Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Access Rectricted" - Website says I'm infected with a virus


  • Please log in to reply
19 replies to this topic

#1 The Jolly Dummkopf

The Jolly Dummkopf

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 09 May 2012 - 10:42 PM

I was on a video game news site and I clicked on the link to the website an article was mentioning. The webpage told me my computer is infected with a virus. I knew I had the "MyWebSearch" malware from before so I thought maybe that was the issue. So I downloaded Malwarebytes and ran it (everything it detected was related to MyWebSearch) and it got rid of it. But I still get the same message when I go to that webpage. My computer doesn't seem to be running abnormally and based on the replies to that article I seem to be the only one getting this page. I know I can't exactly trust what a webpage tells me though this doesn't appear to be rouge-ish, if that counts for anything... Has anyone else seen this before? (The webpage is www. fifthindependent.com/multimedia/programs/mega-man-revolution/)

(I'm running Windows XP SP3 and was using Firefox 12.0 at the time.)

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:36 PM

Posted 09 May 2012 - 10:53 PM

Please post the malwarebytes log.

Hello,

And welcome to BleepingComputer.com, before we can assist you with your question of: Am I infected? You will need to perform the following tasks and post the logs of each if you can. If you have performed any of the scans below post the logs for those scans, and then perform the ones you have not done.

Please download and run Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

SUPERAntiSpyware:

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are unchecked (leave all others checked):
    • Ignore files larger then 4mb
    • Ignore non-executable files

    Now Perform the scan with SUPERAntiSpyware as follows:
    • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes" and reboot normally.
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.[list]
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

SAS Portable
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.

#3 The Jolly Dummkopf

The Jolly Dummkopf
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 14 May 2012 - 09:14 PM

Sorry it's taking me a while... haven't done the GMER scan yet.

MBAM Scan:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.09.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: USER-8932AB8B39 [administrator]

5/9/2012 7:30:15 PM
mbam-log-2012-05-09 (19-30-15).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 196397
Time elapsed: 5 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 13
HKLM\SYSTEM\CurrentControlSet\Services\MapsGalaxy_39Service (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{1e91a655-bb4b-4693-a05e-2edebc4c9d89} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{26842A09-FFA8-4E2C-AE12-0C80F01C3295} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{26842A09-FFA8-4E2C-AE12-0C80F01C3295} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{71C1D63A-C944-428A-A5BD-BA513190E5D2} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy_39 Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{26842A09-FFA8-4E2C-AE12-0C80F01C3295} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 6
C:\Program Files\MapsGalaxy_39\bar\1.bin\39brstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrchMn.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MapsGalaxy_39\bar\1.bin\39barsvc.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.

(end)

Security Check's checkup.txt:

Results of screen317's Security Check version 0.99.32
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
ESET Online Scanner v3
Microsoft Security Essentials
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

