Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirects and pop-ups


  • Please log in to reply
17 replies to this topic

#1 wickedb

wickedb

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:55 PM

Posted 10 August 2012 - 11:28 AM

I've been having a terrible time trying to disable a virus (or multiple viruses) on the computer. I've run MSE as well as trying lavasoft and avast software, nothing seems to detect this thing. Despite that, I am constantly redirected to spam sites while surfing the web and either square or phone shaped pop up appear in the bottom right hand corner of my browser. This happens on both Firefox and Chrome.
Now something seems to be messing with my anti-virus, since it magically disappeared from my system yesterday.
Any help would be greatly (!) appreciated.

Thanks!

Win7 64 bit
Posted Image

Edited by wickedb, 10 August 2012 - 11:39 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:55 PM

Posted 10 August 2012 - 01:46 PM

Welcome,please run these and post the logs...


Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

>>>>

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.

>>>>>
Next run Superantisypware (SAS):

Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
  • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
  • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
  • Click the Scan your computer... button.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.


Reboot

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 wickedb

wickedb
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:55 PM

Posted 10 August 2012 - 05:25 PM

okay- here's what I've got
TDSSKiller, did in fact require a reboot. this is the log file:

15:14:41.0847 3504 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
15:14:42.0247 3504 ============================================================
15:14:42.0247 3504 Current date / time: 2012/08/10 15:14:42.0247
15:14:42.0247 3504 SystemInfo:
15:14:42.0247 3504
15:14:42.0247 3504 OS Version: 6.1.7600 ServicePack: 0.0
15:14:42.0247 3504 Product type: Workstation
15:14:42.0247 3504 ComputerName: LEIA-PC
15:14:42.0247 3504 UserName: Leia
15:14:42.0247 3504 Windows directory: C:\Windows
15:14:42.0247 3504 System windows directory: C:\Windows
15:14:42.0247 3504 Running under WOW64
15:14:42.0247 3504 Processor architecture: Intel x64
15:14:42.0247 3504 Number of processors: 2
15:14:42.0247 3504 Page size: 0x1000
15:14:42.0247 3504 Boot type: Normal boot
15:14:42.0247 3504 ============================================================
15:14:43.0177 3504 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:14:43.0187 3504 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:14:43.0217 3504 ============================================================
15:14:43.0217 3504 \Device\Harddisk0\DR0:
15:14:43.0222 3504 MBR partitions:
15:14:43.0222 3504 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
15:14:43.0222 3504 \Device\Harddisk1\DR1:
15:14:43.0222 3504 MBR partitions:
15:14:43.0222 3504 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
15:14:43.0222 3504 ============================================================
15:14:43.0237 3504 C: <-> \Device\Harddisk0\DR0\Partition0
15:14:43.0272 3504 F: <-> \Device\Harddisk1\DR1\Partition0
15:14:43.0272 3504 ============================================================
15:14:43.0272 3504 Initialize success
15:14:43.0272 3504 ============================================================
15:15:03.0567 3908 ============================================================
15:15:03.0567 3908 Scan started
15:15:03.0567 3908 Mode: Manual; TDLFS;
15:15:03.0567 3908 ============================================================
15:15:03.0862 3908 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
15:15:03.0872 3908 1394ohci - ok
15:15:03.0907 3908 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
15:15:03.0917 3908 ACPI - ok
15:15:03.0942 3908 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
15:15:03.0947 3908 AcpiPmi - ok
15:15:04.0057 3908 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:15:04.0062 3908 AdobeARMservice - ok
15:15:04.0117 3908 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:15:04.0132 3908 adp94xx - ok
15:15:04.0192 3908 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:15:04.0202 3908 adpahci - ok
15:15:04.0242 3908 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:15:04.0247 3908 adpu320 - ok
15:15:04.0272 3908 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:15:04.0272 3908 AeLookupSvc - ok
15:15:04.0327 3908 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
15:15:04.0342 3908 AFD - ok
15:15:04.0367 3908 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
15:15:04.0367 3908 agp440 - ok
15:15:04.0392 3908 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:15:04.0392 3908 ALG - ok
15:15:04.0422 3908 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
15:15:04.0422 3908 aliide - ok
15:15:04.0432 3908 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
15:15:04.0437 3908 amdide - ok
15:15:04.0452 3908 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:15:04.0457 3908 AmdK8 - ok
15:15:04.0472 3908 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:15:04.0472 3908 AmdPPM - ok
15:15:04.0492 3908 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
15:15:04.0497 3908 amdsata - ok
15:15:04.0547 3908 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:15:04.0552 3908 amdsbs - ok
15:15:04.0572 3908 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
15:15:04.0572 3908 amdxata - ok
15:15:04.0602 3908 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
15:15:04.0602 3908 AppID - ok
15:15:04.0632 3908 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:15:04.0632 3908 AppIDSvc - ok
15:15:04.0647 3908 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
15:15:04.0647 3908 Appinfo - ok
15:15:04.0677 3908 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
15:15:04.0682 3908 AppMgmt - ok
15:15:04.0697 3908 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:15:04.0702 3908 arc - ok
15:15:04.0727 3908 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:15:04.0737 3908 arcsas - ok
15:15:04.0742 3908 astcc - ok
15:15:04.0772 3908 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:15:04.0772 3908 AsyncMac - ok
15:15:04.0782 3908 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
15:15:04.0782 3908 atapi - ok
15:15:04.0842 3908 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:15:04.0862 3908 AudioEndpointBuilder - ok
15:15:04.0872 3908 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:15:04.0877 3908 AudioSrv - ok
15:15:04.0917 3908 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
15:15:04.0922 3908 AxInstSV - ok
15:15:04.0967 3908 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:15:04.0987 3908 b06bdrv - ok
15:15:05.0022 3908 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:15:05.0032 3908 b57nd60a - ok
15:15:05.0067 3908 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:15:05.0072 3908 BDESVC - ok
15:15:05.0087 3908 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:15:05.0087 3908 Beep - ok
15:15:05.0142 3908 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
15:15:05.0177 3908 BITS - ok
15:15:05.0197 3908 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:15:05.0197 3908 blbdrive - ok
15:15:05.0207 3908 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
15:15:05.0212 3908 bowser - ok
15:15:05.0222 3908 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:15:05.0227 3908 BrFiltLo - ok
15:15:05.0237 3908 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:15:05.0237 3908 BrFiltUp - ok
15:15:05.0252 3908 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
15:15:05.0257 3908 Browser - ok
15:15:05.0282 3908 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:15:05.0292 3908 Brserid - ok
15:15:05.0312 3908 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:15:05.0312 3908 BrSerWdm - ok
15:15:05.0327 3908 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:15:05.0327 3908 BrUsbMdm - ok
15:15:05.0337 3908 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:15:05.0342 3908 BrUsbSer - ok
15:15:05.0357 3908 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:15:05.0362 3908 BTHMODEM - ok
15:15:05.0377 3908 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:15:05.0382 3908 bthserv - ok
15:15:05.0412 3908 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:15:05.0422 3908 cdfs - ok
15:15:05.0457 3908 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
15:15:05.0462 3908 cdrom - ok
15:15:05.0487 3908 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:15:05.0487 3908 CertPropSvc - ok
15:15:05.0502 3908 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:15:05.0502 3908 circlass - ok
15:15:05.0532 3908 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:15:05.0537 3908 CLFS - ok
15:15:05.0612 3908 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:15:05.0617 3908 clr_optimization_v2.0.50727_32 - ok
15:15:05.0667 3908 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:15:05.0677 3908 clr_optimization_v2.0.50727_64 - ok
15:15:05.0742 3908 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:15:05.0747 3908 clr_optimization_v4.0.30319_32 - ok
15:15:05.0797 3908 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:15:05.0807 3908 clr_optimization_v4.0.30319_64 - ok
15:15:05.0947 3908 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:15:05.0947 3908 CmBatt - ok
15:15:05.0952 3908 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
15:15:05.0952 3908 cmdide - ok
15:15:05.0982 3908 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
