Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect virus


  • Please log in to reply
8 replies to this topic

#1 mistuhsun

mistuhsun

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 24 September 2012 - 03:49 PM

Hey guys, I've become an unfortunate victim of a Google redirect virus. The most common site that it redirects me to is click.get-amazing-results.com. Also, it seems to only be working with Firefox; I've tried Googling with IE a fair amount and so far no redirects have occurred.

I've run Malwarebytes, Microsoft Security Essentials, and Avira Antivirus scans, and they've found nothing. I've also run TDSSkiller. I'd appreciate some help with the problem. Let me know what I can provide to help you get this bug off of my system.

Thanks!

Edited by mistuhsun, 24 September 2012 - 04:00 PM.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:32 AM

Posted 24 September 2012 - 06:22 PM

Remove either Avira or MSE you should not have two antivirus applications.


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE


Post the log here.



Then run a scan with eset remove all that it finds reboot your machine and if the issue persist see below.
http://www.eset.com/us/online-scanner/

When the scan finish list found threats save to clipboard post to notepad Post the log here.



Please download FarbarServiceScanner and run it on the computer with the issue.
http://download.bleepingcomputer.com/farbar/FSS.exe


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:


Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:32 AM

Posted 24 September 2012 - 07:41 PM

I would add i would also like to see this log.

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 mistuhsun

mistuhsun
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 26 September 2012 - 02:15 PM

SuperAntiSpyware Log
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/25/2012 at 03:06 AM

Application Version : 5.5.1022

Core Rules Database Version : 9284
Trace Rules Database Version: 7096

Scan type       : Quick Scan
Total Scan Time : 00:07:18

Operating System Information
Windows 7 Ultimate 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 838
Memory threats detected   : 0
Registry items scanned    : 27823
Registry threats detected : 0
File items scanned        : 8712
File threats detected     : 674

Adware.Tracking Cookie
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\QJAA3QOV.txt [ /mediaplex.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\2NJOBTTT.txt [ /pointroll.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\9L382X1U.txt [ /doubleclick.net ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\TGL6N355.txt [ /c.atdmt.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\T5CNDJ6C.txt [ /www.googleadservices.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\KM1WLUSY.txt [ /zedo.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\N1XR16UM.txt [ /googleads.g.doubleclick.net ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\ZE41TYN7.txt [ /atdmt.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\YU21XZS5.txt [ /kontera.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\YIWO1AWF.txt [ /questionmarket.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\6MRBAXJO.txt [ /msnportal.112.2o7.net ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\ZV5QTIA3.txt [ /ads.bleepingcomputer.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\MTTZBZP3.txt [ /statcounter.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\IU94V9SY.txt [ /casalemedia.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\C9X96G5X.txt [ /apmebf.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\UHAL4T3Q.txt [ /lucidmedia.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\PUB1BDQ5.txt [ /accounts.google.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\BKO47AKR.txt [ /a1.interclick.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\BYQEDY5P.txt [ /tribalfusion.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\X5AT629D.txt [ /media6degrees.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\0SL5LG3X.txt [ /interclick.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\GND1I3NE.txt [ /fastclick.net ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\FIQJXG2K.txt [ /invitemedia.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\M87XMGUH.txt [ /yieldmanager.net ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\ZBXT25SQ.txt [ /statse.webtrendslive.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\R8H3V2FX.txt [ /ad.yieldmanager.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\ZINQ1ZH7.txt [ /ads.pointroll.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\P73WG3NZ.txt [ /imrworldwide.com ]
	C:\Users\Han\AppData\Roaming\Microsoft\Windows\Cookies\19OZNIW5.txt [ /ads.intergi.com ]
	.invitemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\M3ABJ0XI.txt [ Cookie:han@pointroll.com/ ]
	C:\USERS\HAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\JE6CKGPB.txt [ Cookie:han@revsci.net/ ]
	.atdmt.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\6S67UW64.txt [ Cookie:han@doubleclick.net/ ]
	.adtech.de [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\39KZKEUS.txt [ Cookie:han@serving-sys.com/ ]
	.mediaplex.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\IHO2QH7G.txt [ Cookie:han@c.atdmt.com/ ]
	.questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.kontera.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\8SZXVSLJ.txt [ Cookie:han@atdmt.com/ ]
	.legolas-media.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\PZ57P8OT.txt [ Cookie:han@adlegend.com/ ]
	.zedo.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\OOHZA1KM.txt [ Cookie:han@collective-media.net/ ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\CTXUZ71G.txt [ Cookie:han@advertising.com/ ]
	.server.cpmstar.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.pointroll.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adserver.adtechus.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\NQMLAH7L.txt [ Cookie:han@media6degrees.com/ ]
	C:\USERS\HAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\han@interclick[1].txt [ Cookie:han@interclick.com/ ]
	.specificclick.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\han@fastclick[2].txt [ Cookie:han@fastclick.net/ ]
	C:\USERS\HAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\FH8EQKVC.txt [ Cookie:han@invitemedia.com/ ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.realmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\5JV64ILM.txt [ Cookie:han@ads.pointroll.com/ ]
	C:\USERS\HAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\YSJLK0RQ.txt [ Cookie:han@imrworldwide.com/cgi-bin ]
	questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.technoratimedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\Cookies\2NJOBTTT.txt [ Cookie:han@pointroll.com/ ]
	.lfstmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.at.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\Cookies\9L382X1U.txt [ Cookie:han@doubleclick.net/ ]
	.getclicky.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.static.getclicky.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\Cookies\TGL6N355.txt [ Cookie:han@c.atdmt.com/ ]
	in.getclicky.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adtechus.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\Cookies\KM1WLUSY.txt [ Cookie:han@zedo.com/ ]
	C:\USERS\HAN\Cookies\N1XR16UM.txt [ Cookie:han@googleads.g.doubleclick.net/ ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\Cookies\ZE41TYN7.txt [ Cookie:han@atdmt.com/ ]
	C:\USERS\HAN\Cookies\YU21XZS5.txt [ Cookie:han@kontera.com/ ]
	wstat.wibiya.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.247realmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.xiti.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\Cookies\6MRBAXJO.txt [ Cookie:han@msnportal.112.2o7.net/ ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\Cookies\MTTZBZP3.txt [ Cookie:han@statcounter.com/ ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\Cookies\C9X96G5X.txt [ Cookie:han@apmebf.com/ ]
	C:\USERS\HAN\Cookies\BYQEDY5P.txt [ Cookie:han@tribalfusion.com/ ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\Cookies\X5AT629D.txt [ Cookie:han@media6degrees.com/ ]
	.zedo.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\Cookies\0SL5LG3X.txt [ Cookie:han@interclick.com/ ]
	.ad.yieldmanager.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\Cookies\GND1I3NE.txt [ Cookie:han@fastclick.net/ ]
	.112.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\Cookies\FIQJXG2K.txt [ Cookie:han@invitemedia.com/ ]
	C:\USERS\HAN\Cookies\M87XMGUH.txt [ Cookie:han@yieldmanager.net/ ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\Cookies\ZBXT25SQ.txt [ Cookie:han@statse.webtrendslive.com/ ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\Cookies\R8H3V2FX.txt [ Cookie:han@ad.yieldmanager.com/ ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	C:\USERS\HAN\Cookies\ZINQ1ZH7.txt [ Cookie:han@ads.pointroll.com/ ]
	C:\USERS\HAN\Cookies\P73WG3NZ.txt [ Cookie:han@imrworldwide.com/cgi-bin ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.technoratimedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.statcounter.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	mediaservices-d.openxenterprise.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	mediaservices-d.openxenterprise.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	adserver.adreactor.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.redorbit.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.redorbit.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.redditenhancementsuite.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.redditenhancementsuite.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.dmtracker.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adxpose.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.harrenmedianetwork.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adnetwork.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.statcounter.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.saymedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ad-g.doubleclick.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	googleads.g.doubleclick.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	insight.torbit.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	7.rotator.wigetmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ad.harrenmedianetwork.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.a1.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.a1.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	d3.zedo.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	d3.zedo.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.traveladvertising.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.mediafire.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.pcworldcommunication.122.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	rotator.adjuggler.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adjuggler.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.a1.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ad.mlnadvertising.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	auslieferung.commindo-media-ressourcen.de [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	auslieferung.commindo-media-ressourcen.de [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	auslieferung.commindo-media-ressourcen.de [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.trafficmp.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.trafficmp.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.mediaservices-d.openxenterprise.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ads.bridgetrack.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.atlanticmedia.122.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.enoratraffic.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.sexad.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ads2.zeusclicks.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.eyeviewads.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.eyeviewads.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.saymedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.server.cpmstar.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.server.cpmstar.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.estat.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.traveladvertising.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.martiniadnetwork.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.martiniadnetwork.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.martiniadnetwork.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.martiniadnetwork.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.burstnet.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	gearslutz.advertserve.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.mediaconverter.org [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.mediaconverter.org [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.mediaconverter.org [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.server.cpmstar.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.tag.mediashakers.hiro.tv [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.tag.mediashakers.hiro.tv [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.tunefind.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.tunefind.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.tunefind.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.pubads.g.doubleclick.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.s.clickability.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.s.clickability.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.stats.slashgear.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.stats.slashgear.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	counters.gigya.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.liveperson.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.3dstats.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.game-advertising-online.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.clickbooth.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.network.realmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ads.trafficjunky.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	mshakers.rotator.hadj7.adjuggler.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	z.blogads.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.intermundomedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.intermundomedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.steelhousemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.px.steelhousemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ads.bridgetrack.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	rotator.adjuggler.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.soundclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.soundclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.soundclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.newsday.122.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	dc.tremormedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.burstnet.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.mmstat.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cnzz.mmstat.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.bs.serving-sys.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.everyscreenmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cdnl.complexmedianetwork.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cdnl.complexmedianetwork.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ads.redorbit.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ar.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ad-g.doubleclick.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.liveperson.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.www.burstnet.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.server.cpmstar.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.liveperson.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.redorbit.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.redorbit.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	bridge.ame.admarketplace.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.admarketplace.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.mtvn.112.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.microsoftsto.112.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.citygridmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.realmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adserver.adtechus.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adserver.adtechus.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.burstnet.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.usnews.122.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cdn.complexmedianetwork.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cdn.complexmedianetwork.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.server.cpmstar.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	7.rotator.wigetmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.click202.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.click202.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.solvemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.solvemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.solvemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.server.cpmstar.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.stats.complex.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.stats.complex.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	mshakers.rotator.hadj7.adjuggler.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.googleads.g.doubleclick.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.yieldmanager.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adlegend.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adlegend.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.solvemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	tracking.affiliaxe.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ad2.adfarm1.adition.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	xml.trafficengine.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	click.gethotresults.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.saymedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.realmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.media.adfrontiers.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.realmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	mediaservices-d.openxenterprise.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.realmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.micklemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.pro-market.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.c1.atdmt.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adserver.adtechus.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.247realmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.media2.legacy.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ww251.smartadserver.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adserver.adtechus.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.trafficmp.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.mediafire.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.mediafire.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.mediafire.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.mediafire.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.www.media970.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.burstnet.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	gr.burstnet.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.yadro.ru [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.realmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	optimize.indieclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	optimize.indieclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.burstnet.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.media2.legacy.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.media2.legacy.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.realmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.realmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.burstnet.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.burstnet.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.burstnet.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.burstnet.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.burstnet.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.pointroll.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.t.pointroll.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.technoratimedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.technoratimedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	csm.rotator.hadj7.adjuggler.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.traveladvertising.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.traveladvertising.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.media.adfrontiers.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	csm.rotator.hadj7.adjuggler.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	csm.rotator.hadj7.adjuggler.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ar.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ar.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.www.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.www.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.www.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	www.cracked.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.nhl.112.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.a1.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.a1.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.pro-market.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.pro-market.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.pro-market.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.pro-market.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.pro-market.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.fastclick.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.lucidmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.lucidmedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.saymedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	stats.adotube.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.indieclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	optimize.indieclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	optimize.indieclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	optimize.indieclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	questionablecontent.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adknowledge.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adknowledge.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adknowledge.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adknowledge.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.at.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.at.atwola.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.tacoda.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	click.get-amazing-results.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.liveperson.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	track.prd1.netshelter.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.bs.serving-sys.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	blogcounter.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.statcounter.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	statse.webtrendslive.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.cisco.112.2o7.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.mm.chitika.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	server.iad.liveperson.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.liveperson.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	click.get-amazing-results.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.w3counter.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.googleads.g.doubleclick.net [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.tribalfusion.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adserver.adtechus.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.a1.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.a1.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.a1.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.a1.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.a1.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.a1.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.a1.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\HAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WW0JT2GS.DEFAULT\COOKIES.SQLITE ]

