispyware.com
2011/09/05 19:49:59.0550 0192 TDSS rootkit removing tool 2.5.18.0 Sep 5 2011 09:53:09
2011/09/05 19:50:00.0030 0192 ================================================================================
2011/09/05 19:50:00.0031 0192 SystemInfo:
2011/09/05 19:50:00.0031 0192
2011/09/05 19:50:00.0031 0192 OS Version: 6.1.7601 ServicePack: 1.0
2011/09/05 19:50:00.0031 0192 Product type: Workstation
2011/09/05 19:50:00.0031 0192 ComputerName: ICE-RICE-PC
2011/09/05 19:50:00.0031 0192 UserName: Ice-Rice
2011/09/05 19:50:00.0031 0192 Windows directory: C:\Windows
2011/09/05 19:50:00.0031 0192 System windows directory: C:\Windows
2011/09/05 19:50:00.0031 0192 Running under WOW64
2011/09/05 19:50:00.0031 0192 Processor architecture: Intel x64
2011/09/05 19:50:00.0031 0192 Number of processors: 4
2011/09/05 19:50:00.0031 0192 Page size: 0x1000
2011/09/05 19:50:00.0031 0192 Boot type: Normal boot
2011/09/05 19:50:00.0031 0192 ================================================================================
2011/09/05 19:50:01.0500 0192 Initialize success
2011/09/05 19:50:23.0618 4352 ================================================================================
2011/09/05 19:50:23.0618 4352 Scan started
2011/09/05 19:50:23.0618 4352 Mode: Manual;
2011/09/05 19:50:23.0618 4352 ================================================================================
2011/09/05 19:50:24.0621 4352 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/09/05 19:50:24.0733 4352 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/09/05 19:50:24.0864 4352 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/09/05 19:50:24.0948 4352 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/09/05 19:50:25.0095 4352 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/09/05 19:50:25.0247 4352 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/09/05 19:50:25.0333 4352 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
2011/09/05 19:50:25.0560 4352 AgereSoftModem (a6ab6f0ace87da76b4c401813d18be95) C:\Windows\system32\DRIVERS\agrsm64.sys
2011/09/05 19:50:25.0720 4352 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/09/05 19:50:25.0817 4352 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/09/05 19:50:25.0915 4352 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/09/05 19:50:25.0965 4352 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/09/05 19:50:26.0086 4352 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/09/05 19:50:26.0226 4352 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/09/05 19:50:26.0328 4352 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/09/05 19:50:26.0412 4352 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/09/05 19:50:26.0600 4352 ApfiltrService (9815014f3e30357168da272088c6f12f) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/09/05 19:50:26.0782 4352 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/09/05 19:50:26.0892 4352 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/09/05 19:50:27.0018 4352 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/09/05 19:50:27.0129 4352 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/05 19:50:27.0499 4352 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/09/05 19:50:27.0589 4352 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys
2011/09/05 19:50:27.0773 4352 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys
2011/09/05 19:50:27.0923 4352 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
2011/09/05 19:50:27.0979 4352 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
2011/09/05 19:50:27.0996 4352 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
2011/09/05 19:50:28.0190 4352 Avgldx64 (dadfccfb036da99fa83e7e1d29290a6c) C:\Windows\system32\DRIVERS\avgldx64.sys
2011/09/05 19:50:28.0414 4352 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
2011/09/05 19:50:28.0603 4352 Avgrkx64 (5a7aa579d4fa072fb9715f8d83eb1f00) C:\Windows\system32\DRIVERS\avgrkx64.sys
2011/09/05 19:50:28.0679 4352 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
2011/09/05 19:50:28.0844 4352 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/09/05 19:50:28.0968 4352 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/09/05 19:50:29.0104 4352 bcm (2bc216938a30981473ffedb251196095) C:\Windows\system32\DRIVERS\drxvi314_64.sys
2011/09/05 19:50:29.0265 4352 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
2011/09/05 19:50:29.0404 4352 bcmbusctr (d127a82e01d64b6dd6a838db710ccea9) C:\Windows\system32\DRIVERS\BcmBusCtr_64.sys
2011/09/05 19:50:29.0525 4352 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/09/05 19:50:29.0673 4352 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/09/05 19:50:29.0836 4352 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/05 19:50:29.0906 4352 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/09/05 19:50:29.0985 4352 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/09/05 19:50:30.0084 4352 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/09/05 19:50:30.0211 4352 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/09/05 19:50:30.0259 4352 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/09/05 19:50:30.0354 4352 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/09/05 19:50:30.0386 4352 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/09/05 19:50:30.0520 4352 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/05 19:50:30.0602 4352 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/05 19:50:30.0726 4352 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/09/05 19:50:30.0785 4352 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/09/05 19:50:30.0932 4352 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/05 19:50:30.0986 4352 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/09/05 19:50:31.0105 4352 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/09/05 19:50:31.0271 4352 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/05 19:50:31.0333 4352 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/09/05 19:50:31.0470 4352 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/09/05 19:50:31.0615 4352 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