15:15:06.0002 3908 CNG - ok
15:15:06.0012 3908 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:15:06.0012 3908 Compbatt - ok
15:15:06.0037 3908 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:15:06.0037 3908 CompositeBus - ok
15:15:06.0052 3908 COMSysApp - ok
15:15:06.0067 3908 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:15:06.0067 3908 crcdisk - ok
15:15:06.0132 3908 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
15:15:06.0147 3908 CryptSvc - ok
15:15:06.0172 3908 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
15:15:06.0187 3908 CSC - ok
15:15:06.0222 3908 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
15:15:06.0272 3908 CscService - ok
15:15:06.0317 3908 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:15:06.0332 3908 DcomLaunch - ok
15:15:06.0372 3908 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:15:06.0382 3908 defragsvc - ok
15:15:06.0447 3908 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
15:15:06.0452 3908 DfsC - ok
15:15:06.0487 3908 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
15:15:06.0497 3908 Dhcp - ok
15:15:06.0507 3908 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:15:06.0512 3908 discache - ok
15:15:06.0547 3908 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:15:06.0547 3908 Disk - ok
15:15:06.0587 3908 Dnscache (676108c4e3aa6f6b34633748bd0bebd9) C:\Windows\System32\dnsrslvr.dll
15:15:06.0592 3908 Dnscache - ok
15:15:06.0612 3908 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
15:15:06.0627 3908 dot3svc - ok
15:15:06.0657 3908 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
15:15:06.0667 3908 Dot4 - ok
15:15:06.0702 3908 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:15:06.0702 3908 Dot4Print - ok
15:15:06.0727 3908 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
15:15:06.0732 3908 dot4usb - ok
15:15:06.0742 3908 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
15:15:06.0747 3908 DPS - ok
15:15:06.0762 3908 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:15:06.0762 3908 drmkaud - ok
15:15:06.0812 3908 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
15:15:06.0837 3908 DXGKrnl - ok
15:15:06.0942 3908 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:15:06.0947 3908 EapHost - ok
15:15:07.0122 3908 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:15:07.0187 3908 ebdrv - ok
15:15:07.0267 3908 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe
15:15:07.0272 3908 EFS - ok
15:15:07.0337 3908 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
15:15:07.0352 3908 ehRecvr - ok
15:15:07.0372 3908 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:15:07.0377 3908 ehSched - ok
15:15:07.0447 3908 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:15:07.0462 3908 elxstor - ok
15:15:07.0482 3908 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
15:15:07.0482 3908 ErrDev - ok
15:15:07.0517 3908 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:15:07.0532 3908 EventSystem - ok
15:15:07.0552 3908 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:15:07.0567 3908 exfat - ok
15:15:07.0587 3908 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:15:07.0602 3908 fastfat - ok
15:15:07.0662 3908 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
15:15:07.0682 3908 Fax - ok
15:15:07.0692 3908 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:15:07.0697 3908 fdc - ok
15:15:07.0712 3908 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:15:07.0712 3908 fdPHost - ok
15:15:07.0722 3908 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:15:07.0722 3908 FDResPub - ok
15:15:07.0732 3908 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:15:07.0732 3908 FileInfo - ok
15:15:07.0752 3908 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:15:07.0752 3908 Filetrace - ok
15:15:07.0767 3908 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:15:07.0767 3908 flpydisk - ok
15:15:07.0792 3908 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
15:15:07.0797 3908 FltMgr - ok
15:15:07.0847 3908 FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\Windows\system32\FntCache.dll
15:15:07.0877 3908 FontCache - ok
15:15:07.0957 3908 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:15:07.0957 3908 FontCache3.0.0.0 - ok
15:15:08.0062 3908 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:15:08.0062 3908 FsDepends - ok
15:15:08.0082 3908 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:15:08.0082 3908 Fs_Rec - ok
15:15:08.0122 3908 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:15:08.0137 3908 fvevol - ok
15:15:08.0152 3908 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:15:08.0152 3908 gagp30kx - ok
15:15:08.0217 3908 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
15:15:08.0237 3908 gpsvc - ok
15:15:08.0352 3908 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:15:08.0357 3908 gupdate - ok
15:15:08.0372 3908 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:15:08.0372 3908 gupdatem - ok
15:15:08.0402 3908 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:15:08.0417 3908 gusvc - ok
15:15:08.0537 3908 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:15:08.0537 3908 hcw85cir - ok
15:15:08.0572 3908 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
15:15:08.0582 3908 HdAudAddService - ok
15:15:08.0602 3908 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:15:08.0607 3908 HDAudBus - ok
15:15:08.0627 3908 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:15:08.0627 3908 HidBatt - ok
15:15:08.0642 3908 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:15:08.0647 3908 HidBth - ok
15:15:08.0662 3908 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:15:08.0662 3908 HidIr - ok
15:15:08.0697 3908 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:15:08.0702 3908 hidserv - ok
15:15:08.0722 3908 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
15:15:08.0722 3908 HidUsb - ok
15:15:08.0752 3908 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
15:15:08.0762 3908 hkmsvc - ok
15:15:08.0807 3908 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
15:15:08.0822 3908 HomeGroupListener - ok
15:15:08.0852 3908 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
15:15:08.0857 3908 HomeGroupProvider - ok
15:15:08.0962 3908 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:15:08.0972 3908 hpqcxs08 - ok
15:15:09.0032 3908 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:15:09.0037 3908 hpqddsvc - ok
15:15:09.0082 3908 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
15:15:09.0087 3908 HpSAMD - ok
15:15:09.0147 3908 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
15:15:09.0167 3908 HTTP - ok
15:15:09.0177 3908 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
15:15:09.0177 3908 hwpolicy - ok
15:15:09.0202 3908 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
15:15:09.0207 3908 i8042prt - ok
15:15:09.0247 3908 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
15:15:09.0257 3908 iaStorV - ok
15:15:09.0377 3908 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:15:09.0397 3908 idsvc - ok
15:15:09.0502 3908 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:15:09.0507 3908 iirsp - ok
15:15:09.0577 3908 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
15:15:09.0597 3908 IKEEXT - ok
15:15:09.0617 3908 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
15:15:09.0617 3908 intelide - ok
15:15:09.0647 3908 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:15:09.0647 3908 intelppm - ok
15:15:09.0672 3908 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:15:09.0677 3908 IPBusEnum - ok
15:15:09.0697 3908 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:15:09.0702 3908 IpFilterDriver - ok
15:15:09.0722 3908 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:15:09.0722 3908 IPMIDRV - ok
15:15:09.0752 3908 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:15:09.0762 3908 IPNAT - ok
15:15:09.0807 3908 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:15:09.0807 3908 IRENUM - ok
15:15:09.0822 3908 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
15:15:09.0827 3908 isapnp - ok
15:15:09.0852 3908 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
15:15:09.0867 3908 iScsiPrt - ok
15:15:09.0887 3908 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:15:09.0887 3908 kbdclass - ok
15:15:09.0912 3908 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
15:15:09.0912 3908 kbdhid - ok
15:15:09.0937 3908 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:15:09.0937 3908 KeyIso - ok
15:15:09.0947 3908 KMService - ok
15:15:09.0962 3908 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
15:15:09.0972 3908 KSecDD - ok
15:15:09.0987 3908 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
15:15:09.0992 3908 KSecPkg - ok
15:15:10.0032 3908 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:15:10.0032 3908 ksthunk - ok
15:15:10.0077 3908 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:15:10.0087 3908 KtmRm - ok
15:15:10.0137 3908 LanmanServer (c926920b8978de6acfe9e15c709e9b57) C:\Windows\system32\srvsvc.dll
15:15:10.0152 3908 LanmanServer - ok
15:15:10.0192 3908 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
15:15:10.0202 3908 LanmanWorkstation - ok
15:15:10.0217 3908 Lbd - ok
15:15:10.0302 3908 LightScribeService (71c6a95a5f0ccc87298c4dd0f2c3635a) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:15:10.0347 3908 LightScribeService - ok
15:15:10.0397 3908 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:15:10.0397 3908 lltdio - ok
15:15:10.0437 3908 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:15:10.0447 3908 lltdsvc - ok
15:15:10.0467 3908 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:15:10.0467 3908 lmhosts - ok