SpywareBlaster 4.6
Java™ 6 Update 31
Adobe Flash Player 11.2.202.235
Mozilla Firefox (12.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
``````````End of Log````````````

...And here's the SUPERAntiSpyware Log:


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/12/2012 at 09:34 AM

Application Version : 5.0.1148

Core Rules Database Version : 8590
Trace Rules Database Version: 6402

Scan type : Complete Scan
Total Scan Time : 00:59:58

Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 586
Memory threats detected : 0
Registry items scanned : 35438
Registry threats detected : 0
File items scanned : 55666
File threats detected : 162

Adware.Tracking Cookie
C:\Documents and Settings\Administrator\Cookies\0JF8FN81.txt [ /adserver.adtechus.com ]
C:\Documents and Settings\Administrator\Cookies\EJR7ODVH.txt [ /msnportal.112.2o7.net ]
C:\Documents and Settings\Administrator\Cookies\OQSAK1HV.txt [ /advertising.com ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
s05.flagcounter.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
s08.flagcounter.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
search.freefind.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
ie-stat.bmmetrix.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.media.phantom.ie [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.media.phantom.ie [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.c.gigcount.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
link.mercent.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.dealfind.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.dealfind.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.dealfind.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.dealfind.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.dealfind.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.dealfind.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.dealfind.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.dealfind.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
s06.flagcounter.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.crackberry.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.stats.slashgear.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.stats.slashgear.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.stats.slashgear.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
crackberry.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
www.qsstats.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
www.qsstats.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.clickbank.net [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.staradvertiser.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.obits.staradvertiser.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.obits.staradvertiser.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
s07.flagcounter.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.stats.complex.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.stats.complex.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjnycjajgco.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.legoclick.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.legoclick.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
8tracks.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.crackberry.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.crackberry.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.crackberry.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.crackberry.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.crackberry.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
forums.crackberry.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
www.matrixmultimedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.matrixmultimedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.matrixmultimedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.matrixmultimedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.w.matrixmultimedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.w.matrixmultimedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.matrixmultimedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.matrixmultimedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.matrixmultimedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.clickbank.net [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.rogersmedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
s08.flagcounter.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
us.sitestat.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
us.sitestat.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TVVKBL0E.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.matrixmultimedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.matrixmultimedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.matrixmultimedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

Adware.InstallCore
C:\PROGRAM FILES\PDFREADER\UNINSTALL\UNINSTALL.EXE
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\START MENU\PROGRAMS\PDF READER\UNINSTALL PDF READER.LNK

PUP.FunWeb
C:\PROGRAM FILES\MAPSGALAXY_39\BAR\1.BIN\T8RES.DLL

Trojan.Agent/Gen-Nullo[Short]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{518A5ED0-85C4-4931-869A-36311B56BA8B}\RP886\A0073726.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{518A5ED0-85C4-4931-869A-36311B56BA8B}\RP886\A0073727.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{518A5ED0-85C4-4931-869A-36311B56BA8B}\RP886\A0073733.EXE

#4 The Jolly Dummkopf

The Jolly Dummkopf
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 31 May 2012 - 06:00 PM

...Finally got the GMER scan done.

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-05-31 15:26:24
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-6 WDC_WD3200AAJS-00YZCA0 rev.01.03B01
Running: 3pc595yr.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\fgadrkog.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xA8850640]

---- User code sections - GMER 1.0.15 ----

.text C:\program files\real\realplayer\update\realsched.exe[596] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}

---- EOF - GMER 1.0.15 ----

#5 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:36 PM

Posted 31 May 2012 - 06:37 PM

Please download and run TDSS Killer and if it prompts you to fix anything PLEASE DO NOT FIX ANYTHING. Post the resulting log contents from the TDDS Log file located in C:\

#6 The Jolly Dummkopf

The Jolly Dummkopf
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 31 May 2012 - 06:48 PM

16:44:38.0406 3560 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
16:44:39.0703 3560 ============================================================
16:44:39.0703 3560 Current date / time: 2012/05/31 16:44:39.0703