2011/09/05 19:50:31.0704 4352 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/09/05 19:50:31.0817 4352 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/09/05 19:50:31.0957 4352 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/09/05 19:50:32.0118 4352 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/09/05 19:50:32.0314 4352 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/05 19:50:32.0468 4352 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/09/05 19:50:32.0676 4352 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
2011/09/05 19:50:32.0748 4352 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/09/05 19:50:32.0882 4352 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/09/05 19:50:32.0948 4352 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/09/05 19:50:33.0060 4352 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/09/05 19:50:33.0227 4352 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/05 19:50:33.0268 4352 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/09/05 19:50:33.0372 4352 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/09/05 19:50:33.0410 4352 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/05 19:50:33.0521 4352 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/09/05 19:50:33.0569 4352 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/09/05 19:50:33.0736 4352 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/09/05 19:50:33.0797 4352 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/05 19:50:33.0920 4352 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/09/05 19:50:33.0994 4352 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/09/05 19:50:34.0132 4352 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/09/05 19:50:34.0339 4352 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/09/05 19:50:34.0429 4352 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/09/05 19:50:34.0576 4352 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/09/05 19:50:34.0644 4352 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/09/05 19:50:34.0744 4352 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/09/05 19:50:34.0767 4352 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/09/05 19:50:34.0791 4352 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/09/05 19:50:34.0926 4352 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/05 19:50:35.0000 4352 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/09/05 19:50:35.0071 4352 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/09/05 19:50:35.0203 4352 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/09/05 19:50:35.0352 4352 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/09/05 19:50:35.0414 4352 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
2011/09/05 19:50:35.0560 4352 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/09/05 19:50:36.0693 4352 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/09/05 19:50:37.0733 4352 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/09/05 19:50:37.0848 4352 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
2011/09/05 19:50:38.0017 4352 IntcAzAudAddService (42943bb3ab7a405b30eff7c8283cc129) C:\Windows\system32\drivers\RTKVHD64.sys
2011/09/05 19:50:38.0237 4352 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys
2011/09/05 19:50:38.0373 4352 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/09/05 19:50:38.0431 4352 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/05 19:50:38.0590 4352 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/05 19:50:38.0664 4352 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/09/05 19:50:38.0712 4352 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/09/05 19:50:38.0871 4352 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/09/05 19:50:38.0943 4352 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/09/05 19:50:39.0059 4352 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/09/05 19:50:39.0165 4352 k57nd60a (d85f3f18e44f7447b5f1ba5c85baeb7c) C:\Windows\system32\DRIVERS\k57nd60a.sys
2011/09/05 19:50:39.0299 4352 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/05 19:50:39.0358 4352 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/05 19:50:39.0451 4352 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/05 19:50:39.0546 4352 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/09/05 19:50:39.0602 4352 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/09/05 19:50:39.0722 4352 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys
2011/09/05 19:50:39.0795 4352 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/05 19:50:39.0955 4352 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/09/05 19:50:40.0017 4352 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/09/05 19:50:40.0165 4352 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/09/05 19:50:40.0237 4352 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/09/05 19:50:40.0345 4352 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/09/05 19:50:40.0526 4352 MBAMProtector (9c4fb231b6e02f84580de2f00f3c5293) C:\Windows\system32\drivers\mbam.sys
2011/09/05 19:50:40.0691 4352 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/09/05 19:50:40.0730 4352 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/09/05 19:50:40.0850 4352 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/09/05 19:50:40.0897 4352 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/05 19:50:41.0057 4352 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/05 19:50:41.0131 4352 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/05 19:50:41.0265 4352 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/09/05 19:50:41.0444 4352 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/09/05 19:50:41.0513 4352 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/09/05 19:50:41.0578 4352 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/09/05 19:50:41.0704 4352 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/05 19:50:41.0764 4352 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/09/05 19:50:41.0888 4352 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/05 19:50:41.0949 4352 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/05 