15:15:10.0497 3908 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:15:10.0502 3908 LSI_FC - ok
15:15:10.0547 3908 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:15:10.0552 3908 LSI_SAS - ok
15:15:10.0577 3908 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:15:10.0577 3908 LSI_SAS2 - ok
15:15:10.0602 3908 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:15:10.0612 3908 LSI_SCSI - ok
15:15:10.0632 3908 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:15:10.0637 3908 luafv - ok
15:15:10.0682 3908 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
15:15:10.0687 3908 Mcx2Svc - ok
15:15:10.0697 3908 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:15:10.0702 3908 megasas - ok
15:15:10.0732 3908 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:15:10.0742 3908 MegaSR - ok
15:15:10.0772 3908 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:15:10.0772 3908 MMCSS - ok
15:15:10.0787 3908 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:15:10.0787 3908 Modem - ok
15:15:10.0812 3908 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:15:10.0812 3908 monitor - ok
15:15:10.0837 3908 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:15:10.0837 3908 mouclass - ok
15:15:10.0857 3908 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:15:10.0857 3908 mouhid - ok
15:15:10.0877 3908 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
15:15:10.0882 3908 mountmgr - ok
15:15:10.0967 3908 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:15:10.0972 3908 MozillaMaintenance - ok
15:15:11.0027 3908 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
15:15:11.0037 3908 MpFilter - ok
15:15:11.0087 3908 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
15:15:11.0092 3908 mpio - ok
15:15:11.0117 3908 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:15:11.0117 3908 mpsdrv - ok
15:15:11.0167 3908 MRV6X64U (7e997df71cd2dd5cf0d3d07b8d8e798c) C:\Windows\system32\DRIVERS\MRVW24C.sys
15:15:11.0177 3908 MRV6X64U - ok
15:15:11.0197 3908 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
15:15:11.0202 3908 MRxDAV - ok
15:15:11.0227 3908 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:15:11.0232 3908 mrxsmb - ok
15:15:11.0292 3908 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:15:11.0307 3908 mrxsmb10 - ok
15:15:11.0372 3908 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:15:11.0382 3908 mrxsmb20 - ok
15:15:11.0407 3908 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
15:15:11.0407 3908 msahci - ok
15:15:11.0422 3908 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
15:15:11.0432 3908 msdsm - ok
15:15:11.0472 3908 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:15:11.0477 3908 MSDTC - ok
15:15:11.0492 3908 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:15:11.0492 3908 Msfs - ok
15:15:11.0517 3908 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:15:11.0517 3908 mshidkmdf - ok
15:15:11.0527 3908 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
15:15:11.0527 3908 msisadrv - ok
15:15:11.0567 3908 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:15:11.0572 3908 MSiSCSI - ok
15:15:11.0577 3908 msiserver - ok
15:15:11.0602 3908 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:15:11.0602 3908 MSKSSRV - ok
15:15:11.0682 3908 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:15:11.0682 3908 MsMpSvc - ok
15:15:11.0712 3908 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:15:11.0712 3908 MSPCLOCK - ok
15:15:11.0722 3908 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:15:11.0722 3908 MSPQM - ok
15:15:11.0747 3908 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
15:15:11.0757 3908 MsRPC - ok
15:15:11.0777 3908 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
15:15:11.0777 3908 mssmbios - ok
15:15:11.0792 3908 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:15:11.0797 3908 MSTEE - ok
15:15:11.0807 3908 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:15:11.0807 3908 MTConfig - ok
15:15:11.0822 3908 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:15:11.0822 3908 Mup - ok
15:15:11.0862 3908 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
15:15:11.0877 3908 napagent - ok
15:15:11.0942 3908 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:15:11.0952 3908 NativeWifiP - ok
15:15:12.0032 3908 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
15:15:12.0057 3908 NDIS - ok
15:15:12.0167 3908 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:15:12.0172 3908 NdisCap - ok
15:15:12.0197 3908 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:15:12.0197 3908 NdisTapi - ok
15:15:12.0207 3908 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
15:15:12.0212 3908 Ndisuio - ok
15:15:12.0227 3908 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:15:12.0232 3908 NdisWan - ok
15:15:12.0242 3908 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
15:15:12.0242 3908 NDProxy - ok
15:15:12.0372 3908 Nero BackItUp Scheduler 4.0 (c7f5c284b6f46fcaf6910ea4e644700b) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
15:15:12.0397 3908 Nero BackItUp Scheduler 4.0 - ok
15:15:12.0517 3908 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
15:15:12.0522 3908 Net Driver HPZ12 - ok
15:15:12.0592 3908 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:15:12.0592 3908 NetBIOS - ok
15:15:12.0617 3908 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
15:15:12.0627 3908 NetBT - ok
15:15:12.0647 3908 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:15:12.0647 3908 Netlogon - ok
15:15:12.0707 3908 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:15:12.0717 3908 Netman - ok
15:15:12.0747 3908 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:15:12.0762 3908 netprofm - ok
15:15:12.0857 3908 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:15:12.0862 3908 NetTcpPortSharing - ok
15:15:12.0937 3908 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:15:12.0937 3908 nfrd960 - ok
15:15:12.0997 3908 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:15:13.0007 3908 NisDrv - ok
15:15:13.0087 3908 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
15:15:13.0097 3908 NisSrv - ok
15:15:13.0152 3908 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
15:15:13.0162 3908 NlaSvc - ok
15:15:13.0182 3908 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:15:13.0182 3908 Npfs - ok
15:15:13.0232 3908 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:15:13.0232 3908 nsi - ok
15:15:13.0272 3908 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:15:13.0272 3908 nsiproxy - ok
15:15:13.0347 3908 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
15:15:13.0387 3908 Ntfs - ok
15:15:13.0477 3908 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:15:13.0477 3908 Null - ok
15:15:13.0517 3908 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
15:15:13.0527 3908 NVENETFD - ok
15:15:14.0057 3908 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:15:14.0322 3908 nvlddmkm - ok
15:15:14.0442 3908 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
15:15:14.0447 3908 nvraid - ok
15:15:14.0467 3908 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
15:15:14.0472 3908 nvstor - ok
15:15:14.0532 3908 nvsvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
15:15:14.0537 3908 nvsvc - ok
15:15:14.0672 3908 nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:15:14.0697 3908 nvUpdatusService - ok
15:15:14.0817 3908 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
15:15:14.0822 3908 nv_agp - ok
15:15:14.0837 3908 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
15:15:14.0842 3908 ohci1394 - ok
15:15:14.0912 3908 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:15:14.0922 3908 ose - ok
15:15:15.0147 3908 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:15:15.0237 3908 osppsvc - ok
15:15:15.0347 3908 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:15:15.0357 3908 p2pimsvc - ok
15:15:15.0382 3908 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:15:15.0402 3908 p2psvc - ok
15:15:15.0462 3908 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:15:15.0467 3908 Parport - ok
15:15:15.0487 3908 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
15:15:15.0487 3908 partmgr - ok
15:15:15.0502 3908 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:15:15.0507 3908 PcaSvc - ok
15:15:15.0517 3908 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
15:15:15.0522 3908 pci - ok
15:15:15.0532 3908 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
15:15:15.0537 3908 pciide - ok
15:15:15.0567 3908 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:15:15.0577 3908 pcmcia - ok
15:15:15.0662 3908 PCToolsSSDMonitorSvc (3e9cd8646ebf1c15438f9135796c02b7) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
15:15:15.0682 3908 PCToolsSSDMonitorSvc - ok
15:15:15.0697 3908 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:15:15.0697 3908 pcw - ok
15:15:15.0727 3908 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:15:15.0742 3908 PEAUTH - ok
15:15:15.0827 3908 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
15:15:15.0877 3908 PeerDistSvc - ok
15:15:15.0992 3908 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:15:15.0997 3908 PerfHost - ok
15:15:16.0132 3908 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
15:15:16.0182 3908 pla - ok
15:15:16.0267 3908 PlugPlay (23157d583244400e1d7fbaee2e4b31b7) C:\Windows\system32\umpnpmgr.dll
15:15:16.0282 3908 PlugPlay - ok
15:15:16.0337 3908 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
15:15:16.0342 3908 Pml Driver HPZ12 - ok
15:15:16.0362 3908 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:15:16.0362 3908 PNRPAutoReg - ok