16:44:39.0703 3560 SystemInfo:
16:44:39.0703 3560
16:44:39.0703 3560 OS Version: 5.1.2600 ServicePack: 3.0
16:44:39.0703 3560 Product type: Workstation
16:44:39.0703 3560 ComputerName: USER-8932AB8B39
16:44:39.0703 3560 UserName: Administrator
16:44:39.0703 3560 Windows directory: C:\WINDOWS
16:44:39.0703 3560 System windows directory: C:\WINDOWS
16:44:39.0703 3560 Processor architecture: Intel x86
16:44:39.0703 3560 Number of processors: 1
16:44:39.0703 3560 Page size: 0x1000
16:44:39.0703 3560 Boot type: Normal boot
16:44:39.0703 3560 ============================================================
16:44:41.0453 3560 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:44:41.0531 3560 ============================================================
16:44:41.0531 3560 \Device\Harddisk0\DR0:
16:44:41.0531 3560 MBR partitions:
16:44:41.0531 3560 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
16:44:41.0531 3560 ============================================================
16:44:41.0593 3560 C: <-> \Device\Harddisk0\DR0\Partition0
16:44:41.0593 3560 ============================================================
16:44:41.0593 3560 Initialize success
16:44:41.0593 3560 ============================================================
16:44:50.0828 3860 ============================================================
16:44:50.0828 3860 Scan started
16:44:50.0828 3860 Mode: Manual;
16:44:50.0828 3860 ============================================================
16:44:51.0125 3860 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
16:44:51.0125 3860 !SASCORE - ok
16:44:51.0171 3860 Abiosdsk - ok
16:44:51.0187 3860 abp480n5 - ok
16:44:51.0234 3860 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:44:51.0234 3860 ACPI - ok
16:44:51.0265 3860 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
16:44:51.0265 3860 ACPIEC - ok
16:44:51.0343 3860 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:44:51.0343 3860 AdobeFlashPlayerUpdateSvc - ok
16:44:51.0359 3860 adpu160m - ok
16:44:51.0390 3860 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:44:51.0390 3860 aec - ok
16:44:51.0453 3860 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
16:44:51.0453 3860 AFD - ok
16:44:51.0453 3860 Aha154x - ok
16:44:51.0468 3860 aic78u2 - ok
16:44:51.0468 3860 aic78xx - ok
16:44:51.0515 3860 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
16:44:51.0515 3860 Alerter - ok
16:44:51.0531 3860 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
16:44:51.0531 3860 ALG - ok
16:44:51.0546 3860 AliIde - ok
16:44:51.0656 3860 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
16:44:51.0671 3860 Ambfilt - ok
16:44:51.0718 3860 amsint - ok
16:44:51.0828 3860 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:44:51.0828 3860 Apple Mobile Device - ok
16:44:51.0859 3860 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
16:44:51.0859 3860 AppMgmt - ok
16:44:51.0875 3860 asc - ok
16:44:51.0875 3860 asc3350p - ok
16:44:51.0875 3860 asc3550 - ok
16:44:51.0921 3860 aspnet_state (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
16:44:51.0921 3860 aspnet_state - ok
16:44:51.0953 3860 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:44:51.0953 3860 AsyncMac - ok
16:44:51.0968 3860 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:44:51.0968 3860 atapi - ok
16:44:51.0984 3860 Atdisk - ok
16:44:52.0015 3860 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:44:52.0015 3860 Atmarpc - ok
16:44:52.0046 3860 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
16:44:52.0062 3860 AudioSrv - ok
16:44:52.0093 3860 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:44:52.0093 3860 audstub - ok
16:44:52.0187 3860 BBSvc (2ed050291bc1d7f9e322e328db3aaecf) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
16:44:52.0187 3860 BBSvc - ok
16:44:52.0250 3860 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
16:44:52.0250 3860 BBUpdate - ok
16:44:52.0281 3860 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:44:52.0281 3860 Beep - ok
16:44:52.0328 3860 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
16:44:52.0328 3860 BITS - ok
16:44:52.0406 3860 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
16:44:52.0421 3860 Bonjour Service - ok
16:44:52.0437 3860 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
16:44:52.0437 3860 Browser - ok
16:44:52.0453 3860 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:44:52.0453 3860 cbidf2k - ok
16:44:52.0484 3860 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:44:52.0484 3860 CCDECODE - ok
16:44:52.0500 3860 cd20xrnt - ok
16:44:52.0515 3860 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:44:52.0515 3860 Cdaudio - ok
16:44:52.0531 3860 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:44:52.0546 3860 Cdfs - ok
16:44:52.0562 3860 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:44:52.0562 3860 Cdrom - ok
16:44:52.0562 3860 Changer - ok
16:44:52.0593 3860 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
16:44:52.0593 3860 CiSvc - ok
16:44:52.0609 3860 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
16:44:52.0609 3860 ClipSrv - ok
16:44:52.0687 3860 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:44:52.0687 3860 clr_optimization_v4.0.30319_32 - ok
16:44:52.0703 3860 CmdIde - ok
16:44:52.0703 3860 COMSysApp - ok
16:44:52.0718 3860 Cpqarray - ok
16:44:52.0750 3860 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
16:44:52.0750 3860 cpudrv - ok
16:44:52.0781 3860 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
16:44:52.0781 3860 CryptSvc - ok
16:44:52.0796 3860 dac2w2k - ok
16:44:52.0796 3860 dac960nt - ok
16:44:52.0859 3860 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
16:44:52.0859 3860 DcomLaunch - ok
16:44:52.0906 3860 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
16:44:52.0906 3860 Dhcp - ok
16:44:52.0953 3860 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:44:52.0953 3860 Disk - ok
16:44:52.0953 3860 dmadmin - ok
16:44:53.0015 3860 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
16:44:53.0015 3860 dmboot - ok
16:44:53.0046 3860 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
16:44:53.0046 3860 dmio - ok
16:44:53.0062 3860 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:44:53.0062 3860 dmload - ok
16:44:53.0093 3860 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
16:44:53.0093 3860 dmserver - ok
16:44:53.0109 3860 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:44:53.0109 3860 DMusic - ok
16:44:53.0156 3860 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
16:44:53.0156 3860 Dnscache - ok
16:44:53.0187 3860 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
16:44:53.0187 3860 Dot3svc - ok
16:44:53.0203 3860 dpti2o - ok
16:44:53.0218 3860 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:44:53.0218 3860 drmkaud - ok