ESET Scanner Log - No threats found
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=214fe535c6042142be37cffc4d443c1d
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-11 08:17:56
# local_time=2012-09-11 02:17:56 (-0700, Mountain Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 22501028 98934937 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=392407
# found=0
# cleaned=0
# scan_time=4530
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=214fe535c6042142be37cffc4d443c1d
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-25 10:43:25
# local_time=2012-09-25 05:43:25 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 23672032 100105941 0 0
# compatibility_mode=8192 67108863 100 0 249948 249948 0 0
# scanned=690440
# found=0
# cleaned=0
# scan_time=8655
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=214fe535c6042142be37cffc4d443c1d
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-26 10:08:00
# local_time=2012-09-26 05:08:00 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 23755240 100189149 0 0
# compatibility_mode=8192 67108863 100 0 333156 333156 0 0
# scanned=692465
# found=0
# cleaned=0
# scan_time=9722
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=214fe535c6042142be37cffc4d443c1d
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-26 03:54:46
# local_time=2012-09-26 10:54:46 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 23785762 100219671 0 0
# compatibility_mode=8192 67108863 100 0 363678 363678 0 0
# scanned=161
# found=0
# cleaned=0
# scan_time=5
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=214fe535c6042142be37cffc4d443c1d
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-26 06:45:08
# local_time=2012-09-26 01:45:08 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 23786973 100220882 0 0
# compatibility_mode=8192 67108863 100 0 364889 364889 0 0
# scanned=692448
# found=0
# cleaned=0
# scan_time=9017


FSS Log
Farbar Service Scanner Version: 19-09-2012
Ran by Han (administrator) on 26-09-2012 at 13:57:04
Running from "C:\Users\Han\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-09-12 00:26] - [2012-08-22 12:16] - 1292144 ____A (Microsoft Corporation) A5EBB8F648000E88B7D9390B514976BF

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Minitoolbox Log
MiniToolBox by Farbar  Version: 23-07-2012
Ran by Han (administrator) on 26-09-2012 at 13:57:59
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ============================== 

"network.proxy.type", 4
========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Intel(R) WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Intel(R) 82567LM Gigabit Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=192.168.100.1 publish=Yes
add address name="Local Area Connection" address=192.168.100.166 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Han-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.il.comcast.net.

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : hsd1.il.comcast.net.
   Description . . . . . . . . . . . : Intel(R) WiFi Link 5100 AGN
   Physical Address. . . . . . . . . : 00-21-5D-46-D5-30
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b98b:cb1:a522:7254%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.198(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, September 26, 2012 2:18:37 AM
   Lease Expires . . . . . . . . . . : Thursday, September 27, 2012 2:18:37 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 218112349
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-68-FA-22-00-1C-25-94-EF-7F
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel(R) 82567LM Gigabit Network Connection
   Physical Address. . . . . . . . . : 00-1C-25-94-EF-7F
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{417E626D-4F77-4EB6-8A3E-95FDDBC12377}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:1c56:274c:3f57:ff39(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::1c56:274c:3f57:ff39%15(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.hsd1.il.comcast.net.:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.il.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.0.1

Name:    google.com
Addresses:  2607:f8b0:4009:802::1008
	  74.125.225.34
	  74.125.225.37
	  74.125.225.39
	  74.125.225.35
	  74.125.225.40
	  74.125.225.36
	  74.125.225.41
	  74.125.225.33
	  74.125.225.46
	  74.125.225.32
	  74.125.225.38


Pinging google.com [74.125.225.46] with 32 bytes of data:
Reply from 74.125.225.46: bytes=32 time=17ms TTL=56
Reply from 74.125.225.46: bytes=32 time=20ms TTL=56

Ping statistics for 74.125.225.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 17ms, Maximum = 20ms, Average = 18ms
Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  72.30.38.140
	  98.138.253.109
	  98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=1065ms TTL=52
Reply from 98.139.183.24: bytes=32 time=910ms TTL=52

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 910ms, Maximum = 1065ms, Average = 987ms
Server:  UnKnown
Address:  192.168.0.1

Name:    bleepingcomputer.com
Address:  208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...00 21 5d 46 d5 30 ......Intel(R) WiFi Link 5100 AGN
 10...00 1c 25 94 ef 7f ......Intel(R) 82567LM Gigabit Network Connection
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.198     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.198    281
    192.168.0.198  255.255.255.255         On-link     192.168.0.198    281
    192.168.0.255  255.255.255.255         On-link     192.168.0.198    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.198    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.198    281
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0    192.168.100.1  Default 
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 15     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 15     58 2001::/32                On-link
 15    306 2001:0:9d38:6ab8:1c56:274c:3f57:ff39/128
                                    On-link
 11    281 fe80::/64                On-link
 15    306 fe80::/64                On-link
 15    306 fe80::1c56:274c:3f57:ff39/128
                                    On-link
 11    281 fe80::b98b:cb1:a522:7254/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/21/2012 05:45:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0527f1f8
Faulting process id: 0xe58
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (08/25/2012 05:34:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (08/16/2012 00:25:20 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 14.0.1.4577 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 630

Start Time: 01cd7bc8ec87a96f

Termination Time: 27

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: 589cd9cf-e7c7-11e1-8753-001c2594ef7f

Error: (08/09/2012 11:38:34 AM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_3_300_265.exe, version: 11.3.300.265, time stamp: 0x4febd5ac
Faulting module name: NPSWF32_11_3_300_265.dll, version: 11.3.300.265, time stamp: 0x4febd798
Exception code: 0xc0000005
Fault offset: 0x001e1bd3
Faulting process id: 0x1070
Faulting application start time: 0xFlashPlayerPlugin_11_3_300_265.exe0
Faulting application path: FlashPlayerPlugin_11_3_300_265.exe1
Faulting module path: FlashPlayerPlugin_11_3_300_265.exe2
Report Id: FlashPlayerPlugin_11_3_300_265.exe3

Error: (08/05/2012 08:37:46 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/05/2012 08:37:46 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/05/2012 08:37:46 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/05/2012 08:37:46 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
	Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (08/05/2012 08:37:44 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/05/2012 08:37:44 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
	The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)


System errors:
=============
Error: (09/26/2012 10:54:58 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/25/2012 06:27:13 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/25/2012 02:55:54 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (09/24/2012 03:31:47 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{2696B3D1-C64E-45A1-B4FF-6E87470320A0}.
The backup browser is stopping.