15:15:16.0387 3908 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:15:16.0387 3908 PNRPsvc - ok
15:15:16.0442 3908 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
15:15:16.0462 3908 PolicyAgent - ok
15:15:16.0497 3908 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:15:16.0507 3908 Power - ok
15:15:16.0577 3908 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
15:15:16.0582 3908 PptpMiniport - ok
15:15:16.0607 3908 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:15:16.0612 3908 Processor - ok
15:15:16.0637 3908 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
15:15:16.0652 3908 ProfSvc - ok
15:15:16.0672 3908 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:15:16.0672 3908 ProtectedStorage - ok
15:15:16.0702 3908 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
15:15:16.0712 3908 Psched - ok
15:15:16.0752 3908 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:15:16.0752 3908 PxHlpa64 - ok
15:15:16.0822 3908 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:15:16.0872 3908 ql2300 - ok
15:15:17.0007 3908 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:15:17.0012 3908 ql40xx - ok
15:15:17.0052 3908 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:15:17.0062 3908 QWAVE - ok
15:15:17.0077 3908 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:15:17.0082 3908 QWAVEdrv - ok
15:15:17.0097 3908 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:15:17.0097 3908 RasAcd - ok
15:15:17.0132 3908 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:15:17.0132 3908 RasAgileVpn - ok
15:15:17.0152 3908 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:15:17.0162 3908 RasAuto - ok
15:15:17.0182 3908 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:15:17.0187 3908 Rasl2tp - ok
15:15:17.0207 3908 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
15:15:17.0222 3908 RasMan - ok
15:15:17.0262 3908 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:15:17.0267 3908 RasPppoe - ok
15:15:17.0287 3908 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:15:17.0292 3908 RasSstp - ok
15:15:17.0312 3908 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
15:15:17.0322 3908 rdbss - ok
15:15:17.0352 3908 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:15:17.0352 3908 rdpbus - ok
15:15:17.0362 3908 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:15:17.0362 3908 RDPCDD - ok
15:15:17.0387 3908 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
15:15:17.0392 3908 RDPDR - ok
15:15:17.0407 3908 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:15:17.0407 3908 RDPENCDD - ok
15:15:17.0432 3908 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:15:17.0432 3908 RDPREFMP - ok
15:15:17.0472 3908 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
15:15:17.0487 3908 RDPWD - ok
15:15:17.0552 3908 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
15:15:17.0552 3908 rdyboost - ok
15:15:17.0592 3908 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:15:17.0597 3908 RemoteAccess - ok
15:15:17.0632 3908 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:15:17.0642 3908 RemoteRegistry - ok
15:15:17.0662 3908 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:15:17.0667 3908 RpcEptMapper - ok
15:15:17.0677 3908 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:15:17.0682 3908 RpcLocator - ok
15:15:17.0712 3908 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:15:17.0717 3908 RpcSs - ok
15:15:17.0752 3908 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:15:17.0757 3908 rspndr - ok
15:15:17.0777 3908 RTL8023x64 (97b6d72c82b2632b3d1ad60ddac38d46) C:\Windows\system32\DRIVERS\Rtnic64.sys
15:15:17.0777 3908 RTL8023x64 - ok
15:15:17.0807 3908 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
15:15:17.0807 3908 s3cap - ok
15:15:17.0827 3908 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:15:17.0827 3908 SamSs - ok
15:15:17.0847 3908 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
15:15:17.0852 3908 sbp2port - ok
15:15:17.0872 3908 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:15:17.0887 3908 SCardSvr - ok
15:15:17.0902 3908 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
15:15:17.0902 3908 scfilter - ok
15:15:17.0972 3908 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
15:15:17.0992 3908 Schedule - ok
15:15:18.0087 3908 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:15:18.0087 3908 SCPolicySvc - ok
15:15:18.0117 3908 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
15:15:18.0132 3908 SDRSVC - ok
15:15:18.0177 3908 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:15:18.0182 3908 secdrv - ok
15:15:18.0202 3908 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
15:15:18.0202 3908 seclogon - ok
15:15:18.0222 3908 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:15:18.0222 3908 SENS - ok
15:15:18.0247 3908 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:15:18.0247 3908 SensrSvc - ok
15:15:18.0272 3908 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:15:18.0272 3908 Serenum - ok
15:15:18.0282 3908 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:15:18.0292 3908 Serial - ok
15:15:18.0327 3908 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:15:18.0327 3908 sermouse - ok
15:15:18.0347 3908 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
15:15:18.0352 3908 SessionEnv - ok
15:15:18.0382 3908 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
15:15:18.0382 3908 sffdisk - ok
15:15:18.0397 3908 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:15:18.0397 3908 sffp_mmc - ok
15:15:18.0407 3908 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
15:15:18.0407 3908 sffp_sd - ok
15:15:18.0422 3908 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:15:18.0422 3908 sfloppy - ok
15:15:18.0472 3908 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:15:18.0482 3908 SharedAccess - ok
15:15:18.0532 3908 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
15:15:18.0547 3908 ShellHWDetection - ok
15:15:18.0582 3908 Si3531 (1b731ae02fc0c1ccdc4b7d32fcc95660) C:\Windows\system32\DRIVERS\Si3531.sys
15:15:18.0592 3908 Si3531 - ok
15:15:18.0627 3908 SiFilter (8574809375c8147cc9b6a62822018fd6) C:\Windows\system32\DRIVERS\SiWinAcc.sys
15:15:18.0627 3908 SiFilter - ok
15:15:18.0637 3908 SiRemFil (e7b586131c8c417691e303c511c3563b) C:\Windows\system32\DRIVERS\SiRemFil.sys
15:15:18.0637 3908 SiRemFil - ok
15:15:18.0652 3908 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:15:18.0657 3908 SiSRaid2 - ok
15:15:18.0672 3908 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:15:18.0672 3908 SiSRaid4 - ok
15:15:18.0702 3908 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:15:18.0712 3908 Smb - ok
15:15:18.0767 3908 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:15:18.0772 3908 SNMPTRAP - ok
15:15:18.0772 3908 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:15:18.0777 3908 spldr - ok
15:15:18.0812 3908 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
15:15:18.0817 3908 Spooler - ok
15:15:18.0957 3908 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
15:15:19.0037 3908 sppsvc - ok
15:15:19.0127 3908 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:15:19.0132 3908 sppuinotify - ok
15:15:19.0182 3908 srv (43067a65522eaec33d31a12d6fa8e3f4) C:\Windows\system32\DRIVERS\srv.sys
15:15:19.0192 3908 srv - ok
15:15:19.0217 3908 srv2 (03715cf9c30b563da35fc5f2b8f7b8e0) C:\Windows\system32\DRIVERS\srv2.sys
15:15:19.0232 3908 srv2 - ok
15:15:19.0257 3908 srvnet (fbd09635227a8026c0f7790f604343c6) C:\Windows\system32\DRIVERS\srvnet.sys
15:15:19.0262 3908 srvnet - ok
15:15:19.0307 3908 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:15:19.0322 3908 SSDPSRV - ok
15:15:19.0372 3908 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:15:19.0377 3908 SstpSvc - ok
15:15:19.0497 3908 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:15:19.0507 3908 Stereo Service - ok
15:15:19.0537 3908 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:15:19.0542 3908 stexstor - ok
15:15:19.0572 3908 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
15:15:19.0572 3908 StillCam - ok
15:15:19.0667 3908 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
15:15:19.0682 3908 stisvc - ok
15:15:19.0712 3908 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
15:15:19.0712 3908 storflt - ok
15:15:19.0727 3908 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
15:15:19.0732 3908 storvsc - ok
15:15:19.0782 3908 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:15:19.0792 3908 swenum - ok
15:15:19.0927 3908 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:15:20.0002 3908 SwitchBoard - ok
15:15:20.0057 3908 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:15:20.0072 3908 swprv - ok
15:15:20.0157 3908 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
15:15:20.0207 3908 SysMain - ok
15:15:20.0302 3908 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
15:15:20.0307 3908 TabletInputService - ok
15:15:20.0332 3908 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
15:15:20.0342 3908 TapiSrv - ok
15:15:20.0377 3908 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:15:20.0382 3908 TBS - ok
15:15:20.0492 3908 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
15:15:20.0527 3908 Tcpip - ok
15:15:20.0657 3908 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
15:15:20.0667 3908 TCPIP6 - ok
15:15:20.0722 3908 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
15:15:20.0722 3908 tcpipreg - ok
15:15:20.0737 3908 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:15:20.0742 3908 TDPIPE - ok
15:15:20.0752 3908 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:15:20.0752 3908 TDTCP - ok