16:44:53.0265 3860 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
16:44:53.0265 3860 EapHost - ok
16:44:53.0281 3860 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
16:44:53.0281 3860 ERSvc - ok
16:44:53.0328 3860 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
16:44:53.0328 3860 Eventlog - ok
16:44:53.0375 3860 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
16:44:53.0390 3860 EventSystem - ok
16:44:53.0421 3860 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:44:53.0437 3860 Fastfat - ok
16:44:53.0468 3860 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
16:44:53.0468 3860 FastUserSwitchingCompatibility - ok
16:44:53.0500 3860 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
16:44:53.0500 3860 Fdc - ok
16:44:53.0500 3860 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
16:44:53.0500 3860 Fips - ok
16:44:53.0609 3860 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:44:53.0609 3860 FLEXnet Licensing Service - ok
16:44:53.0656 3860 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
16:44:53.0656 3860 Flpydisk - ok
16:44:53.0671 3860 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
16:44:53.0671 3860 FltMgr - ok
16:44:53.0765 3860 FreemakeUtilsService (3df091d40fcbbe66280a8b2aee282601) C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
16:44:53.0765 3860 FreemakeUtilsService - ok
16:44:53.0781 3860 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:44:53.0781 3860 Fs_Rec - ok
16:44:53.0812 3860 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:44:53.0812 3860 Ftdisk - ok
16:44:53.0843 3860 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:44:53.0843 3860 GEARAspiWDM - ok
16:44:53.0875 3860 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:44:53.0875 3860 Gpc - ok
16:44:53.0937 3860 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
16:44:53.0937 3860 gupdate - ok
16:44:53.0937 3860 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
16:44:53.0937 3860 gupdatem - ok
16:44:53.0953 3860 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:44:53.0953 3860 gusvc - ok
16:44:53.0984 3860 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:44:53.0984 3860 HDAudBus - ok
16:44:54.0031 3860 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:44:54.0031 3860 helpsvc - ok
16:44:54.0046 3860 HidServ - ok
16:44:54.0062 3860 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:44:54.0062 3860 HidUsb - ok
16:44:54.0093 3860 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
16:44:54.0109 3860 hkmsvc - ok
16:44:54.0109 3860 hpn - ok
16:44:54.0156 3860 HPZid412 (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
16:44:54.0156 3860 HPZid412 - ok
16:44:54.0187 3860 HPZipr12 (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
16:44:54.0187 3860 HPZipr12 - ok
16:44:54.0203 3860 HPZius12 (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
16:44:54.0203 3860 HPZius12 - ok
16:44:54.0281 3860 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:44:54.0281 3860 HTTP - ok
16:44:54.0312 3860 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
16:44:54.0312 3860 HTTPFilter - ok
16:44:54.0312 3860 i2omgmt - ok
16:44:54.0328 3860 i2omp - ok
16:44:54.0343 3860 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:44:54.0343 3860 i8042prt - ok
16:44:54.0593 3860 ialm (cd32607f1cc8ac67224334ae123f7b98) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
16:44:54.0640 3860 ialm - ok
16:44:54.0734 3860 ICAM8USB (93e5f25c0e8058991c6aa2657c3b03f0) C:\WINDOWS\system32\Drivers\Icm8D2.SYS
16:44:54.0750 3860 ICAM8USB - ok
16:44:54.0750 3860 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:44:54.0750 3860 Imapi - ok
16:44:54.0796 3860 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
16:44:54.0796 3860 ImapiService - ok
16:44:54.0812 3860 ini910u - ok
16:44:55.0031 3860 IntcAzAudAddService (0cacdcbbc8e6f11e2865c47bfc509848) C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:44:55.0062 3860 IntcAzAudAddService - ok
16:44:55.0109 3860 IntelIde - ok
16:44:55.0156 3860 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:44:55.0156 3860 intelppm - ok
16:44:55.0187 3860 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
16:44:55.0187 3860 Ip6Fw - ok
16:44:55.0203 3860 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:44:55.0203 3860 IpFilterDriver - ok
16:44:55.0234 3860 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:44:55.0234 3860 IpInIp - ok
16:44:55.0250 3860 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:44:55.0265 3860 IpNat - ok
16:44:55.0375 3860 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
16:44:55.0375 3860 iPod Service - ok
16:44:55.0406 3860 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:44:55.0406 3860 IPSec - ok
16:44:55.0437 3860 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:44:55.0437 3860 IRENUM - ok
16:44:55.0453 3860 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:44:55.0453 3860 isapnp - ok
16:44:55.0531 3860 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
16:44:55.0531 3860 JavaQuickStarterService - ok
16:44:55.0562 3860 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:44:55.0562 3860 Kbdclass - ok
16:44:55.0609 3860 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:44:55.0609 3860 kmixer - ok
16:44:55.0640 3860 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
16:44:55.0640 3860 KSecDD - ok
16:44:55.0671 3860 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
16:44:55.0671 3860 lanmanserver - ok
16:44:55.0703 3860 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
16:44:55.0703 3860 lanmanworkstation - ok
16:44:55.0718 3860 lbrtfdc - ok
16:44:55.0765 3860 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
16:44:55.0765 3860 LmHosts - ok
16:44:55.0859 3860 McciCMService (e6cb119ef2e148eaa1a247343550756e) C:\Program Files\Common Files\Motive\McciCMService.exe
16:44:55.0875 3860 McciCMService - ok
16:44:55.0906 3860 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
16:44:55.0906 3860 Messenger - ok
16:44:56.0000 3860 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
16:44:56.0000 3860 Microsoft Office Groove Audit Service - ok
16:44:56.0031 3860 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:44:56.0031 3860 mnmdd - ok
16:44:56.0062 3860 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
16:44:56.0062 3860 mnmsrvc - ok
16:44:56.0093 3860 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
16:44:56.0093 3860 Modem - ok
16:44:56.0187 3860 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
16:44:56.0203 3860 Monfilt - ok
16:44:56.0250 3860 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:44:56.0250 3860 Mouclass - ok
16:44:56.0296 3860 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:44:56.0296 3860 mouhid - ok
16:44:56.0312 3860 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:44:56.0312 3860 MountMgr - ok