Error: (09/24/2012 03:15:36 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (09/24/2012 01:29:28 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (09/24/2012 01:08:32 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 1.137.262.0

	Update Source: %NT AUTHORITY59

	Update Stage: 4.0.1526.00

	Source Path: 4.0.1526.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\SYSTEM

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (09/24/2012 01:08:31 PM) (Source: DCOM) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (09/24/2012 01:08:13 PM) (Source: DCOM) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (09/24/2012 01:00:14 PM) (Source: Service Control Manager) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1068


Microsoft Office Sessions:
=========================
Error: (09/21/2012 05:45:25 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d6727a7unknown0.0.0.000000000c00000050527f1f8e5801cd961398d45934C:\Windows\Explorer.EXEunknown0836143e-043e-11e2-9678-001c2594ef7f

Error: (08/25/2012 05:34:32 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORd:\downloads\adobe premiere pro cs4\premiere pro install\adobe premiere pro cs4\payloads\adobeamp-mul\adobe air\Versions\1.0\Adobe AIR.dlld:\downloads\adobe premiere pro cs4\premiere pro install\adobe premiere pro cs4\payloads\adobeamp-mul\adobe air\Versions\1.0\Adobe AIR.dll3

Error: (08/16/2012 00:25:20 PM) (Source: Application Hang)(User: )
Description: firefox.exe14.0.1.457763001cd7bc8ec87a96f27C:\Program Files\Mozilla Firefox\firefox.exe589cd9cf-e7c7-11e1-8753-001c2594ef7f

Error: (08/09/2012 11:38:34 AM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_3_300_265.exe11.3.300.2654febd5acNPSWF32_11_3_300_265.dll11.3.300.2654febd798c0000005001e1bd3107001cd76470f01634aC:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exeC:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dlla8e3310a-e240-11e1-9dfd-001c2594ef7f

Error: (08/05/2012 08:37:46 PM) (Source: Windows Search Service)(User: )
Description: Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/05/2012 08:37:46 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/05/2012 08:37:46 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/05/2012 08:37:46 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
	Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (08/05/2012 08:37:44 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
	The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (08/05/2012 08:37:44 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
	The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
7-Zip 9.20
Adobe AIR (Version: 2.5.1.17730)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Audition CS5.5 (Version: 4.0)
Adobe CMaps CS4 (Version: 2.0)
Adobe Community Help (Version: 3.4.980)
Adobe Default Language CS4 (Version: 2.0)
Adobe Download Assistant (Version: 1.0.6)
Adobe Dynamiclink Support (Version: 1)
Adobe Encore CS4 Codecs (Version: 4)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Flash Player 11 Plugin (Version: 11.4.402.278)
Adobe Fonts All (Version: 2.0)
Adobe Illustrator CS5.1 (Version: 15.1)
Adobe Media Encoder CS4 (Version: 1.0)
Adobe Media Encoder CS4 Additional Exporter (Version: 1.0)
Adobe Media Encoder CS4 Dolby (Version: 1.0)
Adobe Media Encoder CS4 Exporter (Version: 1.0)
Adobe Media Encoder CS4 Importer (Version: 1.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Photoshop CS5.1 (Version: 12.1)
Adobe Photoshop Lightroom 3.4 (Version: 3.4.1)
Adobe Premiere Pro CS4 (Version: 4)
Adobe Premiere Pro CS4 Functional Content (Version: 4)
Adobe Premiere Pro CS4 Third Party Content (Version: 4)
Adobe Premiere Pro CS5.5 (Version: 5.5)
Adobe Setup (Version: 2.0)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe XMP Panels CS4 (Version: 2.0)
Any Audio Converter 3.3.1
Any Video Converter 3.4.2
ATI Catalyst Install Manager (Version: 3.0.800.0)
ATI Uninstaller (Version: 8.792.5-110424b-119200C-Lenovo)
Avira Free Antivirus (Version: 12.0.0.1199)
Bullzip PDF Printer 7.2.0.1338 (Version: 7.2.0.1338)
CANON iMAGE GATEWAY MyCamera Download Plugin (Version: 3.1.1.2)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.9.0.9)
Canon MOV Decoder (Version: 1.8.0.7)
Canon MOV Encoder (Version: 1.6.0.1)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.7.0.4)
Canon Utilities Digital Photo Professional 3.10 (Version: 3.10.0.0)
Canon Utilities EOS Utility (Version: 2.10.0.0)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (Version: 1.0.0.10)
Canon Utilities PhotoStitch (Version: 3.1.22.46)
Canon Utilities Picture Style Editor (Version: 1.9.0.0)
Canon Utilities ZoomBrowser EX (Version: 6.7.0.24)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.5.0.9)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Vista (Version: 2011.0424.2249.39080)
Catalyst Control Center InstallProxy (Version: 2011.0424.2249.39080)
Catalyst Control Center Localization All (Version: 2011.0424.2249.39080)
ccc-core-static (Version: 2011.0424.2249.39080)
ccc-utility (Version: 2011.0424.2249.39080)
CCC Help Chinese Standard (Version: 2011.0424.2248.39080)
CCC Help Chinese Traditional (Version: 2011.0424.2248.39080)
CCC Help Dutch (Version: 2011.0424.2248.39080)
CCC Help English (Version: 2011.0424.2248.39080)
CCC Help French (Version: 2011.0424.2248.39080)
CCC Help German (Version: 2011.0424.2248.39080)
CCC Help Italian (Version: 2011.0424.2248.39080)
CCC Help Japanese (Version: 2011.0424.2248.39080)
CCC Help Korean (Version: 2011.0424.2248.39080)
CCC Help Portuguese (Version: 2011.0424.2248.39080)
CCC Help Spanish (Version: 2011.0424.2248.39080)
CCC Help Swedish (Version: 2011.0424.2248.39080)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Combined Community Codec Pack 2011-11-11 (Version: 2011.11.11.0)
Conexant 20561 SmartAudio HD (Version: 4.92.12.0)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler (Version: 2.09)
Diablo III (Version: 1.0.3.10235)
Dropbox (Version: 1.4.7)
ESET Online Scanner v3
Foxit Reader 5.1 (Version: 5.1.4.104)
Google Talk Plugin (Version: 3.7.1.9330)
Guild Wars 2
Guitar Pro 5.2
Integrated Camera (Version: 5.8.53003.0)
Intel PROSet Wireless
Intel(R) Management Engine Interface
Intel(R) Network Connections Drivers (Version: 16.1)
Intel(R) PROSet/Wireless WiFi Software (Version: 14.2.0000)
Intel® Matrix Storage Manager
Java Auto Updater (Version: 2.1.6.0)
Java(TM) 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
League of Legends (Version: 1.3)
Lenovo Auto Scroll Utility (Version: 1.11)
Lenovo Patch Utility (Version: 1.0.1.1)
Lenovo System Interface Driver (Version: 1.05)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MATLAB R2010a (Version: 7.10)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MusicBee (Version: 1.3.4334)
NETGEAR WNDA4100 (Version: 1.2.0.0)
NETGEAR WNDA4100 Genie (Version: 1.2.0.0)
Notepad++ (Version: 5.9.6.2)
NVIDIA PhysX (Version: 9.11.1107)
On Screen Display (Version: 6.60.03)
Pando Media Booster (Version: 2.6.0.1)
PDF Settings CS5 (Version: 10.0)
Photoshop Camera Raw (Version: 5.0)
Pidgin (Version: 2.10.0)
PX Profile Update (Version: 1.00.1.)
PxMergeModule (Version: 1.00.0000)
Rainmeter (Version: 2.1 r959)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.5.0)
Skype™ 5.10 (Version: 5.10.116)
Spotify (Version: 0.8.4.124.ga3559d86)
StarCraft II (Version: 1.5.1.22763)
Steam (Version: 1.0.0.0)
Suite Shared Configuration CS4 (Version: 1.0)
SUPERAntiSpyware (Version: 5.5.1022)
ThinkPad FullScreen Magnifier (Version: 2.40)
ThinkPad Power Management Driver (Version: 1.64.00.00)
ThinkPad Power Manager (Version: 3.64)
ThinkVantage Active Protection System (Version: 1.75)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
VirtualCloneDrive
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 2520.03 MB
Available physical RAM: 1275.63 MB
Total Pagefile: 5038.34 MB
Available Pagefile: 3197.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1935.2 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:122.31 GB) (Free:23.31 GB) NTFS
2 Drive d: () (Fixed) (Total:97.56 GB) (Free:16.55 GB) NTFS
5 Drive m: (Music) (Fixed) (Total:78.12 GB) (Free:5.79 GB) NTFS

========================= Users: ========================================

User accounts for \\HAN-PC

Administrator            Guest                    Han                      


**** End of log ****

Adware Cleaner Log
# AdwCleaner v2.003 - Logfile created 09/26/2012 at 14:01:43
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Han - HAN-PC
# Boot Mode : Normal
# Running from : C:\Users\Han\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default 
File : C:\Users\Han\AppData\Roaming\Mozilla\Firefox\Profiles\ww0jt2gs.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [809 octets] - [26/09/2012 14:01:10]
AdwCleaner[S1].txt - [992 octets] - [26/09/2012 14:01:43]