15:15:20.0767 3908 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
15:15:20.0777 3908 tdx - ok
15:15:20.0782 3908 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
15:15:20.0787 3908 TermDD - ok
15:15:20.0822 3908 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
15:15:20.0847 3908 TermService - ok
15:15:20.0862 3908 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:15:20.0867 3908 Themes - ok
15:15:20.0897 3908 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:15:20.0897 3908 THREADORDER - ok
15:15:20.0917 3908 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:15:20.0922 3908 TrkWks - ok
15:15:20.0967 3908 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
15:15:20.0972 3908 TrustedInstaller - ok
15:15:21.0012 3908 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:15:21.0017 3908 tssecsrv - ok
15:15:21.0082 3908 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
15:15:21.0087 3908 tunnel - ok
15:15:21.0102 3908 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:15:21.0107 3908 uagp35 - ok
15:15:21.0127 3908 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
15:15:21.0142 3908 udfs - ok
15:15:21.0177 3908 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:15:21.0177 3908 UI0Detect - ok
15:15:21.0192 3908 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
15:15:21.0197 3908 uliagpkx - ok
15:15:21.0217 3908 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
15:15:21.0217 3908 umbus - ok
15:15:21.0232 3908 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:15:21.0237 3908 UmPass - ok
15:15:21.0257 3908 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
15:15:21.0262 3908 UmRdpService - ok
15:15:21.0317 3908 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:15:21.0327 3908 upnphost - ok
15:15:21.0357 3908 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
15:15:21.0367 3908 usbaudio - ok
15:15:21.0382 3908 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
15:15:21.0387 3908 usbccgp - ok
15:15:21.0462 3908 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
15:15:21.0467 3908 usbcir - ok
15:15:21.0482 3908 usbehci (df9f9afc9aaabd8ed47975d44e38169a) C:\Windows\system32\DRIVERS\usbehci.sys
15:15:21.0482 3908 usbehci - ok
15:15:21.0522 3908 usbhub (372a91bc3c6603080a793880b0873785) C:\Windows\system32\DRIVERS\usbhub.sys
15:15:21.0532 3908 usbhub - ok
15:15:21.0542 3908 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
15:15:21.0542 3908 usbohci - ok
15:15:21.0562 3908 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:15:21.0567 3908 usbprint - ok
15:15:21.0582 3908 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:15:21.0582 3908 usbscan - ok
15:15:21.0612 3908 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:15:21.0617 3908 USBSTOR - ok
15:15:21.0637 3908 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
15:15:21.0637 3908 usbuhci - ok
15:15:21.0662 3908 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:15:21.0662 3908 UxSms - ok
15:15:21.0677 3908 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe
15:15:21.0677 3908 VaultSvc - ok
15:15:21.0692 3908 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
15:15:21.0692 3908 vdrvroot - ok
15:15:21.0742 3908 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
15:15:21.0757 3908 vds - ok
15:15:21.0792 3908 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:15:21.0792 3908 vga - ok
15:15:21.0807 3908 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:15:21.0807 3908 VgaSave - ok
15:15:21.0832 3908 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
15:15:21.0842 3908 vhdmp - ok
15:15:21.0862 3908 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
15:15:21.0862 3908 viaide - ok
15:15:21.0882 3908 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
15:15:21.0892 3908 vmbus - ok
15:15:21.0912 3908 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
15:15:21.0917 3908 VMBusHID - ok
15:15:21.0927 3908 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
15:15:21.0932 3908 volmgr - ok
15:15:21.0952 3908 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
15:15:21.0967 3908 volmgrx - ok
15:15:22.0012 3908 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
15:15:22.0027 3908 volsnap - ok
15:15:22.0067 3908 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:15:22.0072 3908 vsmraid - ok
15:15:22.0147 3908 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
15:15:22.0177 3908 VSS - ok
15:15:22.0297 3908 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:15:22.0297 3908 vwifibus - ok
15:15:22.0322 3908 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:15:22.0337 3908 W32Time - ok
15:15:22.0362 3908 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:15:22.0362 3908 WacomPen - ok
15:15:22.0412 3908 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:15:22.0422 3908 WANARP - ok
15:15:22.0427 3908 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:15:22.0427 3908 Wanarpv6 - ok
15:15:22.0512 3908 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:15:22.0542 3908 WatAdminSvc - ok
15:15:22.0687 3908 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
15:15:22.0757 3908 wbengine - ok
15:15:22.0832 3908 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:15:22.0847 3908 WbioSrvc - ok
15:15:22.0877 3908 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll
15:15:22.0892 3908 wcncsvc - ok
15:15:22.0917 3908 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:15:22.0917 3908 WcsPlugInService - ok
15:15:22.0962 3908 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:15:22.0962 3908 Wd - ok
15:15:23.0002 3908 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:15:23.0017 3908 Wdf01000 - ok
15:15:23.0057 3908 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:15:23.0067 3908 WdiServiceHost - ok
15:15:23.0072 3908 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:15:23.0072 3908 WdiSystemHost - ok
15:15:23.0097 3908 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll
15:15:23.0112 3908 WebClient - ok
15:15:23.0157 3908 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:15:23.0167 3908 Wecsvc - ok
15:15:23.0212 3908 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:15:23.0217 3908 wercplsupport - ok
15:15:23.0237 3908 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:15:23.0237 3908 WerSvc - ok
15:15:23.0277 3908 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:15:23.0277 3908 WfpLwf - ok
15:15:23.0287 3908 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:15:23.0292 3908 WIMMount - ok
15:15:23.0292 3908 WinHttpAutoProxySvc - ok
15:15:23.0357 3908 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:15:23.0367 3908 Winmgmt - ok
15:15:23.0462 3908 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
15:15:23.0502 3908 WinRM - ok
15:15:23.0612 3908 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
15:15:23.0612 3908 WinUsb - ok
15:15:23.0677 3908 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:15:23.0697 3908 Wlansvc - ok
15:15:23.0727 3908 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:15:23.0732 3908 WmiAcpi - ok
15:15:23.0797 3908 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:15:23.0797 3908 wmiApSrv - ok
15:15:23.0852 3908 WMPNetworkSvc - ok
15:15:23.0867 3908 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:15:23.0867 3908 WPCSvc - ok
15:15:23.0887 3908 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
15:15:23.0892 3908 WPDBusEnum - ok
15:15:23.0907 3908 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:15:23.0912 3908 ws2ifsl - ok
15:15:23.0912 3908 WSearch - ok
15:15:24.0027 3908 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
15:15:24.0082 3908 wuauserv - ok
15:15:24.0217 3908 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
15:15:24.0227 3908 WudfPf - ok
15:15:24.0257 3908 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:15:24.0262 3908 WUDFRd - ok
15:15:24.0272 3908 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
15:15:24.0277 3908 wudfsvc - ok
15:15:24.0297 3908 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:15:24.0307 3908 WwanSvc - ok
15:15:24.0362 3908 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
15:15:24.0387 3908 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
15:15:24.0387 3908 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
15:15:24.0422 3908 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:15:24.0422 3908 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:15:24.0427 3908 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
15:15:24.0467 3908 \Device\Harddisk1\DR1 - ok
15:15:24.0467 3908 Boot (0x1200) (9bfbde2d4b1c3d9318e922869fe7f658) \Device\Harddisk0\DR0\Partition0
15:15:24.0472 3908 \Device\Harddisk0\DR0\Partition0 - ok
15:15:24.0472 3908 Boot (0x1200) (cfd242382c1b5c33047a8a843b65b189) \Device\Harddisk1\DR1\Partition0
15:15:24.0472 3908 \Device\Harddisk1\DR1\Partition0 - ok
15:15:24.0472 3908 ============================================================
15:15:24.0472 3908 Scan finished
15:15:24.0472 3908 ============================================================
15:15:24.0477 0556 Detected object count: 2
15:15:24.0477 0556 Actual detected object count: 2
15:16:37.0007 0556 \Device\Harddisk0\DR0\# - copied to quarantine
15:16:37.0012 0556 \Device\Harddisk0\DR0 - copied to quarantine
15:16:37.0047 0556 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
15:16:37.0067 0556 \Device\Harddisk0\DR0 - ok
15:16:37.0067 0556 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure
15:16:37.0067 0556 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:16:37.0067 0556 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
15:16:50.0552 2768 Deinitialize success