16:44:56.0390 3860 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:44:56.0390 3860 MozillaMaintenance - ok
16:44:56.0421 3860 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
16:44:56.0421 3860 MpFilter - ok
16:44:56.0515 3860 MpKslab0b648d (a69630d039c38018689190234f866d77) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B401C96C-B67A-4C66-AF99-F4AEB7F33E26}\MpKslab0b648d.sys
16:44:56.0515 3860 MpKslab0b648d - ok
16:44:56.0515 3860 mraid35x - ok
16:44:56.0593 3860 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
16:44:56.0593 3860 MREMP50 - ok
16:44:56.0609 3860 MREMPR5 - ok
16:44:56.0609 3860 MRENDIS5 - ok
16:44:56.0625 3860 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
16:44:56.0625 3860 MRESP50 - ok
16:44:56.0640 3860 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:44:56.0656 3860 MRxDAV - ok
16:44:56.0718 3860 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:44:56.0718 3860 MRxSmb - ok
16:44:56.0750 3860 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
16:44:56.0750 3860 MSDTC - ok
16:44:56.0781 3860 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:44:56.0781 3860 Msfs - ok
16:44:56.0781 3860 MSIServer - ok
16:44:56.0796 3860 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:44:56.0796 3860 MSKSSRV - ok
16:44:56.0875 3860 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:44:56.0875 3860 MsMpSvc - ok
16:44:56.0906 3860 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:44:56.0906 3860 MSPCLOCK - ok
16:44:56.0921 3860 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:44:56.0921 3860 MSPQM - ok
16:44:56.0937 3860 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:44:56.0937 3860 mssmbios - ok
16:44:56.0968 3860 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
16:44:56.0968 3860 MSTEE - ok
16:44:57.0000 3860 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
16:44:57.0000 3860 MTsensor - ok
16:44:57.0031 3860 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:44:57.0031 3860 Mup - ok
16:44:57.0062 3860 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:44:57.0062 3860 NABTSFEC - ok
16:44:57.0109 3860 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
16:44:57.0109 3860 napagent - ok
16:44:57.0140 3860 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:44:57.0140 3860 NDIS - ok
16:44:57.0156 3860 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:44:57.0156 3860 NdisIP - ok
16:44:57.0203 3860 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:44:57.0203 3860 NdisTapi - ok
16:44:57.0218 3860 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:44:57.0218 3860 Ndisuio - ok
16:44:57.0234 3860 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:44:57.0234 3860 NdisWan - ok
16:44:57.0265 3860 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:44:57.0265 3860 NDProxy - ok
16:44:57.0281 3860 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:44:57.0281 3860 NetBIOS - ok
16:44:57.0312 3860 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:44:57.0312 3860 NetBT - ok
16:44:57.0343 3860 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
16:44:57.0343 3860 NetDDE - ok
16:44:57.0359 3860 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
16:44:57.0359 3860 NetDDEdsdm - ok
16:44:57.0390 3860 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
16:44:57.0390 3860 Netlogon - ok
16:44:57.0406 3860 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
16:44:57.0406 3860 Netman - ok
16:44:57.0468 3860 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
16:44:57.0468 3860 Nla - ok
16:44:57.0468 3860 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:44:57.0468 3860 Npfs - ok
16:44:57.0500 3860 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:44:57.0515 3860 Ntfs - ok
16:44:57.0515 3860 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
16:44:57.0515 3860 NtLmSsp - ok
16:44:57.0562 3860 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
16:44:57.0562 3860 NtmsSvc - ok
16:44:57.0609 3860 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:44:57.0609 3860 Null - ok
16:44:57.0656 3860 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:44:57.0656 3860 NwlnkFlt - ok
16:44:57.0656 3860 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:44:57.0656 3860 NwlnkFwd - ok
16:44:57.0812 3860 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:44:57.0812 3860 odserv - ok
16:44:57.0859 3860 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:44:57.0859 3860 ose - ok
16:44:57.0890 3860 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
16:44:57.0890 3860 Parport - ok
16:44:57.0906 3860 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:44:57.0906 3860 PartMgr - ok
16:44:57.0921 3860 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
16:44:57.0921 3860 ParVdm - ok
16:44:57.0937 3860 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
16:44:57.0937 3860 PCI - ok
16:44:57.0953 3860 PCIDump - ok
16:44:57.0968 3860 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:44:57.0968 3860 PCIIde - ok
16:44:58.0000 3860 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:44:58.0000 3860 Pcmcia - ok
16:44:58.0000 3860 PDCOMP - ok
16:44:58.0015 3860 PDFRAME - ok
16:44:58.0015 3860 PDRELI - ok
16:44:58.0031 3860 PDRFRAME - ok
16:44:58.0031 3860 perc2 - ok
16:44:58.0046 3860 perc2hib - ok
16:44:58.0093 3860 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
16:44:58.0109 3860 PlugPlay - ok
16:44:58.0140 3860 Pml Driver HPZ12 (901c43516504cbe582e4c4193e00876a) C:\WINDOWS\system32\HPZipm12.exe
16:44:58.0140 3860 Pml Driver HPZ12 - ok
16:44:58.0171 3860 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
16:44:58.0171 3860 PolicyAgent - ok
16:44:58.0203 3860 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:44:58.0203 3860 PptpMiniport - ok
16:44:58.0203 3860 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
16:44:58.0203 3860 ProtectedStorage - ok
16:44:58.0218 3860 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:44:58.0218 3860 PSched - ok
16:44:58.0234 3860 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:44:58.0234 3860 Ptilink - ok
16:44:58.0265 3860 PxHelp20 (7c81ae3c9b82ba2da437ed4d31bc56cf) C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:44:58.0265 3860 PxHelp20 - ok
16:44:58.0265 3860 ql1080 - ok
16:44:58.0281 3860 Ql10wnt - ok
16:44:58.0281 3860 ql12160 - ok
16:44:58.0296 3860 ql1240 - ok
16:44:58.0296 3860 ql1280 - ok
16:44:58.0328 3860 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:44:58.0328 3860 RasAcd - ok
16:44:58.0343 3860 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
16:44:58.0359 3860 RasAuto - ok
16:44:58.0390 3860 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:44:58.0390 3860 Rasl2tp - ok
16:44:58.0421 3860 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
16:44:58.0421 3860 RasMan - ok