########## EOF - C:\AdwCleaner[S1].txt - [1051 octets] ##########

TDSSKiller Log
14:04:59.0588 4624  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
14:05:00.0212 4624  ============================================================
14:05:00.0212 4624  Current date / time: 2012/09/26 14:05:00.0212
14:05:00.0212 4624  SystemInfo:
14:05:00.0212 4624  
14:05:00.0212 4624  OS Version: 6.1.7601 ServicePack: 1.0
14:05:00.0212 4624  Product type: Workstation
14:05:00.0212 4624  ComputerName: HAN-PC
14:05:00.0212 4624  UserName: Han
14:05:00.0212 4624  Windows directory: C:\Windows
14:05:00.0212 4624  System windows directory: C:\Windows
14:05:00.0212 4624  Processor architecture: Intel x86
14:05:00.0212 4624  Number of processors: 2
14:05:00.0212 4624  Page size: 0x1000
14:05:00.0212 4624  Boot type: Normal boot
14:05:00.0212 4624  ============================================================
14:05:01.0756 4624  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
14:05:01.0772 4624  ============================================================
14:05:01.0772 4624  \Device\Harddisk0\DR0:
14:05:01.0772 4624  MBR partitions:
14:05:01.0772 4624  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:05:01.0772 4624  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31D000
14:05:01.0772 4624  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC350000, BlocksNum 0xF49E000
14:05:01.0803 4624  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x1B7EE800, BlocksNum 0x9C3F800
14:05:01.0803 4624  ============================================================
14:05:01.0850 4624  C: <-> \Device\Harddisk0\DR0\Partition3
14:05:01.0959 4624  D: <-> \Device\Harddisk0\DR0\Partition2
14:05:03.0659 4624  M: <-> \Device\Harddisk0\DR0\Partition4
14:05:03.0659 4624  ============================================================
14:05:03.0659 4624  Initialize success
14:05:03.0659 4624  ============================================================
14:05:14.0798 4924  ============================================================
14:05:14.0798 4924  Scan started
14:05:14.0798 4924  Mode: Manual; TDLFS; 
14:05:14.0798 4924  ============================================================
14:05:18.0058 4924  ================ Scan system memory ========================
14:05:18.0058 4924  System memory - ok
14:05:18.0058 4924  ================ Scan services =============================
14:05:18.0370 4924  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
14:05:18.0370 4924  !SASCORE - ok
14:05:18.0791 4924  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:05:18.0791 4924  1394ohci - ok
14:05:18.0885 4924  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:05:18.0885 4924  ACPI - ok
14:05:18.0947 4924  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:05:18.0947 4924  AcpiPmi - ok
14:05:19.0181 4924  [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:05:19.0181 4924  AdobeFlashPlayerUpdateSvc - ok
14:05:19.0353 4924  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:05:19.0353 4924  adp94xx - ok
14:05:19.0447 4924  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:05:19.0447 4924  adpahci - ok
14:05:19.0493 4924  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:05:19.0493 4924  adpu320 - ok
14:05:19.0525 4924  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:05:19.0525 4924  AeLookupSvc - ok
14:05:19.0665 4924  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
14:05:19.0681 4924  AFD - ok
14:05:19.0743 4924  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
14:05:19.0743 4924  agp440 - ok
14:05:19.0821 4924  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
14:05:19.0821 4924  aic78xx - ok
14:05:19.0868 4924  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
14:05:19.0883 4924  ALG - ok
14:05:19.0977 4924  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:05:19.0977 4924  aliide - ok
14:05:20.0071 4924  [ 54A8B2DE0964D3F7071DECB75052ED94 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:05:20.0071 4924  AMD External Events Utility - ok
14:05:20.0117 4924  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
14:05:20.0117 4924  amdagp - ok
14:05:20.0211 4924  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:05:20.0211 4924  amdide - ok
14:05:20.0273 4924  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:05:20.0273 4924  AmdK8 - ok
14:05:20.0726 4924  [ 5BDA68B1E65589A1A06AA1D908FDF77D ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:05:20.0819 4924  amdkmdag - ok
14:05:20.0929 4924  [ 9751B426957669E94BBCACD716C1B529 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
14:05:20.0929 4924  amdkmdap - ok
14:05:20.0991 4924  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:05:20.0991 4924  AmdPPM - ok
14:05:21.0053 4924  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:05:21.0053 4924  amdsata - ok
14:05:21.0131 4924  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:05:21.0131 4924  amdsbs - ok
14:05:21.0163 4924  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:05:21.0163 4924  amdxata - ok
14:05:21.0381 4924  [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
14:05:21.0397 4924  AntiVirSchedulerService - ok
14:05:21.0521 4924  [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
14:05:21.0521 4924  AntiVirService - ok
14:05:21.0584 4924  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
14:05:21.0584 4924  AppID - ok
14:05:21.0646 4924  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:05:21.0646 4924  AppIDSvc - ok
14:05:21.0677 4924  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
14:05:21.0677 4924  Appinfo - ok
14:05:21.0724 4924  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:05:21.0724 4924  AppMgmt - ok
14:05:21.0755 4924  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:05:21.0771 4924  arc - ok
14:05:21.0771 4924  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:05:21.0771 4924  arcsas - ok
14:05:21.0818 4924  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:05:21.0818 4924  AsyncMac - ok
14:05:21.0880 4924  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
14:05:21.0880 4924  atapi - ok
14:05:22.0333 4924  [ 5BDA68B1E65589A1A06AA1D908FDF77D ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:05:22.0364 4924  atikmdag - ok
14:05:22.0473 4924  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:05:22.0473 4924  AudioEndpointBuilder - ok
14:05:22.0473 4924  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
14:05:22.0489 4924  Audiosrv - ok
14:05:22.0551 4924  [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
14:05:22.0551 4924  avgntflt - ok
14:05:22.0598 4924  [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
14:05:22.0613 4924  avipbb - ok
14:05:22.0645 4924  [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
14:05:22.0645 4924  avkmgr - ok
14:05:22.0754 4924  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:05:22.0754 4924  AxInstSV - ok
14:05:22.0863 4924  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
14:05:22.0879 4924  b06bdrv - ok
14:05:22.0925 4924  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
14:05:22.0925 4924  b57nd60x - ok
14:05:23.0003 4924  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:05:23.0003 4924  BDESVC - ok
14:05:23.0066 4924  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:05:23.0066 4924  Beep - ok
14:05:23.0144 4924  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
14:05:23.0144 4924  BFE - ok
14:05:23.0237 4924  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\system32\qmgr.dll
14:05:23.0237 4924  BITS - ok
14:05:23.0331 4924  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:05:23.0331 4924  blbdrive - ok
14:05:23.0393 4924  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:05:23.0393 4924  bowser - ok
14:05:23.0409 4924  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:05:23.0425 4924  BrFiltLo - ok
14:05:23.0440 4924  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:05:23.0440 4924  BrFiltUp - ok
14:05:23.0503 4924  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
14:05:23.0503 4924  BridgeMP - ok
14:05:23.0627 4924  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
14:05:23.0627 4924  Browser - ok
14:05:23.0737 4924  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:05:23.0737 4924  Brserid - ok
14:05:23.0783 4924  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:05:23.0783 4924  BrSerWdm - ok
14:05:23.0830 4924  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:05:23.0830 4924  BrUsbMdm - ok
14:05:23.0877 4924  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:05:23.0877 4924  BrUsbSer - ok
14:05:23.0908 4924  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:05:23.0908 4924  BTHMODEM - ok
14:05:24.0002 4924  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
14:05:24.0017 4924  bthserv - ok
14:05:24.0439 4924  catchme - ok
14:05:24.0501 4924  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:05:24.0501 4924  cdfs - ok
14:05:24.0610 4924  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
14:05:24.0610 4924  cdrom - ok
14:05:24.0751 4924  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:05:24.0751 4924  CertPropSvc - ok
14:05:24.0797 4924  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:05:24.0797 4924  circlass - ok
14:05:24.0891 4924  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
14:05:24.0891 4924  CLFS - ok
14:05:25.0016 4924  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:05:25.0016 4924  clr_optimization_v2.0.50727_32 - ok
14:05:25.0250 4924  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:05:25.0359 4924  clr_optimization_v4.0.30319_32 - ok
14:05:25.0406 4924  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:05:25.0406 4924  CmBatt - ok
14:05:25.0453 4924  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:05:25.0453 4924  cmdide - ok
14:05:25.0546 4924  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
14:05:25.0546 4924  CNG - ok
14:05:25.0655 4924  [ 726803D911045D283509D3CDD91D8E52 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
14:05:25.0655 4924  CnxtHdAudService - ok
14:05:25.0718 4924  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:05:25.0718 4924  Compbatt - ok
14:05:25.0796 4924  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:05:25.0796 4924  CompositeBus - ok
14:05:25.0827 4924  COMSysApp - ok
14:05:25.0889 4924  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:05:25.0889 4924  crcdisk - ok
14:05:26.0030 4924  [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:05:26.0030 4924  CryptSvc - ok
14:05:26.0077 4924  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
14:05:26.0092 4924  CSC - ok
14:05:26.0217 4924  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
14:05:26.0217 4924  CscService - ok
14:05:26.0295 4924  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:05:26.0295 4924  DcomLaunch - ok
14:05:26.0357 4924  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:05:26.0373 4924  defragsvc - ok
14:05:26.0420 4924  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:05:26.0435 4924  DfsC - ok
14:05:26.0529 4924  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:05:26.0529 4924  Dhcp - ok
14:05:26.0545 4924  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
14:05:26.0545 4924  discache - ok
14:05:26.0623 4924  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:05:26.0623 4924  Disk - ok
14:05:26.0669 4924  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:05:26.0669 4924  Dnscache - ok
14:05:26.0747 4924  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:05:26.0763 4924  dot3svc - ok
14:05:26.0841 4924  [ 6D279BB0DE1D8E34F454E1B353F4D738 ] DozeHDD         C:\Windows\system32\DRIVERS\DozeHDD.sys
14:05:26.0841 4924  DozeHDD - ok
14:05:26.0950 4924  [ 01E2180C3D72CB0ADCC43FB83D18942A ] DozeSvc         C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
14:05:26.0950 4924  DozeSvc - ok
14:05:26.0981 4924  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
14:05:26.0981 4924  DPS - ok
14:05:27.0044 4924  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:05:27.0044 4924  drmkaud - ok
14:05:27.0122 4924  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:05:27.0122 4924  DXGKrnl - ok
14:05:27.0169 4924  [ F8261752AB473E3B24376AAB280AD15A ] e1yexpress      C:\Windows\system32\DRIVERS\e1y6232.sys
14:05:27.0169 4924  e1yexpress - ok
14:05:27.0215 4924  EagleXNt - ok
14:05:27.0278 4924  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
14:05:27.0278 4924  EapHost - ok
14:05:27.0949 4924  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
14:05:28.0105 4924  ebdrv - ok
14:05:28.0151 4924  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
14:05:28.0151 4924  EFS - ok
14:05:28.0276 4924  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:05:28.0276 4924  ehRecvr - ok
14:05:28.0307 4924  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
14:05:28.0307 4924  ehSched - ok
14:05:28.0370 4924  [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
14:05:28.0370 4924  ElbyCDIO - ok
14:05:28.0495 4924  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:05:28.0495 4924  elxstor - ok
14:05:28.0541 4924  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:05:28.0541 4924  ErrDev - ok
14:05:28.0619 4924  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
14:05:28.0619 4924  EventSystem - ok