Super-anti spyware free found literally hundreds of items, mostly cookies... here is it's log:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/10/2012 at 06:10 PM

Application Version : 5.5.1012

Core Rules Database Version : 9041
Trace Rules Database Version: 6853

Scan type : Complete Scan
Total Scan Time : 02:37:17

Operating System Information
Windows 7 Ultimate 64-bit (Build 6.01.7600)
UAC On - Limited User

Memory items scanned : 503
Memory threats detected : 0
Registry items scanned : 71928
Registry threats detected : 0
File items scanned : 91975
File threats detected : 471

Adware.Tracking Cookie
C:\Users\Leia\AppData\Roaming\Microsoft\Windows\Cookies\leia@invitemedia[2].txt [ /invitemedia ]
C:\Users\Leia\AppData\Roaming\Microsoft\Windows\Cookies\leia@www.windowsmedia[2].txt [ /www.windowsmedia ]
C:\USERS\LEIA\AppData\Roaming\Microsoft\Windows\Cookies\Low\leia@interclick[2].txt [ Cookie:leia@interclick.com/ ]
C:\USERS\LEIA\Cookies\leia@invitemedia[2].txt [ Cookie:leia@invitemedia.com/ ]
C:\USERS\LEIA\Cookies\leia@www.windowsmedia[2].txt [ Cookie:leia@www.windowsmedia.com/ ]
.imrworldwide.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pathfinderdb.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
network.realmedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getclicky.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.static.getclicky.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.allbritton.122.2o7.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.akamai.interclickproxy.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstnet.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
dc.tremormedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbooth.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fim.122.2o7.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.saymedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.saymedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.prd1.netshelter.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
insight.torbit.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
media.match.com [ C:\USERS\LEIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
8tracks.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
ad.insightexpressai.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
cdn.alotporn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
cdn.complexmedianetwork.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
cdn.eyewonder.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
cdn.media.abc.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
cdn.selectablemedia.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
cdn.tremormedia.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
cdn1.static.youporn.phncdn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
cdn2.baronsmedia.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
cdn5.tribalfusion.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
cdnx.tribalfusion.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
cloud.video.unrulymedia.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
cloudfront.mediamatters.org [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
convoad.technoratimedia.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
convoad.technoratimedia.net [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
ds.serving-sys.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
ia.media-imdb.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
ictv-ic-ec.indieclicktv.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
imgs.adverticum.net [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
konac.kontera.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media-vimg-net.vimg.net [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media.adxpansion.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media.crooksandliars.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media.heavy.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media.kyte.tv [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media.lvrj.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media.movieweb.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media.mtvnservices.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media.nbcmiami.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media.nbcnewyork.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media.oprah.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media.socialvibe.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media.theonion.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media.whosay.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media.wnyc.org [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
media1.break.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
msnbcmedia.msn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
objects.tremormedia.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
player.hsmmediamanager.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
s0.2mdn.net [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
secure-uk.imrworldwide.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
secure-us.imrworldwide.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
sftrack.searchforce.net [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
speed.pointroll.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
stat.easydate.biz [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
static.discoverymedia.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
www.99counters.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
www.backcountryedge.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
www.nuuporn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
wwwstatic.megaporn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GMPWBLV7 ]
C:\USERS\LEIA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\LEIA@AD.WSOD[1].TXT [ /AD.WSOD ]
.imrworldwide.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.msnportal.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.accountonline.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.cracked.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.cracked.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.cracked.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.citi.bridgetrack.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.citi.bridgetrack.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.msnbc.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
media.gsimedia.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.hearstmagazines.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.mtvn.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.andomedia.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.backcountry.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aelocpd5akp.stats.esomniture.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aelocpdpmgq.stats.esomniture.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.cracked.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.cracked.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
link.mercent.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.findsev.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.account.woot.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
bridge2.admarketplace.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.admarketplace.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.buycom.122.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
traffic.buyservices.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
insight.torbit.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.amazonlocal.122.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.smartwool.122.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
embed.hsmmediamanager.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.elitemg.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.elitemg.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.linksynergy.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.linksynergy.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.linksynergy.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
media.gsimedia.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
testdata.coremetrics.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.cbs.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.instantcrack.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
count.carrierzone.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
media.preownedweddingdresses.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.rtst.122.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
tracker.pegsanalytics.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
tracker.pegsanalytics.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.nikonjp.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
pulse-analytics-beacon.reutersmedia.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.cisco.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
countryside.ambient-mixer.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
count.carrierzone.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.gntbcstglobal.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.flagcounter.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
clicks.coolsearchnow.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.citi.bridgetrack.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.networldmedia.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.countryinns.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.carlson.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.adknowledge.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.adknowledge.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.adknowledge.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.adknowledge.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.medhelpinternational.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.geeksaresexy.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.adservesystem.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.adservesystem.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
stats.powersites.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.usatoday1.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
alotporn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
alotporn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
alotporn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
alotporn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
alotporn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
alotporn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
alotporn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
alotporn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
alotporn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.cracked.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.cracked.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.cracked.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.cracked.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.cracked.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.cracked.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.cracked.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.cracked.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.homestore.122.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.media2.legacy.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.accounts.spartzmedia.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.youporn.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.bonniercorp.122.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.media2.legacy.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.media2.legacy.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.atlanticmedia.122.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.qsstats.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.qsstats.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
www.1click-downloader.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
pathfinder.wikia.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.pathfinderdb.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
click.findsearchengineresults.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
track.clickdealer.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.microsoftwlsearchcrm.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.accountonline.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.avgtechnologies.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
.usairways.112.2o7.net [ C:\USERS\LEIA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9ZWQ3B0N.DEFAULT\COOKIES.SQLITE ]
ad.insightexpressai.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDJTFNYZ ]
crackle.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDJTFNYZ ]
media.heavy.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDJTFNYZ ]
media1.break.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDJTFNYZ ]
objects.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDJTFNYZ ]
secure-us.imrworldwide.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDJTFNYZ ]
www.goodcholesterolcount.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDJTFNYZ ]

Heur.Agent/Gen-WhiteBox
C:\USERS\LEIA\APPDATA\LOCAL\TEMP\FILE.EXE

Trojan.Agent/Gen-Yoddos
C:\USERS\LEIA\DOWNLOADS\PROGRAMS\ADOBE ACROBAT PRO X V10.0 MULTILINGUAL\ADOBE FIXING TOOLS\ADOBE ACROBAT X PRO 10 ACTIVATION DISABLER\ADOBE ACROBAT X PRO 10 ACTIVATION DISABLER.EXE



Mini tool box
reported the following
MiniToolBox by Farbar Version: 23-07-2012
Ran by Leia (administrator) on 10-08-2012 at 18:23:57
Microsoft Windows 7 Ultimate (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost








































































































































































































109.163.226.208 www.google-analytics.com.
109.163.226.208 ad-emea.doubleclick.net.
109.163.226.208 www.statcounter.com.
69.72.252.254 www.google-analytics.com.
69.72.252.254 ad-emea.doubleclick.net.
69.72.252.254 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

Wireless-N USB Network Adapter = Wireless Network Connection 3 (Connected)
NVIDIA nForce Networking Controller = Local Area Connection (Media disconnected)
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Leia-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.fl.comcast.net.