16:44:58.0437 3860 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:44:58.0437 3860 RasPppoe - ok
16:44:58.0437 3860 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:44:58.0437 3860 Raspti - ok
16:44:58.0468 3860 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:44:58.0468 3860 Rdbss - ok
16:44:58.0484 3860 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:44:58.0484 3860 RDPCDD - ok
16:44:58.0515 3860 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:44:58.0515 3860 rdpdr - ok
16:44:58.0578 3860 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
16:44:58.0578 3860 RDPWD - ok
16:44:58.0609 3860 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
16:44:58.0609 3860 RDSessMgr - ok
16:44:58.0640 3860 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:44:58.0640 3860 redbook - ok
16:44:58.0671 3860 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
16:44:58.0671 3860 RemoteAccess - ok
16:44:58.0703 3860 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
16:44:58.0703 3860 RemoteRegistry - ok
16:44:58.0718 3860 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
16:44:58.0718 3860 RpcLocator - ok
16:44:58.0765 3860 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
16:44:58.0781 3860 RpcSs - ok
16:44:58.0828 3860 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
16:44:58.0828 3860 RSVP - ok
16:44:58.0859 3860 RTLE8023xp (00fd6811350e175585abcf7d4a61dd90) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
16:44:58.0875 3860 RTLE8023xp - ok
16:44:58.0875 3860 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
16:44:58.0875 3860 SamSs - ok
16:44:58.0984 3860 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
16:44:58.0984 3860 SASDIFSV - ok
16:44:59.0000 3860 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
16:44:59.0000 3860 SASKUTIL - ok
16:44:59.0046 3860 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
16:44:59.0046 3860 SCardSvr - ok
16:44:59.0078 3860 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
16:44:59.0093 3860 Schedule - ok
16:44:59.0109 3860 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:44:59.0109 3860 Secdrv - ok
16:44:59.0140 3860 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
16:44:59.0140 3860 seclogon - ok
16:44:59.0156 3860 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
16:44:59.0156 3860 SENS - ok
16:44:59.0171 3860 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:44:59.0171 3860 serenum - ok
16:44:59.0187 3860 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
16:44:59.0187 3860 Serial - ok
16:44:59.0218 3860 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:44:59.0218 3860 Sfloppy - ok
16:44:59.0250 3860 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
16:44:59.0265 3860 SharedAccess - ok
16:44:59.0296 3860 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
16:44:59.0296 3860 ShellHWDetection - ok
16:44:59.0296 3860 Simbad - ok
16:44:59.0343 3860 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:44:59.0343 3860 SLIP - ok
16:44:59.0359 3860 Sparrow - ok
16:44:59.0375 3860 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:44:59.0375 3860 splitter - ok
16:44:59.0421 3860 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
16:44:59.0421 3860 Spooler - ok
16:44:59.0453 3860 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
16:44:59.0453 3860 sr - ok
16:44:59.0484 3860 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
16:44:59.0484 3860 srservice - ok
16:44:59.0515 3860 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:44:59.0515 3860 Srv - ok
16:44:59.0546 3860 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
16:44:59.0546 3860 SSDPSRV - ok
16:44:59.0593 3860 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
16:44:59.0593 3860 stisvc - ok
16:44:59.0625 3860 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:44:59.0625 3860 streamip - ok
16:44:59.0640 3860 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:44:59.0640 3860 swenum - ok
16:44:59.0687 3860 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:44:59.0687 3860 swmidi - ok
16:44:59.0703 3860 SwPrv - ok
16:44:59.0703 3860 symc810 - ok
16:44:59.0718 3860 symc8xx - ok
16:44:59.0718 3860 sym_hi - ok
16:44:59.0734 3860 sym_u3 - ok
16:44:59.0750 3860 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:44:59.0750 3860 sysaudio - ok
16:44:59.0781 3860 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
16:44:59.0781 3860 SysmonLog - ok
16:44:59.0828 3860 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
16:44:59.0828 3860 TapiSrv - ok
16:44:59.0890 3860 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:44:59.0890 3860 Tcpip - ok
16:44:59.0937 3860 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:44:59.0937 3860 TDPIPE - ok
16:44:59.0953 3860 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:44:59.0953 3860 TDTCP - ok
16:45:00.0000 3860 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:45:00.0000 3860 TermDD - ok
16:45:00.0046 3860 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
16:45:00.0046 3860 TermService - ok
16:45:00.0078 3860 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
16:45:00.0093 3860 Themes - ok
16:45:00.0125 3860 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
16:45:00.0125 3860 TlntSvr - ok
16:45:00.0125 3860 TosIde - ok
16:45:00.0140 3860 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
16:45:00.0156 3860 TrkWks - ok
16:45:00.0171 3860 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:45:00.0171 3860 Udfs - ok
16:45:00.0187 3860 ultra - ok
16:45:00.0218 3860 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:45:00.0234 3860 Update - ok
16:45:00.0265 3860 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
16:45:00.0265 3860 upnphost - ok
16:45:00.0281 3860 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
16:45:00.0281 3860 UPS - ok
16:45:00.0312 3860 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
16:45:00.0312 3860 USBAAPL - ok
16:45:00.0359 3860 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
16:45:00.0359 3860 usbaudio - ok
16:45:00.0406 3860 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:45:00.0406 3860 usbccgp - ok
16:45:00.0406 3860 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:45:00.0406 3860 usbehci - ok
16:45:00.0437 3860 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:45:00.0437 3860 usbhub - ok
16:45:00.0468 3860 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:45:00.0468 3860 usbprint - ok
16:45:00.0515 3860 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:45:00.0515 3860 usbscan - ok
16:45:00.0515 3860 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:45:00.0515 3860 USBSTOR - ok
16:45:00.0562 3860 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:45:00.0562 3860 usbuhci - ok
16:45:00.0578 3860 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