19:50:42.0116 4352 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/05 19:50:42.0199 4352 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/09/05 19:50:42.0321 4352 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/09/05 19:50:42.0395 4352 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/09/05 19:50:42.0537 4352 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/09/05 19:50:42.0600 4352 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/09/05 19:50:42.0751 4352 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/05 19:50:42.0925 4352 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/05 19:50:42.0939 4352 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/09/05 19:50:42.0999 4352 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/09/05 19:50:43.0161 4352 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/09/05 19:50:43.0308 4352 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/09/05 19:50:43.0363 4352 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/09/05 19:50:43.0405 4352 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/09/05 19:50:43.0549 4352 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/05 19:50:43.0765 4352 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/09/05 19:50:43.0903 4352 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/09/05 19:50:44.0012 4352 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/05 19:50:44.0179 4352 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/05 19:50:44.0254 4352 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/05 19:50:44.0416 4352 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/09/05 19:50:44.0664 4352 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/05 19:50:44.0754 4352 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/05 19:50:44.0874 4352 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/09/05 19:50:45.0018 4352 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/09/05 19:50:45.0111 4352 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/09/05 19:50:45.0320 4352 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/05 19:50:45.0452 4352 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/09/05 19:50:45.0606 4352 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
2011/09/05 19:50:45.0712 4352 NuidFltr (317020d31f1696334679b9d0416eb62e) C:\Windows\system32\DRIVERS\NuidFltr.sys
2011/09/05 19:50:45.0809 4352 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/09/05 19:50:45.0898 4352 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/09/05 19:50:46.0176 4352 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/09/05 19:50:46.0303 4352 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/09/05 19:50:46.0415 4352 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/09/05 19:50:46.0485 4352 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/09/05 19:50:46.0547 4352 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/09/05 19:50:46.0662 4352 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/09/05 19:50:46.0738 4352 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/09/05 19:50:46.0784 4352 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/09/05 19:50:46.0912 4352 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
2011/09/05 19:50:46.0994 4352 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/09/05 19:50:47.0071 4352 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/09/05 19:50:47.0314 4352 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
2011/09/05 19:50:47.0375 4352 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/05 19:50:47.0414 4352 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/09/05 19:50:47.0547 4352 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/05 19:50:47.0694 4352 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/09/05 19:50:47.0837 4352 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/09/05 19:50:47.0869 4352 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/05 19:50:48.0015 4352 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/05 19:50:48.0069 4352 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/09/05 19:50:48.0207 4352 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/05 19:50:48.0355 4352 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/05 19:50:48.0417 4352 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/05 19:50:48.0532 4352 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/05 19:50:48.0606 4352 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/09/05 19:50:48.0745 4352 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/05 19:50:48.0811 4352 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/05 19:50:48.0839 4352 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/09/05 19:50:48.0923 4352 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/09/05 19:50:48.0985 4352 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/09/05 19:50:49.0202 4352 RsFx0103 (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys
2011/09/05 19:50:49.0334 4352 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/05 19:50:49.0435 4352 RTL8187B (98eb56776f2e3f5ec9b4eaba63a60687) C:\Windows\system32\DRIVERS\rtl8187B.sys
2011/09/05 19:50:49.0562 4352 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/09/05 19:50:49.0650 4352 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/09/05 19:50:49.0759 4352 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/09/05 19:50:49.0830 4352 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/09/05 19:50:50.0033 4352 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/09/05 19:50:50.0200 4352 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/09/05 19:50:50.0308 4352 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/09/05 19:50:50.0352 4352 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/05 19:50:50.0459 4352 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/05 19:50:50.0528 4352 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/09/05 19:50:50.0646 4352 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/09/05 19:50:50.0718 4352 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/09/05 19:50:50.0852 4352 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/09/05 19:50:51.0004 4352 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/09/05 19:50:51.0167 4352 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