14:05:28.0807 4924  [ B6C691D8CAE275ED9B2782E62626F36A ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:05:28.0807 4924  EvtEng - ok
14:05:28.0853 4924  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
14:05:28.0853 4924  exfat - ok
14:05:28.0916 4924  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:05:28.0916 4924  fastfat - ok
14:05:28.0994 4924  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
14:05:29.0009 4924  Fax - ok
14:05:29.0072 4924  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:05:29.0072 4924  fdc - ok
14:05:29.0134 4924  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
14:05:29.0134 4924  fdPHost - ok
14:05:29.0150 4924  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
14:05:29.0150 4924  FDResPub - ok
14:05:29.0181 4924  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:05:29.0181 4924  FileInfo - ok
14:05:29.0212 4924  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:05:29.0212 4924  Filetrace - ok
14:05:29.0509 4924  [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:05:29.0509 4924  FLEXnet Licensing Service - ok
14:05:29.0540 4924  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:05:29.0540 4924  flpydisk - ok
14:05:29.0602 4924  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:05:29.0602 4924  FltMgr - ok
14:05:29.0680 4924  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
14:05:29.0696 4924  FontCache - ok
14:05:29.0758 4924  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:05:29.0758 4924  FontCache3.0.0.0 - ok
14:05:29.0821 4924  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:05:29.0821 4924  FsDepends - ok
14:05:29.0867 4924  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:05:29.0867 4924  Fs_Rec - ok
14:05:29.0961 4924  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:05:29.0961 4924  fvevol - ok
14:05:30.0023 4924  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:05:30.0023 4924  gagp30kx - ok
14:05:30.0055 4924  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:05:30.0055 4924  gpsvc - ok
14:05:30.0070 4924  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:05:30.0070 4924  hcw85cir - ok
14:05:30.0179 4924  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:05:30.0179 4924  HdAudAddService - ok
14:05:30.0242 4924  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:05:30.0242 4924  HDAudBus - ok
14:05:30.0304 4924  [ 30D57EE84E1E169D41A6E873B549A096 ] HECI            C:\Windows\system32\DRIVERS\HECI.sys
14:05:30.0304 4924  HECI - ok
14:05:30.0351 4924  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:05:30.0351 4924  HidBatt - ok
14:05:30.0382 4924  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:05:30.0382 4924  HidBth - ok
14:05:30.0398 4924  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:05:30.0398 4924  HidIr - ok
14:05:30.0445 4924  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
14:05:30.0445 4924  hidserv - ok
14:05:30.0538 4924  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
14:05:30.0538 4924  HidUsb - ok
14:05:30.0569 4924  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:05:30.0585 4924  hkmsvc - ok
14:05:30.0647 4924  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:05:30.0647 4924  HomeGroupListener - ok
14:05:30.0710 4924  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:05:30.0710 4924  HomeGroupProvider - ok
14:05:30.0772 4924  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:05:30.0772 4924  HpSAMD - ok
14:05:30.0913 4924  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:05:30.0913 4924  HTTP - ok
14:05:30.0944 4924  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:05:30.0944 4924  hwpolicy - ok
14:05:31.0037 4924  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:05:31.0037 4924  i8042prt - ok
14:05:31.0193 4924  [ 0E899D0DB39617AA0B2F992E7E95B5EB ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
14:05:31.0193 4924  IAANTMON - ok
14:05:31.0303 4924  [ 01446278D4563B3013C92830AE6CBB26 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:05:31.0303 4924  iaStor - ok
14:05:31.0396 4924  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:05:31.0396 4924  iaStorV - ok
14:05:31.0459 4924  [ E3FFC8CB45B3F55264EE10F084B2731B ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys
14:05:31.0459 4924  IBMPMDRV - ok
14:05:31.0490 4924  [ 5565982522EE9D4E8921FEB304D4226F ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe
14:05:31.0505 4924  IBMPMSVC - ok
14:05:31.0724 4924  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:05:31.0724 4924  idsvc - ok
14:05:33.0455 4924  [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
14:05:33.0643 4924  igfx - ok
14:05:33.0736 4924  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:05:33.0736 4924  iirsp - ok
14:05:33.0892 4924  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
14:05:33.0892 4924  IKEEXT - ok
14:05:33.0986 4924  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:05:33.0986 4924  intelide - ok
14:05:34.0532 4924  [ 8266AE06DF974E5BA047B3E9E9E70B3F ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd32.sys
14:05:34.0688 4924  intelkmd - ok
14:05:34.0797 4924  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:05:34.0797 4924  intelppm - ok
14:05:34.0844 4924  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:05:34.0844 4924  IPBusEnum - ok
14:05:34.0875 4924  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:05:34.0875 4924  IpFilterDriver - ok
14:05:34.0922 4924  [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:05:34.0922 4924  iphlpsvc - ok
14:05:34.0969 4924  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:05:34.0969 4924  IPMIDRV - ok
14:05:35.0015 4924  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:05:35.0015 4924  IPNAT - ok
14:05:35.0078 4924  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:05:35.0078 4924  IRENUM - ok
14:05:35.0125 4924  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:05:35.0125 4924  isapnp - ok
14:05:35.0203 4924  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:05:35.0203 4924  iScsiPrt - ok
14:05:35.0265 4924  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
14:05:35.0265 4924  kbdclass - ok
14:05:35.0343 4924  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
14:05:35.0343 4924  kbdhid - ok
14:05:35.0374 4924  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
14:05:35.0390 4924  KeyIso - ok
14:05:35.0437 4924  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:05:35.0437 4924  KSecDD - ok
14:05:35.0468 4924  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:05:35.0468 4924  KSecPkg - ok
14:05:35.0624 4924  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:05:35.0717 4924  KtmRm - ok
14:05:35.0905 4924  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
14:05:35.0920 4924  LanmanServer - ok
14:05:35.0983 4924  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:05:35.0998 4924  LanmanWorkstation - ok
14:05:36.0170 4924  [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
14:05:36.0170 4924  LENOVO.MICMUTE - ok
14:05:36.0201 4924  [ 9AAC267A225F3CAEBB9E633F7EB16E4B ] lenovo.smi      C:\Windows\system32\DRIVERS\smiif32.sys
14:05:36.0217 4924  lenovo.smi - ok
14:05:36.0248 4924  [ 158B67696EC8602CE71F9AA4F14AA96F ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
14:05:36.0248 4924  Lenovo.VIRTSCRLSVC - ok
14:05:36.0326 4924  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:05:36.0326 4924  lltdio - ok
14:05:36.0388 4924  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:05:36.0404 4924  lltdsvc - ok
14:05:36.0419 4924  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:05:36.0419 4924  lmhosts - ok
14:05:36.0482 4924  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:05:36.0482 4924  LSI_FC - ok
14:05:36.0513 4924  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:05:36.0513 4924  LSI_SAS - ok
14:05:36.0529 4924  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:05:36.0529 4924  LSI_SAS2 - ok
14:05:36.0544 4924  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:05:36.0560 4924  LSI_SCSI - ok
14:05:36.0575 4924  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
14:05:36.0575 4924  luafv - ok
14:05:36.0591 4924  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:05:36.0607 4924  Mcx2Svc - ok
14:05:36.0653 4924  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:05:36.0653 4924  megasas - ok
14:05:36.0700 4924  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:05:36.0716 4924  MegaSR - ok
14:05:36.0747 4924  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
14:05:36.0747 4924  MMCSS - ok
14:05:36.0763 4924  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
14:05:36.0763 4924  Modem - ok
14:05:36.0778 4924  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:05:36.0778 4924  monitor - ok
14:05:36.0841 4924  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
14:05:36.0841 4924  mouclass - ok
14:05:36.0919 4924  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:05:36.0919 4924  mouhid - ok
14:05:36.0981 4924  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:05:36.0981 4924  mountmgr - ok
14:05:37.0168 4924  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:05:37.0168 4924  MozillaMaintenance - ok
14:05:37.0309 4924  [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
14:05:37.0324 4924  MpFilter - ok
14:05:37.0355 4924  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:05:37.0355 4924  mpio - ok
14:05:37.0402 4924  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:05:37.0402 4924  mpsdrv - ok
14:05:37.0511 4924  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:05:37.0527 4924  MpsSvc - ok
14:05:37.0558 4924  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:05:37.0558 4924  MRxDAV - ok
14:05:37.0636 4924  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:05:37.0636 4924  mrxsmb - ok
14:05:37.0652 4924  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:05:37.0652 4924  mrxsmb10 - ok
14:05:37.0683 4924  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:05:37.0683 4924  mrxsmb20 - ok
14:05:37.0714 4924  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
14:05:37.0714 4924  msahci - ok
14:05:37.0761 4924  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:05:37.0761 4924  msdsm - ok
14:05:37.0777 4924  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
14:05:37.0792 4924  MSDTC - ok
14:05:37.0823 4924  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:05:37.0823 4924  Msfs - ok
14:05:37.0839 4924  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:05:37.0839 4924  mshidkmdf - ok
14:05:37.0870 4924  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:05:37.0870 4924  msisadrv - ok
14:05:37.0948 4924  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:05:37.0948 4924  MSiSCSI - ok
14:05:37.0948 4924  msiserver - ok
14:05:38.0011 4924  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:05:38.0011 4924  MSKSSRV - ok
14:05:38.0135 4924  [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
14:05:38.0135 4924  MsMpSvc - ok
14:05:38.0198 4924  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:05:38.0198 4924  MSPCLOCK - ok
14:05:38.0260 4924  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:05:38.0260 4924  MSPQM - ok
14:05:38.0291 4924  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:05:38.0291 4924  MsRPC - ok
14:05:38.0323 4924  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:05:38.0338 4924  mssmbios - ok
14:05:38.0385 4924  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:05:38.0385 4924  MSTEE - ok
14:05:38.0432 4924  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:05:38.0432 4924  MTConfig - ok
14:05:38.0463 4924  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:05:38.0463 4924  Mup - ok
14:05:38.0510 4924  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
14:05:38.0510 4924  napagent - ok
14:05:38.0572 4924  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:05:38.0588 4924  NativeWifiP - ok
14:05:38.0666 4924  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:05:38.0681 4924  NDIS - ok
14:05:38.0744 4924  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:05:38.0791 4924  NdisCap - ok
14:05:38.0837 4924  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:05:38.0837 4924  NdisTapi - ok
14:05:38.0869 4924  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:05:38.0869 4924  Ndisuio - ok
14:05:38.0915 4924  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:05:38.0915 4924  NdisWan - ok
14:05:38.0947 4924  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:05:38.0947 4924  NDProxy - ok
14:05:39.0025 4924  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:05:39.0025 4924  NetBIOS - ok
14:05:39.0071 4924  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:05:39.0071 4924  NetBT - ok
14:05:39.0087 4924  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
14:05:39.0087 4924  Netlogon - ok
14:05:39.0165 4924  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
14:05:39.0165 4924  Netman - ok
14:05:39.0259 4924  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
14:05:39.0259 4924  netprofm - ok
14:05:39.0399 4924  [ 0CA49D2B135C9033210C19FA02EB2353 ] netr28u         C:\Windows\system32\DRIVERS\netr28u.sys
14:05:39.0446 4924  netr28u - ok
14:05:39.0493 4924  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:05:39.0586 4924  NetTcpPortSharing - ok