16:45:00.0578 3860 usbvideo - ok
16:45:00.0578 3860 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:45:00.0578 3860 VgaSave - ok
16:45:00.0593 3860 ViaIde - ok
16:45:00.0609 3860 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
16:45:00.0609 3860 VolSnap - ok
16:45:00.0656 3860 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
16:45:00.0656 3860 VSS - ok
16:45:00.0687 3860 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
16:45:00.0687 3860 W32Time - ok
16:45:00.0734 3860 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:45:00.0734 3860 Wanarp - ok
16:45:00.0750 3860 WDICA - ok
16:45:00.0765 3860 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:45:00.0765 3860 wdmaud - ok
16:45:00.0781 3860 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
16:45:00.0781 3860 WebClient - ok
16:45:00.0859 3860 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
16:45:00.0859 3860 winmgmt - ok
16:45:00.0906 3860 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
16:45:00.0906 3860 WmdmPmSN - ok
16:45:00.0968 3860 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
16:45:00.0968 3860 Wmi - ok
16:45:01.0000 3860 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:45:01.0000 3860 WmiApSrv - ok
16:45:01.0125 3860 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
16:45:01.0125 3860 WMPNetworkSvc - ok
16:45:01.0265 3860 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:45:01.0281 3860 WPFFontCache_v0400 - ok
16:45:01.0328 3860 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
16:45:01.0328 3860 wscsvc - ok
16:45:01.0406 3860 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:45:01.0406 3860 WSTCODEC - ok
16:45:01.0421 3860 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
16:45:01.0421 3860 wuauserv - ok
16:45:01.0453 3860 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:45:01.0453 3860 WudfPf - ok
16:45:01.0468 3860 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:45:01.0468 3860 WudfRd - ok
16:45:01.0515 3860 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
16:45:01.0515 3860 WudfSvc - ok
16:45:01.0578 3860 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
16:45:01.0578 3860 WZCSVC - ok
16:45:01.0609 3860 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
16:45:01.0609 3860 xmlprov - ok
16:45:01.0625 3860 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
16:45:02.0000 3860 \Device\Harddisk0\DR0 - ok
16:45:02.0015 3860 Boot (0x1200) (8a97ba1c62c4a4fff4357e4bcd909c38) \Device\Harddisk0\DR0\Partition0
16:45:02.0015 3860 \Device\Harddisk0\DR0\Partition0 - ok
16:45:02.0015 3860 ============================================================
16:45:02.0015 3860 Scan finished
16:45:02.0015 3860 ============================================================
16:45:02.0031 2016 Detected object count: 0
16:45:02.0031 2016 Actual detected object count: 0

#7 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:36 PM

Posted 31 May 2012 - 06:51 PM

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

#8 The Jolly Dummkopf

The Jolly Dummkopf
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 31 May 2012 - 07:01 PM

MiniToolBox by Farbar Version: 14-01-2012
Ran by Administrator (administrator) on 31-05-2012 at 16:56:56
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : user-8932ab8b39

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek PCIe FE Family Controller

Physical Address. . . . . . . . . : 20-CF-30-A7-0A-5B

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.65

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.254

DHCP Server . . . . . . . . . . . : 192.168.1.254

DNS Servers . . . . . . . . . . . : 192.168.1.254

75.153.176.9

Lease Obtained. . . . . . . . . . : Thursday, May 31, 2012 3:27:23 PM

Lease Expires . . . . . . . . . . : Friday, June 01, 2012 3:27:23 PM

DNS request timed out.
timeout was 2 seconds.
Server: ns2.dns.telus.com
Address: 75.153.176.9

Name: google.com
Addresses: 173.194.33.39, 173.194.33.41, 173.194.33.34, 173.194.33.35
173.194.33.32, 173.194.33.36, 173.194.33.46, 173.194.33.40, 173.194.33.37
173.194.33.33, 173.194.33.38



Pinging google.com [173.194.33.38] with 32 bytes of data:



Reply from 173.194.33.38: bytes=32 time=11ms TTL=55

Reply from 173.194.33.38: bytes=32 time=11ms TTL=53



Ping statistics for 173.194.33.38:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 11ms, Maximum = 11ms, Average = 11ms

DNS request timed out.
timeout was 2 seconds.
Server: ns2.dns.telus.com
Address: 75.153.176.9

Name: yahoo.com
Addresses: 98.139.183.24, 209.191.122.70, 72.30.38.140



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=65ms TTL=51

Reply from 209.191.122.70: bytes=32 time=66ms TTL=51



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 65ms, Maximum = 66ms, Average = 65ms

DNS request timed out.
timeout was 2 seconds.
Server: ns2.dns.telus.com
Address: 75.153.176.9

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x20002 ...20 cf 30 a7 0a 5b ...... Realtek PCIe FE Family Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.65 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.65 192.168.1.65 20
192.168.1.0 255.255.255.0 192.168.1.65 192.168.1.65 20
192.168.1.65 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.65 192.168.1.65 20
224.0.0.0 240.0.0.0 192.168.1.65 192.168.1.65 20
255.255.255.255 255.255.255.255 192.168.1.65 192.168.1.65 1
Default Gateway: 192.168.1.254
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/29/2012 10:31:11 PM) (Source: Application Error) (User: )
Description: Fault bucket -1370658687.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (05/29/2012 10:31:04 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19222, fault address 0x0018bbe1.
Processing media-specific event for [iexplore.exe!ws!]

Error: (05/29/2012 10:31:01 PM) (Source: Application Error) (User: )
Description: Fault bucket -1370658687.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (05/29/2012 10:30:57 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19222, fault address 0x0018bbe1.
Processing media-specific event for [iexplore.exe!ws!]

Error: (05/28/2012 09:55:14 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/27/2012 08:27:18 PM) (Source: Application Error) (User: )
Description: Fault bucket -1370658687.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (05/27/2012 08:27:15 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19222, fault address 0x0018bbe1.
Processing media-specific event for [iexplore.exe!ws!]

Error: (05/21/2012 04:47:28 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19222, fault address 0x0018bbe1.
Processing media-specific event for [iexplore.exe!ws!]

Error: (05/20/2012 09:26:50 PM) (Source: Application Error) (User: )
Description: Fault bucket -1370658687.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (05/20/2012 09:26:44 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.19222, fault address 0x0018bbe1.