2011/09/05 19:50:51.0297 4352 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/05 19:50:51.0363 4352 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/05 19:50:51.0510 4352 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/09/05 19:50:51.0602 4352 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/09/05 19:50:51.0791 4352 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
2011/09/05 19:50:51.0947 4352 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/05 19:50:52.0071 4352 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/05 19:50:52.0134 4352 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/09/05 19:50:52.0264 4352 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/09/05 19:50:52.0334 4352 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/05 19:50:52.0523 4352 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/09/05 19:50:52.0652 4352 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/05 19:50:52.0877 4352 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/09/05 19:50:52.0969 4352 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/05 19:50:53.0094 4352 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
2011/09/05 19:50:53.0243 4352 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/09/05 19:50:53.0372 4352 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
2011/09/05 19:50:53.0468 4352 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/05 19:50:53.0622 4352 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/05 19:50:53.0752 4352 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/09/05 19:50:53.0810 4352 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/09/05 19:50:53.0925 4352 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
2011/09/05 19:50:54.0275 4352 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
2011/09/05 19:50:54.0381 4352 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/05 19:50:54.0430 4352 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/09/05 19:50:54.0559 4352 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
2011/09/05 19:50:54.0665 4352 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/05 19:50:54.0783 4352 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
2011/09/05 19:50:54.0853 4352 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/05 19:50:54.0937 4352 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
2011/09/05 19:50:55.0101 4352 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
2011/09/05 19:50:55.0248 4352 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
2011/09/05 19:50:55.0397 4352 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
2011/09/05 19:50:55.0508 4352 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
2011/09/05 19:50:55.0727 4352 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/09/05 19:50:55.0809 4352 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/05 19:50:55.0861 4352 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/09/05 19:50:55.0937 4352 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/09/05 19:50:56.0072 4352 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/09/05 19:50:56.0151 4352 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/09/05 19:50:56.0286 4352 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/09/05 19:50:56.0352 4352 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/09/05 19:50:56.0482 4352 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/09/05 19:50:56.0528 4352 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/09/05 19:50:56.0579 4352 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/09/05 19:50:56.0863 4352 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/09/05 19:50:56.0934 4352 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/09/05 19:50:57.0045 4352 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/05 19:50:57.0058 4352 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/05 19:50:57.0252 4352 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/09/05 19:50:57.0302 4352 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/05 19:50:57.0520 4352 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/09/05 19:50:57.0554 4352 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/09/05 19:50:57.0788 4352 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/09/05 19:50:57.0904 4352 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/09/05 19:50:58.0113 4352 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/05 19:50:58.0516 4352 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/09/05 19:50:58.0652 4352 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/05 19:50:58.0784 4352 MBR (0x1B8) (04d4350ae5fb6fc2ad3e7c26b1323c68) \Device\Harddisk0\DR0
2011/09/05 19:50:58.0791 4352 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/09/05 19:50:58.0803 4352 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
2011/09/05 19:50:58.0828 4352 Boot (0x1200) (44b94d883d36f372efadd15811234bdf) \Device\Harddisk0\DR0\Partition0
2011/09/05 19:50:58.0853 4352 Boot (0x1200) (759788701ed8eada21d063ca1cd1e619) \Device\Harddisk0\DR0\Partition1
2011/09/05 19:50:58.0893 4352 Boot (0x1200) (1f34c2341cabd4cffa44a46e895e9f73) \Device\Harddisk0\DR0\Partition2
2011/09/05 19:50:58.0905 4352 Boot (0x1200) (03b6f9994f7b5444927b7498b7cfc076) \Device\Harddisk1\DR1\Partition0
2011/09/05 19:50:58.0916 4352 ================================================================================
2011/09/05 19:50:58.0916 4352 Scan finished
2011/09/05 19:50:58.0917 4352 ================================================================================
2011/09/05 19:50:58.0934 3080 Detected object count: 1
2011/09/05 19:50:58.0934 3080 Actual detected object count: 1
2011/09/05 19:51:10.0376 3080 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/09/05 19:51:10.0377 3080 \Device\Harddisk0\DR0 - ok
2011/09/05 19:51:10.0378 3080 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure
2011/09/05 19:52:13.0695 1088 Deinitialize success