Wireless LAN adapter Wireless Network Connection 3:

Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
Description . . . . . . . . . . . : Wireless-N USB Network Adapter
Physical Address. . . . . . . . . : 00-1A-70-30-63-C0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f9c2:d2cf:2b98:c05b%16(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, August 10, 2012 6:13:15 PM
Lease Expires . . . . . . . . . . : Saturday, August 11, 2012 6:13:50 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 419437168
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-DD-07-E3-00-19-DB-CD-1D-D6
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-B0-4C-39-15-AE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
Physical Address. . . . . . . . . : 00-19-DB-CD-1D-D6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.fl.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F4E65E43-740E-4C28-8214-99F8D77916E8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2001:4860:800a::64
173.194.37.65
173.194.37.70
173.194.37.73
173.194.37.69
173.194.37.72
173.194.37.78
173.194.37.71
173.194.37.66
173.194.37.64
173.194.37.68
173.194.37.67


Pinging google.com [74.125.45.138] with 32 bytes of data:
Reply from 74.125.45.138: bytes=32 time=29ms TTL=52
Reply from 74.125.45.138: bytes=32 time=39ms TTL=52

Ping statistics for 74.125.45.138:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 29ms, Maximum = 39ms, Average = 34ms
Server: cdns01.comcast.net
Address: 75.75.75.75

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=49ms TTL=50
Reply from 209.191.122.70: bytes=32 time=49ms TTL=50

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 49ms, Maximum = 49ms, Average = 49ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...00 1a 70 30 63 c0 ......Wireless-N USB Network Adapter
12...00 b0 4c 39 15 ae ......Realtek RTL8139/810x Family Fast Ethernet NIC
11...00 19 db cd 1d d6 ......NVIDIA nForce Networking Controller
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.103 40
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.103 296
192.168.1.103 255.255.255.255 On-link 192.168.1.103 296
192.168.1.255 255.255.255.255 On-link 192.168.1.103 296
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.103 296
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.103 296
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
16 296 fe80::/64 On-link
16 296 fe80::f9c2:d2cf:2b98:c05b/128
On-link
1 306 ff00::/8 On-link
16 296 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/10/2012 06:15:11 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/10/2012 06:15:11 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/10/2012 05:46:34 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/10/2012 05:26:33 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/10/2012 05:26:18 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/10/2012 05:26:08 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/10/2012 05:25:54 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/10/2012 05:25:46 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/10/2012 05:25:30 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (08/10/2012 05:25:15 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (08/10/2012 06:13:19 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (08/10/2012 06:13:01 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (08/10/2012 06:13:00 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/10/2012 06:12:59 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/10/2012 06:12:49 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.

Error: (08/10/2012 03:32:32 PM) (Source: Service Control Manager) (User: )
Description: The AST Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/10/2012 03:18:19 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (08/10/2012 03:17:58 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (08/10/2012 03:17:54 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/10/2012 03:17:54 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (08/10/2012 06:15:11 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 06:15:11 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 05:46:34 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 05:26:33 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 05:26:18 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 05:26:08 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 05:25:54 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 05:25:46 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 05:25:30 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 05:25:15 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

"Nero SoundTrax Help (Version: 4.0.15.0)
64 Bit HP CIO Components Installer (Version: 6.2.1)
Adobe AIR (Version: 3.0.0.4080)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Suite 5.5 Master Collection (Version: 5.5)
Adobe Download Assistant (Version: 1.2.2)
Adobe Dreamweaver CS5 (Version: 11.0)
Adobe Flash Player 10 ActiveX (Version: 10.2.153.1)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Photoshop Lightroom 3.3 64-bit (Version: 3.3.1)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Story (Version: 1.0.571)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
Advertising Center (Version: 0.0.0.1)
AVG 2012 (Version: 12.0.2109)
AVS Screen Capture version 2.0.1
AVS Update Manager 1.0
AVS Video Recorder 2.4
AVS Video ReMaker 4.0.5.135
AVS4YOU Software Navigator 1.4
BitTorrent (Version: 7.2.0)
BufferChm (Version: 130.0.331.000)
calibre (Version: 0.8.54)
Color Efex Pro 3.0 Complete (Version: 3.1.0.0)
Copy (Version: 130.0.428.000)
Coupon Printer for Windows (Version: 5.0.0.1)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
Dfine 2.0 (Version: 2.1.0.2)
Diablo III (Version: 1.0.3.10485)
DJ_AIO_03_F4200_Software_Min (Version: 130.0.365.000)
DolbyFiles (Version: 2.0)
DSLR Remote Pro (Version: v2.2.1)
F4200 (Version: 130.0.365.000)
FlashPalette09E2Editor (Version: 3.0.23)
Google Chrome (Version: 21.0.1180.75)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Earth Pro (Version: 4.2.180.1134)
Google Talk Plugin (Version: 3.3.3.8675)
Google Update Helper (Version: 1.3.21.115)
GPBaseService2 (Version: 130.0.371.000)
HDRsoft Photomatix Pro (Version: 4)
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Plus B210 series Basic Device Software (Version: 22.50.231.0)
HP Photosmart Plus B210 series Help (Version: 140.0.54.54)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.002.006.003)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
ImagXpress (Version: 7.0.74.0)
ImgBurn (Version: 2.5.5.0)
Intel® Processor ID Utility (Version: 4.50.0000)
IrfanView (remove only) (Version: 4.30)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 24 (Version: 6.0.240)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
K-Lite Codec Pack 7.9.0 (Basic) (Version: 7.9.0)
LightScribe Diagnostic Utility (Version: 1.18.24.1)
LightScribe System Software (Version: 1.18.24.1)
LightScribe Template Designs - 9 to 5 Pack 1 (Version: 1.15.0.0)
LightScribe Template Designs - Bridal Pack 1 (Version: 1.15.0.0)
LightScribe Template Designs - Expressions (Version: 1.18.8.111)
LightScribe Template Designs - Grab Bag Pack 1 (Version: 1.17.0.0)
LightScribe Template Designs - Tie The Knot (Version: 1.18.8.110)
LightScribe Template Labeler (Version: 1.18.15.1)
Linksys Wireless-N USB Network Adapter Driver - WUSB300N (Version: 1.0)
Media Player Classic - Home Cinema v1.5.0.2827 x64 (Version: 1.5.0.2827)
Menu Templates - Starter Kit (Version: 9.0.4.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft DirectX SDK (June 2010) (Version: 9.29.1962.0)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 1.00.0000)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Miller's Remote Suite (PLUS)
mkv2vob (Version: 2.4.9)
Movie Templates - Starter Kit (Version: 9.0.4.0)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
mpixpro ROES
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Neat Image v6.0 Pro+
Nero 9
Nero BurningROM (Version: 9.0.0.0)
Nero BurnRights (Version: 2.99.6.100)
Nero ControlCenter (Version: 0.0.0.1)
Nero ControlCenter (Version: 9.0.0.1)
Nero CoverDesigner (Version: 4.0.5.100)
Nero CoverDesigner Help (Version: 4.0.0.0)
Nero Disc Copy Gadget (Version: 1.53.0.0)
Nero Disc Copy Gadget Help (Version: 2.0.0.0)
Nero DiscSpeed (Version: 4.99.5.105)
Nero DriveSpeed (Version: 3.99.5.105)
Nero Express (Version: 9.0.0.0)
Nero InfoTool (Version: 5.99.5.105)
Nero Installer (Version: 2.0.0.1)
Nero Live (Version: 1.0.164.0)
Nero Live Help (Version: 1.0.162.0)
Nero Recode (Version: 3.53.0.0)
Nero Recode Help (Version: 3.53.0.0)
Nero Rescue Agent (Version: 1.99.0.1)
Nero RescueAgent Help (Version: 1.99.0.1)
Nero ShowTime (Version: 4.99.0.0)
Nero StartSmart (Version: 9.0.9.100)
Nero StartSmart Help (Version: 9.0.0.0)
Nero Vision (Version: 0.0.0.1)
Nero Vision (Version: 6.0.6.100)
Nero WaveEditor (Version: 5.0.18.0)
Nero WaveEditor Help (Version: 5.0.15.0)
NeroBurningROM (Version: 9.0.9.100)
NeroExpress (Version: 9.0.9.100)
neroxml (Version: 1.0.0)
NKRemote (Version: v1.3)
NVIDIA 3D Vision Controller Driver 301.42 (Version: 301.42)
NVIDIA 3D Vision Driver 301.42 (Version: 301.42)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0142)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
PDF Settings CS5 (Version: 10.0)
Photomatix Pro version 4.2.1 (Version: 4.2.1)
Picasa 3 (Version: 3.8)
Plug-in Suite 5.0.1 (Version: 5.0.1)
PVSonyDll (Version: 1.00.0001)
PxMergeModule (Version: 1.00.0000)
Registry Mechanic 9.0 (Version: 9.0)
Sansa Updater (Version: 1.313)
Scan (Version: 13.0.0.0)
Sharpener Pro 3.0 (Version: 3.0.0.1)
Silver Efex Pro (Version: 1.001)
Slice Audio File Splitter
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
SoundTrax (Version: 4.0.18.0)
Spotify (Version: 0.8.1.32.g93407e5e)
Status (Version: 130.0.469.000)
Stellarium 0.11.3
SUPERAntiSpyware (Version: 5.5.1012)
System Requirements Lab CYRI (Version: 4.5.1.0)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft Office 2010 (KB2553092)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Viveza (Version: 1.002)
WavePad Sound Editor
WebReg (Version: 130.0.132.017)
Winamp (Version: 5.601 )
Winamp Detector Plug-in (Version: 1.0.0.1)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 4095.35 MB
Available physical RAM: 2810.02 MB
Total Pagefile: 8188.85 MB
Available Pagefile: 6581 MB
Total Virtual: 4095.88 MB
Available Virtual: 3953.56 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:298.09 GB) (Free:70.57 GB) NTFS
4 Drive f: (Media) (Fixed) (Total:1863.01 GB) (Free:230.51 GB) NTFS