Processing media-specific event for [iexplore.exe!ws!]


System errors:
=============
Error: (05/31/2012 01:38:53 PM) (Source: Service Control Manager) (User: )
Description: The Freemake Service service hung on starting.

Error: (05/31/2012 08:18:40 AM) (Source: Service Control Manager) (User: )
Description: The Freemake Service service hung on starting.

Error: (05/31/2012 05:57:49 AM) (Source: Service Control Manager) (User: )
Description: The Freemake Service service hung on starting.

Error: (05/30/2012 10:05:25 PM) (Source: Service Control Manager) (User: )
Description: The Freemake Service service hung on starting.

Error: (05/30/2012 00:13:53 PM) (Source: Service Control Manager) (User: )
Description: The Freemake Service service hung on starting.

Error: (05/30/2012 05:59:12 AM) (Source: Service Control Manager) (User: )
Description: The Freemake Service service hung on starting.

Error: (05/29/2012 11:02:22 PM) (Source: Service Control Manager) (User: )
Description: The Freemake Service service hung on starting.

Error: (05/29/2012 10:10:19 PM) (Source: Service Control Manager) (User: )
Description: The Freemake Service service hung on starting.

Error: (05/29/2012 06:31:40 PM) (Source: Service Control Manager) (User: )
Description: The Freemake Service service hung on starting.

Error: (05/29/2012 05:54:06 PM) (Source: Service Control Manager) (User: )
Description: The Freemake Service service hung on starting.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.5.1)
Adobe Acrobat 9.5.1 - CPSID_83708
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Bing Bar (Version: 7.0.822.0)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 53.0.13.000)
CP_AtenaShokunin1Config (Version: 53.0.13.000)
CP_CalendarTemplates1 (Version: 53.0.13.000)
CP_Package_Basic1 (Version: 53.0.13.000)
CP_Panorama1Config (Version: 53.0.13.000)
CueTour (Version: 53.0.13.000)
Destinations (Version: 53.0.13.000)
DeviceFunctionQFolder (Version: 1.00.0000)
DeviceManagementQFolder (Version: 1.00.0000)
DocProc (Version: 5.2.0.0)
DocumentViewer (Version: 53.0.13.000)
DocumentViewerQFolder (Version: 1.00.0000)
Dropbox (Version: 1.4.7)
eSupportQFolder (Version: 1.00.0000)
Freemake Video Converter version 2.3.4 (Version: 2.3.4)
FullDPAppQFolder (Version: 1.00.0000)
Google Chrome (Version: 19.0.1084.52)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HP Document Viewer 5.3 (Version: 5.3)
HP Image Zone 5.3 (Version: 5.3)
HP Imaging Device Functions 5.3 (Version: 5.3)
HP Scanjet 4800 series (Version: 5.3)
HP Software Update (Version: 3.0.5.001)
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
hpg4850 (Version: 5.0.0.0)
hpg4850QFolder (Version: 1.00.0000)
HPProductAssistant (Version: 53.0.13.000)
InstantShareDevices (Version: 53.0.13.000)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
K-Lite Codec Pack 2.83 Full (Version: 2.83)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Security Scan (Version: 3.7.2.5)
Overland (Version: 2.1.5)
PanoStandAlone (Version: 53.0.13.000)
PhotoGallery (Version: 53.0.13.000)
Photosmart 320,370,7400,8100,8400 Series (Version: 2.0)
PS7400 (Version: 1.00.0000)
PSPrinters06 (Version: 1.00.0000)
QuickTime (Version: 7.71.80.42)
RandMap (Version: 53.0.13.000)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.23.0000)
Realtek High Definition Audio Driver (Version: 5.10.0.5859)
RealUpgrade 1.1 (Version: 1.1.0)
Scan (Version: 5.2.0.0)
ScannerCopy (Version: 5.2.0.0)
SkinsHP1 (Version: 53.0.13.000)
Skype Click to Call (Version: 5.7.8773)
Skype™ 5.5 (Version: 5.5.124)
SolutionCenter (Version: 50.0.152.000)
Sonic_PrimoSDK (Version: 53.0.13.000)
SpywareBlaster 4.6 (Version: 4.6.0)
Stellarium 0.11.0
SUPERAntiSpyware (Version: 5.0.1148)
System Requirements Lab for Intel (Version: 4.5.2.0)
TELUS Support Centre
TrayApp (Version: 43.1.5.000)
Unload (Version: 4.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VideoPlayer 1.1.7.5 (Version: 1.1.7.5)
Watchtower Library 2011 - English (Version: 13.0)
WeatherEye
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 2038.11 MB
Available physical RAM: 1299.57 MB
Total Pagefile: 3409.05 MB
Available Pagefile: 2844.78 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.18 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:298.08 GB) (Free:257.5 GB) NTFS

========================= Users: ========================================

User accounts for \\USER-8932AB8B39

Administrator ASPNET Guest
HelpAssistant SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

#9 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:36 PM

Posted 31 May 2012 - 07:17 PM

What video game news site, so I can see if I can try and replicate.

#10 The Jolly Dummkopf

The Jolly Dummkopf
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 31 May 2012 - 08:22 PM

This page that gave me the "access restricted" message I got to via NintendoLife.

Also, just today I found another site that gives me the same message.



Thanks for your time so far.

#11 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:36 PM

Posted 31 May 2012 - 08:32 PM

Next time it happens take a screenshot of the full browser window and your taskbar.

#12 The Jolly Dummkopf

The Jolly Dummkopf
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 31 May 2012 - 08:46 PM

OK.

CTIA message.

Fifth Independant message.

And here's the rest of the page.

#13 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:36 PM

Posted 31 May 2012 - 09:27 PM

Download Autoruns for Windows: http://technet.microsoft.com/en-us/sysinte...s/bb963902.aspx

No installation required.

Simply unzip Autoruns.zip file, and double click on autoruns.exe file to run the program.

Go File>Save, and save it as AutoRuns.txt file to know location.

You must select Text from drop-down menu as a file type:

Posted Image

Attach the file to your next reply.

Compliments of Broni



Please perform the following, so that we can get the exact specs of your computer. This will better assist us in helping you more.

Publish a Snapshot using Speccy

The below is for those who cannot get online

Please take caution when attaching a text file to your post if you cannot copy/paste the link to your post, you will need to edit it to make sure that your Windows Key is not present.

#14 The Jolly Dummkopf

The Jolly Dummkopf
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 01 June 2012 - 10:23 AM

Here's the specs.


When you say attach the file is it ok if I just paste it? Because according to this post I can't attach files in this sub-forum...

#15 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:36 PM

Posted 01 June 2012 - 12:50 PM

Yeah you can just copy and paste.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users