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:29 AM

Posted 06 September 2011 - 10:48 AM

OK that was a good find in the last scan. You should change your passwaords as that is what it was looking for.

These need to go.


Java™ 6 Update 21 (64-bit) (Version: 6.0.210)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 7 (64-bit) (Version: 7.0.0)

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7-windows-i586.exe to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

MBAM and SAS are the best antimalware/on demand scanners and won't effect your AV Tool.


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 isaacm

isaacm
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:29 AM

Posted 07 September 2011 - 07:56 AM

C:\Users\Ice-Rice\AppData\Local\Temp\ICReinstall\cnet_ALFTP_exe.exe a variant of Win32/InstallCore.C application cleaned by deleting - quarantined
C:\Users\Ice-Rice\AppData\Local\Temp\ICReinstall\cnet_freelaunchbar_zip.exe a variant of Win32/InstallCore.C application cleaned by deleting - quarantined

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:29 AM

Posted 07 September 2011 - 11:14 AM

You need to remove these as outdated apps are subject to exploitation amd infection.

Java™ 6 Update 21 (64-bit) (Version: 6.0.210)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 26 (Version: 6.0.260)
Reboot

How is it now?

Edited by boopme, 07 September 2011 - 11:15 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 isaacm

isaacm
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:29 AM

Posted 07 September 2011 - 07:53 PM

I was able to delete both:

Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 26 (Version: 6.0.260)

But I was unable to delete:

Java™ 6 Update 21 (64-bit) (Version: 6.0.210)

When I attempted to uninstall it popped this message.

Posted Image

Also... I'm having trouble with "Windows updates".
Should I post that prob in a another thread?

Besides the Windows Update and Uninstall problem, my pc is great! All back to normal!
Thanks man you've been more than awesome, i appreciate everything!

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:29 AM

Posted 07 September 2011 - 09:02 PM

Hello,The primary focus in getting rid of the 1723 error is to first find out whether it is a Java or Windows Installer error and then proceed

please look at this Java Error 1723
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 isaacm

isaacm
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:29 AM

Posted 08 September 2011 - 01:29 AM

Sweetness, JavaRA fixed my "Outdated uninstall problem."

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Wed Sep 07 22:46:44 2011

Found and removed: Applications\java.exe

Found and removed: Applications\javaw.exe

Found and removed: SOFTWARE\Classes\JavaPlugin

Found and removed: SOFTWARE\Classes\JavaPlugin.160_21

------------------------------------

Finished reporting.

So error 1723 is null and void.


Still having a Windows Update issue though.

Posted Image

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:29 AM

Posted 08 September 2011 - 03:00 PM

Nice!! Lets see if we can do it twice.


Please download and install FixWindowsUpdate

After the program is installed, launch it using the desktop shortcut.

Click Phase 1, then Phase 2. Phase 2 will take some time to run.

Once Phase 2 is complete, click Start BITS.

Exit the program and reboot the computer.

Do updates work now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 isaacm

isaacm
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:29 AM

Posted 09 September 2011 - 12:54 AM

Did what you instructed...

Now it results in:

Posted Image

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:29 AM

Posted 09 September 2011 - 07:52 PM

The malware has done some serious damage here.
We may have to re install if this doesn't work.

Reboot into Safe Mode with Networking
How to start Windows 7 in Safe Mode

http://fixmyerror.pcdriversheadqu.revenuewire.net/driver-detect/download?Code C0000005'>updates the drivers
Code Fix

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 isaacm

isaacm
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:29 AM

Posted 09 September 2011 - 09:47 PM

Both of these bits of software require purchase of registration. That's a no can do.
Are there any open-source alternatives?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users