14:05:40.0507 4924  [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
14:05:40.0585 4924  netw5v32 - ok
14:05:41.0255 4924  [ 5C979C481981E04919ECBB3B88D54B34 ] NETwNs32        C:\Windows\system32\DRIVERS\NETwNs32.sys
14:05:41.0396 4924  NETwNs32 - ok
14:05:41.0427 4924  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:05:41.0443 4924  nfrd960 - ok
14:05:41.0521 4924  [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:05:41.0521 4924  NisDrv - ok
14:05:41.0599 4924  [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
14:05:41.0599 4924  NisSrv - ok
14:05:41.0661 4924  [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:05:41.0661 4924  NlaSvc - ok
14:05:41.0692 4924  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:05:41.0692 4924  Npfs - ok
14:05:41.0723 4924  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
14:05:41.0723 4924  nsi - ok
14:05:41.0770 4924  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:05:41.0770 4924  nsiproxy - ok
14:05:41.0848 4924  [ 81189C3D7763838E55C397759D49007A ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:05:41.0864 4924  Ntfs - ok
14:05:41.0895 4924  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
14:05:41.0895 4924  Null - ok
14:05:41.0926 4924  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:05:41.0926 4924  nvraid - ok
14:05:41.0989 4924  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:05:41.0989 4924  nvstor - ok
14:05:42.0035 4924  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:05:42.0035 4924  nv_agp - ok
14:05:42.0113 4924  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:05:42.0113 4924  ohci1394 - ok
14:05:42.0238 4924  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:05:42.0285 4924  ose - ok
14:05:42.0784 4924  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:05:42.0909 4924  osppsvc - ok
14:05:42.0956 4924  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:05:42.0956 4924  p2pimsvc - ok
14:05:43.0003 4924  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:05:43.0003 4924  p2psvc - ok
14:05:43.0049 4924  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:05:43.0049 4924  Parport - ok
14:05:43.0096 4924  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:05:43.0096 4924  partmgr - ok
14:05:43.0112 4924  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
14:05:43.0112 4924  Parvdm - ok
14:05:43.0143 4924  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:05:43.0143 4924  PcaSvc - ok
14:05:43.0159 4924  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
14:05:43.0159 4924  pci - ok
14:05:43.0205 4924  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
14:05:43.0205 4924  pciide - ok
14:05:43.0237 4924  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:05:43.0252 4924  pcmcia - ok
14:05:43.0283 4924  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
14:05:43.0283 4924  pcw - ok
14:05:43.0330 4924  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:05:43.0346 4924  PEAUTH - ok
14:05:43.0549 4924  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:05:43.0564 4924  PeerDistSvc - ok
14:05:43.0736 4924  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
14:05:43.0751 4924  pla - ok
14:05:43.0814 4924  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:05:43.0829 4924  PlugPlay - ok
14:05:43.0845 4924  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:05:43.0845 4924  PNRPAutoReg - ok
14:05:43.0939 4924  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:05:43.0939 4924  PNRPsvc - ok
14:05:43.0985 4924  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:05:43.0985 4924  PolicyAgent - ok
14:05:44.0032 4924  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
14:05:44.0032 4924  Power - ok
14:05:44.0063 4924  [ 836FE79DE8767D77136B6491A3D61089 ] Power Manager DBC Service C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
14:05:44.0063 4924  Power Manager DBC Service - ok
14:05:44.0110 4924  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:05:44.0110 4924  PptpMiniport - ok
14:05:44.0126 4924  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:05:44.0126 4924  Processor - ok
14:05:44.0188 4924  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
14:05:44.0188 4924  ProfSvc - ok
14:05:44.0204 4924  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:05:44.0204 4924  ProtectedStorage - ok
14:05:44.0266 4924  [ C0446279CF577EFF7EF2A6E0714DA503 ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
14:05:44.0266 4924  psadd - ok
14:05:44.0329 4924  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:05:44.0329 4924  Psched - ok
14:05:44.0360 4924  [ 576444157F1CB25AE2057EED586D4889 ] PwmEWSvc        C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE
14:05:44.0360 4924  PwmEWSvc - ok
14:05:44.0422 4924  [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
14:05:44.0422 4924  PxHelp20 - ok
14:05:44.0797 4924  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:05:44.0906 4924  ql2300 - ok
14:05:44.0984 4924  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:05:44.0999 4924  ql40xx - ok
14:05:45.0062 4924  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
14:05:45.0062 4924  QWAVE - ok
14:05:45.0093 4924  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:05:45.0093 4924  QWAVEdrv - ok
14:05:45.0343 4924  [ 37C3272E58976598BEF1CDF321019209 ] RalinkRegistryWriter C:\Program Files\NETGEAR\WNDA4100\Service\RaRegistry.exe
14:05:45.0343 4924  RalinkRegistryWriter - ok
14:05:45.0374 4924  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:05:45.0374 4924  RasAcd - ok
14:05:45.0421 4924  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:05:45.0421 4924  RasAgileVpn - ok
14:05:45.0483 4924  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
14:05:45.0483 4924  RasAuto - ok
14:05:45.0514 4924  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:05:45.0530 4924  Rasl2tp - ok
14:05:45.0577 4924  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
14:05:45.0577 4924  RasMan - ok
14:05:45.0592 4924  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:05:45.0592 4924  RasPppoe - ok
14:05:45.0608 4924  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:05:45.0608 4924  RasSstp - ok
14:05:45.0655 4924  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:05:45.0655 4924  rdbss - ok
14:05:45.0686 4924  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:05:45.0686 4924  rdpbus - ok
14:05:45.0717 4924  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:05:45.0733 4924  RDPCDD - ok
14:05:45.0779 4924  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:05:45.0779 4924  RDPDR - ok
14:05:45.0842 4924  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:05:45.0842 4924  RDPENCDD - ok
14:05:45.0873 4924  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:05:45.0873 4924  RDPREFMP - ok
14:05:46.0013 4924  [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:05:46.0013 4924  RdpVideoMiniport - ok
14:05:46.0076 4924  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:05:46.0076 4924  RDPWD - ok
14:05:46.0169 4924  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:05:46.0169 4924  rdyboost - ok
14:05:46.0310 4924  [ 6C47AC711F5FB55C5387A85D50AB4703 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:05:46.0310 4924  RegSrvc - ok
14:05:46.0341 4924  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:05:46.0357 4924  RemoteAccess - ok
14:05:46.0403 4924  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:05:46.0403 4924  RemoteRegistry - ok
14:05:46.0481 4924  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:05:46.0481 4924  RpcEptMapper - ok
14:05:46.0513 4924  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
14:05:46.0513 4924  RpcLocator - ok
14:05:46.0528 4924  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
14:05:46.0528 4924  RpcSs - ok
14:05:46.0575 4924  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:05:46.0575 4924  rspndr - ok
14:05:46.0606 4924  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
14:05:46.0622 4924  s3cap - ok
14:05:46.0653 4924  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
14:05:46.0653 4924  SamSs - ok
14:05:46.0778 4924  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:05:46.0778 4924  SASDIFSV - ok
14:05:46.0871 4924  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:05:46.0871 4924  SASKUTIL - ok
14:05:46.0934 4924  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:05:46.0934 4924  sbp2port - ok
14:05:46.0996 4924  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:05:46.0996 4924  SCardSvr - ok
14:05:47.0043 4924  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:05:47.0043 4924  scfilter - ok
14:05:47.0090 4924  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
14:05:47.0105 4924  Schedule - ok
14:05:47.0137 4924  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:05:47.0137 4924  SCPolicySvc - ok
14:05:47.0183 4924  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:05:47.0183 4924  SDRSVC - ok
14:05:47.0230 4924  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:05:47.0246 4924  secdrv - ok
14:05:47.0277 4924  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
14:05:47.0277 4924  seclogon - ok
14:05:47.0308 4924  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
14:05:47.0324 4924  SENS - ok
14:05:47.0371 4924  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:05:47.0371 4924  SensrSvc - ok
14:05:47.0402 4924  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:05:47.0417 4924  Serenum - ok
14:05:47.0464 4924  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:05:47.0464 4924  Serial - ok
14:05:47.0511 4924  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:05:47.0511 4924  sermouse - ok
14:05:47.0558 4924  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:05:47.0558 4924  SessionEnv - ok
14:05:47.0605 4924  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:05:47.0605 4924  sffdisk - ok
14:05:47.0620 4924  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:05:47.0620 4924  sffp_mmc - ok
14:05:47.0651 4924  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:05:47.0651 4924  sffp_sd - ok
14:05:47.0729 4924  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:05:47.0729 4924  sfloppy - ok
14:05:47.0792 4924  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:05:47.0792 4924  SharedAccess - ok
14:05:47.0839 4924  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:05:47.0854 4924  ShellHWDetection - ok
14:05:47.0901 4924  [ 1624530D05155F4E5A4736531523BFF5 ] Shockprf        C:\Windows\system32\DRIVERS\Apsx86.sys
14:05:47.0901 4924  Shockprf - ok
14:05:47.0948 4924  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
14:05:47.0948 4924  sisagp - ok
14:05:48.0010 4924  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:05:48.0010 4924  SiSRaid2 - ok
14:05:48.0073 4924  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:05:48.0073 4924  SiSRaid4 - ok
14:05:48.0213 4924  [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
14:05:48.0213 4924  SkypeUpdate - ok
14:05:48.0260 4924  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:05:48.0260 4924  Smb - ok
14:05:48.0322 4924  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:05:48.0338 4924  SNMPTRAP - ok
14:05:48.0697 4924  [ A10C0F1F8D394E7D392FAD72B7A01C1B ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
14:05:48.0759 4924  SNP2UVC - ok
14:05:48.0806 4924  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:05:48.0806 4924  spldr - ok
14:05:48.0853 4924  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
14:05:48.0853 4924  Spooler - ok
14:05:49.0274 4924  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
14:05:49.0336 4924  sppsvc - ok
14:05:49.0383 4924  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:05:49.0383 4924  sppuinotify - ok
14:05:49.0508 4924  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:05:49.0508 4924  srv - ok
14:05:49.0539 4924  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:05:49.0539 4924  srv2 - ok
14:05:49.0601 4924  [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL3.SYS
14:05:49.0601 4924  SrvHsfHDA - ok
14:05:49.0695 4924  [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV3.SYS
14:05:49.0695 4924  SrvHsfV92 - ok
14:05:49.0742 4924  [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
14:05:49.0742 4924  SrvHsfWinac - ok
14:05:49.0773 4924  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:05:49.0773 4924  srvnet - ok
14:05:49.0820 4924  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:05:49.0820 4924  SSDPSRV - ok
14:05:49.0851 4924  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
14:05:49.0867 4924  ssmdrv - ok
14:05:49.0898 4924  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:05:49.0898 4924  SstpSvc - ok
14:05:49.0929 4924  Steam Client Service - ok
14:05:49.0976 4924  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:05:49.0976 4924  stexstor - ok
14:05:50.0116 4924  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
14:05:50.0116 4924  StiSvc - ok
14:05:50.0132 4924  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:05:50.0132 4924  storflt - ok
14:05:50.0179 4924  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:05:50.0179 4924  storvsc - ok
14:05:50.0194 4924  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:05:50.0194 4924  swenum - ok