========================= Users: ========================================

User accounts for \\LEIA-PC

Administrator Guest Leia
UpdatusUser


**** End of log ****

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:55 PM

Posted 10 August 2012 - 07:59 PM

Hello,rerun TDSS.. Change the option on these 2 to Cure or Delete.

15:16:37.0067 0556 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:16:37.0067 0556 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


Lets see if we can reset your Hosts file.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the prompts in the Fix it wizard.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 wickedb

wickedb
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:55 PM

Posted 11 August 2012 - 03:00 AM

I reran rkill and then TDSS, deleting the file. I then ran Microsoft Fix it. The pop ups are still present though. Anything else I can try?

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:55 PM

Posted 11 August 2012 - 09:32 PM

Are you on a router? Are other machines on it,if so are they redirecting?

Do you use the Firefox or Chrome browser?


Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 wickedb

wickedb
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:55 PM

Posted 12 August 2012 - 11:43 PM

I am on a router and with other machines. However, no other machine is redirecting, nor are they infected.

Gooredfix log
GooredFix by jpshortstuff (03.07.10.1)
Log created at 14:14 on 12/08/2012 (Leia)
Firefox version 14.0.1 (en-US)

========== GooredScan ==========

(none)

========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [03:58 23/02/2012]

C:\Users\Leia\Application Data\Mozilla\Firefox\Profiles\9zwq3b0n.default\extensions\
(none)

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [15:37 19/06/2011]
"{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}"="C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}" [17:34 03/01/2012]

-=E.O.F=-


ESET Log
C:\Users\Leia\Downloads\Photomatrix_Pro_2.4.1_+_keygen.zip probably a variant of Win32/Agent.NAWGAHZ trojan deleted - quarantined
C:\Users\Leia\LeiaElizabeth\Blog\wp-content\themes\curtain\footer.php PHP/Kryptik.AB trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\126a9d6c-5f73687b Java/Exploit.CVE-2011-3544.AG trojan deleted - quarantined
C:\Windows\Temp\jar_cache1088397512820816572.tmp Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Windows\Temp\jar_cache4442259175590681878.tmp Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
F:\EBOOK\march\my documents\LeiaElizabeth\Blog\wp-content\themes\curtain\footer.php PHP/Kryptik.AB trojan cleaned by deleting - quarantined
F:\EBOOK\Website files\LeiaElizabeth\Blog\wp-content\themes\curtain\footer.php PHP/Kryptik.AB trojan cleaned by deleting (after the next restart) - quarantined
F:\My documents\LeiaElizabeth\Blog\wp-content\themes\curtain\footer.php PHP/Kryptik.AB trojan cleaned by deleting - quarantined
G:\adobe unzipped\Crack\disable_activation.cmd BAT/HostsChanger.A application cleaned by deleting - quarantined
G:\LEIA-PC\Backup Set 2010-12-10 200319\Backup Files 2010-12-10 200319\Backup files 1.zip PHP/Kryptik.AB trojan deleted - quarantined
G:\LEIA-PC\Backup Set 2010-12-10 200319\Backup Files 2010-12-10 200319\Backup files 19.zip multiple threats deleted - quarantined

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:55 PM

Posted 13 August 2012 - 09:55 AM

How are the popups now? I suspect you are downloading infections from torrents. This is very common with them.

IMPORTANT NOTE: The practice of using cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

trendmicro.com/vinfo

...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV

...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study

...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

Before we can continue, I need you to remove all cracks and keygens immediately to reduce the risk of infection/reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so we need to ensure they have been removed.

Using these types of programs or the websites you visited to get them is almost a guaranteed way to get yourself infected!!

Edited by boopme, 13 August 2012 - 09:56 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 wickedb

wickedb
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:55 PM

Posted 13 August 2012 - 09:19 PM

I'm still dealing with the pop ups and redirects. I've gone through and deleted any cracks or key generators I've found. And since we've started i've allowed any program to remove the ones they're found.
Is there any way you would recommend to search for any other programs I may have missed?

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:55 PM

Posted 14 August 2012 - 10:24 AM

Please download CKScanner
Important: Save it to your Desktop.
Right-click CKScanner.exe > select: 'Run as administrator', then, click: Search For Files
When the cursor's hourglass disappears, click: Save List To File
A message box verifies the file saved.
Double-click the CKFiles.txt icon on your Desktop, and copy/paste the contents in your next reply.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 wickedb

wickedb
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:55 PM

Posted 14 August 2012 - 08:46 PM

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\adobe\adobe premiere pro cs5.5\plug-ins\en_us\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cs5.5\plug-ins\en_us\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cs5.5\plug-ins\en_us\vstplugins\decrackler6.dll
c:\program files (x86)\adobe\adobe flash catalyst cs5.5\plugins\com.adobe.thermo.core_1.5.0.308731\com\adobe\thermo\undo\thermoundosystem$undoabledocumentchangecracker.class
c:\program files (x86)\common files\adobe\adobe contribute cs5.1\app\configuration\browsers\mozilla run time libraries\dist\idl\nsikeygenthread.idl
c:\program files (x86)\common files\adobe\adobe contribute cs5.1\app\configuration\browsers\mozilla run time libraries\dist\include\nsikeygenthread.h
c:\program files (x86)\microsoft directx sdk (june 2010)\samples\c++\direct3d\uvatlas\crackdecl.cpp
c:\program files (x86)\microsoft directx sdk (june 2010)\samples\c++\direct3d\uvatlas\crackdecl.h
c:\users\leia\calibre library\christie, agatha\the mirror crack's from side to side (197)\metadata.opf
c:\users\leia\calibre library\christie, agatha\the mirror crack's from side to side (197)\the mirror crack's from side to side - christie, agatha.epub
c:\users\leia\downloads\programs\adbe_cs5_masterkeygen\core.nfo
c:\users\leia\downloads\programs\adbe_cs5_masterkeygen\file_id.diz
scanner sequence 3.GE.11.SJAPMD
----- EOF -----

#12 wickedb

wickedb
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:55 PM

Posted 14 August 2012 - 10:22 PM

I manually retrieved and deleted the following files:
c:\program files (x86)\common files\adobe\adobe contribute cs5.1\app\configuration\browsers\mozilla run time libraries\dist\idl\nsikeygenthread.idl
c:\program files (x86)\common files\adobe\adobe contribute cs5.1\app\configuration\browsers\mozilla run time libraries\dist\include\nsikeygenthread.h
c:\users\leia\downloads\programs\adbe_cs5_masterkeygen\core.nfo
c:\users\leia\downloads\programs\adbe_cs5_masterkeygen\file_id.diz

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:55 PM

Posted 15 August 2012 - 09:43 AM

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 wickedb

wickedb
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:55 PM

Posted 15 August 2012 - 11:20 PM

RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: Leia [Admin rights]
Mode: HOSTSFix -- Date: 08/16/2012 00:20:00

Bad processes: 1
[SUSP PATH] SansaDispatch.exe -- C:\Users\Leia\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe -> KILLED [TermProc]

Driver: [NOT LOADED]

HOSTS File:
127.0.0.1 localhost


Resetted HOSTS:
127.0.0.1 localhost

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:55 PM

Posted 16 August 2012 - 09:38 PM

Are the Popups gone now having fixed the Hosts file?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users