14:05:50.0428 4924  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:05:50.0428 4924  SwitchBoard - ok
14:05:50.0506 4924  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
14:05:50.0506 4924  swprv - ok
14:05:50.0584 4924  Synth3dVsc - ok
14:05:50.0693 4924  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
14:05:50.0709 4924  SysMain - ok
14:05:50.0756 4924  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:05:50.0756 4924  TabletInputService - ok
14:05:50.0803 4924  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:05:50.0803 4924  TapiSrv - ok
14:05:50.0834 4924  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
14:05:50.0849 4924  TBS - ok
14:05:50.0959 4924  [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:05:50.0974 4924  Tcpip - ok
14:05:50.0990 4924  [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:05:51.0005 4924  TCPIP6 - ok
14:05:51.0052 4924  [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:05:51.0052 4924  tcpipreg - ok
14:05:51.0099 4924  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:05:51.0099 4924  TDPIPE - ok
14:05:51.0146 4924  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:05:51.0146 4924  TDTCP - ok
14:05:51.0177 4924  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:05:51.0177 4924  tdx - ok
14:05:51.0224 4924  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:05:51.0224 4924  TermDD - ok
14:05:51.0302 4924  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
14:05:51.0317 4924  TermService - ok
14:05:51.0333 4924  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
14:05:51.0349 4924  Themes - ok
14:05:51.0349 4924  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
14:05:51.0364 4924  THREADORDER - ok
14:05:51.0380 4924  [ D2378FBBD668D9FE9B6B5E3139D506D3 ] TPDIGIMN        C:\Windows\system32\DRIVERS\ApsHM86.sys
14:05:51.0380 4924  TPDIGIMN - ok
14:05:51.0411 4924  [ A34A1E6B5461273846D30F5898602A72 ] TPHDEXLGSVC     C:\Windows\system32\TPHDEXLG.exe
14:05:51.0427 4924  TPHDEXLGSVC - ok
14:05:51.0473 4924  [ 9CD364ECB3A10B24C7CAC8FF89993A67 ] TPHKLOAD        C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
14:05:51.0473 4924  TPHKLOAD - ok
14:05:51.0551 4924  [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC         C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
14:05:51.0551 4924  TPHKSVC - ok
14:05:51.0645 4924  [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM             C:\Windows\system32\drivers\tpm.sys
14:05:51.0645 4924  TPM - ok
14:05:51.0692 4924  [ C16EC6A5390904D3971179553852025B ] TPPWRIF         C:\Windows\system32\drivers\Tppwr32v.sys
14:05:51.0692 4924  TPPWRIF - ok
14:05:51.0770 4924  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
14:05:51.0801 4924  TrkWks - ok
14:05:51.0910 4924  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:05:51.0910 4924  TrustedInstaller - ok
14:05:51.0941 4924  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:05:51.0957 4924  tssecsrv - ok
14:05:51.0988 4924  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:05:51.0988 4924  TsUsbFlt - ok
14:05:52.0066 4924  tsusbhub - ok
14:05:52.0129 4924  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:05:52.0129 4924  tunnel - ok
14:05:52.0175 4924  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:05:52.0175 4924  uagp35 - ok
14:05:52.0238 4924  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:05:52.0238 4924  udfs - ok
14:05:52.0285 4924  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:05:52.0285 4924  UI0Detect - ok
14:05:52.0347 4924  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:05:52.0347 4924  uliagpkx - ok
14:05:52.0394 4924  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:05:52.0394 4924  umbus - ok
14:05:52.0456 4924  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:05:52.0456 4924  UmPass - ok
14:05:52.0550 4924  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:05:52.0550 4924  UmRdpService - ok
14:05:52.0659 4924  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
14:05:52.0659 4924  upnphost - ok
14:05:52.0721 4924  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:05:52.0721 4924  usbaudio - ok
14:05:52.0721 4924  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:05:52.0737 4924  usbccgp - ok
14:05:52.0753 4924  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:05:52.0753 4924  usbcir - ok
14:05:52.0768 4924  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:05:52.0768 4924  usbehci - ok
14:05:52.0799 4924  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:05:52.0815 4924  usbhub - ok
14:05:52.0831 4924  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:05:52.0831 4924  usbohci - ok
14:05:52.0877 4924  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:05:52.0877 4924  usbprint - ok
14:05:52.0877 4924  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:05:52.0893 4924  USBSTOR - ok
14:05:52.0909 4924  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:05:52.0909 4924  usbuhci - ok
14:05:52.0955 4924  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:05:52.0955 4924  usbvideo - ok
14:05:53.0018 4924  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
14:05:53.0018 4924  UxSms - ok
14:05:53.0033 4924  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
14:05:53.0033 4924  VaultSvc - ok
14:05:53.0096 4924  [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
14:05:53.0096 4924  VClone - ok
14:05:53.0111 4924  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:05:53.0111 4924  vdrvroot - ok
14:05:53.0158 4924  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
14:05:53.0158 4924  vds - ok
14:05:53.0221 4924  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:05:53.0221 4924  vga - ok
14:05:53.0236 4924  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:05:53.0236 4924  VgaSave - ok
14:05:53.0283 4924  VGPU - ok
14:05:53.0345 4924  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:05:53.0345 4924  vhdmp - ok
14:05:53.0377 4924  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
14:05:53.0377 4924  viaagp - ok
14:05:53.0423 4924  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
14:05:53.0423 4924  ViaC7 - ok
14:05:53.0470 4924  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
14:05:53.0470 4924  viaide - ok
14:05:53.0533 4924  [ C2F2911156FDC7817C52829C86DA494E ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:05:53.0533 4924  vmbus - ok
14:05:53.0548 4924  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:05:53.0548 4924  VMBusHID - ok
14:05:53.0564 4924  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:05:53.0564 4924  volmgr - ok
14:05:53.0611 4924  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:05:53.0611 4924  volmgrx - ok
14:05:53.0689 4924  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:05:53.0704 4924  volsnap - ok
14:05:53.0751 4924  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:05:53.0767 4924  vsmraid - ok
14:05:53.0860 4924  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
14:05:53.0876 4924  VSS - ok
14:05:53.0923 4924  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:05:53.0923 4924  vwifibus - ok
14:05:53.0969 4924  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:05:53.0969 4924  vwififlt - ok
14:05:54.0063 4924  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
14:05:54.0063 4924  W32Time - ok
14:05:54.0110 4924  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:05:54.0110 4924  WacomPen - ok
14:05:54.0172 4924  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:05:54.0172 4924  WANARP - ok
14:05:54.0172 4924  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:05:54.0172 4924  Wanarpv6 - ok
14:05:54.0313 4924  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:05:54.0328 4924  WatAdminSvc - ok
14:05:54.0375 4924  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
14:05:54.0391 4924  wbengine - ok
14:05:54.0469 4924  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:05:54.0469 4924  WbioSrvc - ok
14:05:54.0593 4924  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:05:54.0609 4924  wcncsvc - ok
14:05:54.0687 4924  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:05:54.0687 4924  WcsPlugInService - ok
14:05:54.0718 4924  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:05:54.0718 4924  Wd - ok
14:05:54.0765 4924  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:05:54.0781 4924  Wdf01000 - ok
14:05:54.0796 4924  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:05:54.0796 4924  WdiServiceHost - ok
14:05:54.0796 4924  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:05:54.0796 4924  WdiSystemHost - ok
14:05:54.0843 4924  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
14:05:54.0843 4924  WebClient - ok
14:05:54.0905 4924  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:05:54.0921 4924  Wecsvc - ok
14:05:54.0937 4924  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:05:54.0952 4924  wercplsupport - ok
14:05:55.0015 4924  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:05:55.0015 4924  WerSvc - ok
14:05:55.0077 4924  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:05:55.0077 4924  WfpLwf - ok
14:05:55.0108 4924  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:05:55.0108 4924  WIMMount - ok
14:05:55.0280 4924  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
14:05:55.0280 4924  WinDefend - ok
14:05:55.0295 4924  WinHttpAutoProxySvc - ok
14:05:55.0576 4924  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:05:55.0576 4924  Winmgmt - ok
14:05:55.0685 4924  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
14:05:55.0685 4924  WinRM - ok
14:05:55.0732 4924  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:05:55.0748 4924  WinUsb - ok
14:05:55.0779 4924  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:05:55.0795 4924  Wlansvc - ok
14:05:56.0138 4924  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:05:56.0153 4924  wlidsvc - ok
14:05:56.0216 4924  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:05:56.0216 4924  WmiAcpi - ok
14:05:56.0263 4924  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:05:56.0263 4924  wmiApSrv - ok
14:05:56.0465 4924  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
14:05:56.0497 4924  WMPNetworkSvc - ok
14:05:56.0871 4924  [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
14:05:56.0871 4924  WMZuneComm - ok
14:05:56.0918 4924  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:05:56.0918 4924  WPCSvc - ok
14:05:56.0949 4924  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:05:56.0949 4924  WPDBusEnum - ok
14:05:57.0011 4924  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:05:57.0011 4924  ws2ifsl - ok
14:05:57.0074 4924  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
14:05:57.0074 4924  wscsvc - ok
14:05:57.0121 4924  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
14:05:57.0121 4924  WSDPrintDevice - ok
14:05:57.0121 4924  WSearch - ok
14:05:57.0386 4924  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
14:05:57.0433 4924  wuauserv - ok
14:05:57.0479 4924  [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:05:57.0479 4924  WudfPf - ok
14:05:57.0573 4924  [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:05:57.0589 4924  WUDFRd - ok
14:05:57.0620 4924  [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:05:57.0620 4924  wudfsvc - ok
14:05:57.0667 4924  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:05:57.0667 4924  WwanSvc - ok
14:05:59.0055 4924  [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
14:05:59.0195 4924  ZuneNetworkSvc - ok
14:05:59.0336 4924  [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
14:05:59.0351 4924  ZuneWlanCfgSvc - ok
14:05:59.0367 4924  ================ Scan global ===============================
14:05:59.0429 4924  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
14:05:59.0492 4924  [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
14:05:59.0492 4924  [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
14:05:59.0523 4924  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
14:05:59.0570 4924  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
14:05:59.0570 4924  [Global] - ok
14:05:59.0570 4924  ================ Scan MBR ==================================
14:05:59.0585 4924  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:06:07.0791 4924  \Device\Harddisk0\DR0 - ok
14:06:07.0791 4924  ================ Scan VBR ==================================
14:06:07.0807 4924  [ 183A1CFB07CFBB71B0763EC3718F844C ] \Device\Harddisk0\DR0\Partition1
14:06:07.0822 4924  \Device\Harddisk0\DR0\Partition1 - ok
14:06:07.0853 4924  [ B6593209BC888B05175B53E97C6D59B8 ] \Device\Harddisk0\DR0\Partition2
14:06:07.0853 4924  \Device\Harddisk0\DR0\Partition2 - ok
14:06:07.0869 4924  [ AE8D703DAF7CAF03FC480CC21D4B6F4F ] \Device\Harddisk0\DR0\Partition3
14:06:07.0885 4924  \Device\Harddisk0\DR0\Partition3 - ok
14:06:07.0900 4924  [ EA2F4E8B02FBBA704E0417CCB01CBBB4 ] \Device\Harddisk0\DR0\Partition4
14:06:07.0916 4924  \Device\Harddisk0\DR0\Partition4 - ok
14:06:07.0916 4924  ============================================================
14:06:07.0916 4924  Scan finished
14:06:07.0916 4924  ============================================================
14:06:07.0916 4916  Detected object count: 0
14:06:07.0916 4916  Actual detected object count: 0
14:08:15.0256 3288  Deinitialize success


#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:32 AM

Posted 26 September 2012 - 06:14 PM

Like I said before you must uninstall either Avira OR Microsoft Security Essentials you can not run two antivirus applications.

Which browsers are being redirected?


Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

http://download.sysinternals.com/files/Autoruns.zip



Download Norman Malware Cleaner Run it Hit the quick scan>>>>>>>>Let it finish>>>>>>>>Go to the quarantine Tab>>>>>>> Tick the Select All>>>>>Then the Delete>>>>>>Quit
http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe
A log will appear on your desktop post that here in your next reply.

Edited by InadequateInfirmity, 26 September 2012 - 06:14 PM.


#6 mistuhsun

mistuhsun
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 27 September 2012 - 07:52 PM

So far I've only been able to find the redirects on Firefox. Below are the logs:

Autorun Log
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "AdobeAAMUpdater-1.0"	"Adobe Updater Startup Utility"	"Adobe Systems Incorporated"	"c:\program files\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "AdobeCS5.5ServiceManager"	"Adobe CS5.5 Service Manager"	"Adobe Systems Incorporated"	"c:\program files\common files\adobe\cs5.5servicemanager\cs5.5servicemanager.exe"
+ "BCSSync"	"Microsoft Office 2010 component"	"Microsoft Corporation"	"c:\program files\microsoft office\office14\bcssync.exe"
+ "HotKeysCmds"	"hkcmd Module"	"Intel Corporation"	"c:\windows\system32\hkcmd.exe"
+ "IAAnotif"	"Event Monitor User Notification Tool"	"Intel Corporation"	"c:\program files\intel\intel matrix storage manager\iaanotif.exe"
+ "IgfxTray"	"igfxTray Module"	"Intel Corporation"	"c:\windows\system32\igfxtray.exe"
+ "MSC"	"Microsoft Security Client User Interface"	"Microsoft Corporation"	"c:\program files\microsoft security client\msseces.exe"
+ "Persistence"	"persistence Module"	"Intel Corporation"	"c:\windows\system32\igfxpers.exe"
+ "PWMTRV"	"ThinkPad Power Manager Background Monitor and Tray Battery Gauge"	"Lenovo Group Limited"	"c:\program files\thinkpad\utilities\pwmtr32v.dll"
+ "SmartAudio"	"SAIICpl MFC Application"	""	"c:\program files\conexant\saii\saiicpl.exe"
+ "StartCCC"	"Catalyst® Control Center Launcher"	"Advanced Micro Devices, Inc."	"c:\program files\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched"	"Java(TM) Update Scheduler"	"Sun Microsystems, Inc."	"c:\program files\common files\java\java update\jusched.exe"
+ "SwitchBoard"	"SwitchBoard Server (32 bit)"	"Adobe Systems Incorporated"	"c:\program files\common files\adobe\switchboard\switchboard.exe"
+ "TpShocks"	"ThinkVantage Active Protection System"	"Lenovo."	"c:\windows\system32\tpshocks.exe"
+ "VirtualCloneDrive"	"Virtual CloneDrive Daemon"	"Elaborate Bytes AG"	"c:\program files\elaborate bytes\virtualclonedrive\vcddaemon.exe"
+ "Zune Launcher"	"Zune Auto-Launcher"	"Microsoft Corporation"	"c:\program files\zune\zunelauncher.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"	""	""	""
+ "NETGEAR WNDA4100 Genie.lnk"	"WNDA4100 Genie MFC Application"	"NETGEAR"	"c:\program files\netgear\wnda4100\wnda4100.exe"
+ "Rainmeter.lnk"	"Rainmeter"	""	"c:\program files\rainmeter\rainmeter.exe"
"C:\Users\Han\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"	""	""	""
+ "Dropbox.lnk"	"Dropbox"	"Dropbox, Inc."	"c:\users\han\appdata\roaming\dropbox\bin\dropbox.exe"
+ "OneNote 2010 Screen Clipper and Launcher.lnk"	"Microsoft OneNote Quick Launcher"	"Microsoft Corporation"	"c:\program files\microsoft office\office14\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"	""	""	""
+ "Microsoft Windows"	"Windows Mail"	"Microsoft Corporation"	"c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "Google Update"	"Google Installer"	"Google Inc."	"c:\users\han\appdata\local\google\update\googleupdate.exe"
+ "Spotify Web Helper"	""	""	"c:\users\han\appdata\roaming\spotify\data\spotifywebhelper.exe"
+ "Steam"	"Steam"	"Valve Corporation"	"c:\program files\steam\steam.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter"	""	""	""
+ "text/xml"	"Microsoft Office XML MIME Filter"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler"	""	""	""
+ "ms-help"	"Microsoft® Help Data Services Module"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\help\hxds.dll"
+ "skype4com"	"Skype for COM API"	"Skype Technologies"	"c:\program files\common files\skype\skype4com.dll"
+ "wlpg"	"Windows Live Album Download Protocol Handler"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "DropboxExt"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\han\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "7-Zip"	"7-Zip Shell Extension"	"Igor Pavlov"	"c:\program files\7-zip\7-zip.dll"
+ "DefragglerShellExtension"	"DefragglerShell"	"Piriform Ltd"	"c:\program files\defraggler\defragglershell.dll"
+ "EPP"	"Microsoft Security Client Shell Extension"	"Microsoft Corporation"	"c:\program files\microsoft security client\shellext.dll"
+ "Notepad++"	"ShellHandler for Notepad++ (64 bit)"	""	"c:\program files\notepad++\nppshell_04.dll"
+ "VirtualCloneDrive"	"CloseTray"	"Elaborate Bytes AG"	"c:\program files\elaborate bytes\virtualclonedrive\elbyvcdshell.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"	""	""	""
+ "MBAMShlExt"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "DropboxExt"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\han\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "7-Zip"	"7-Zip Shell Extension"	"Igor Pavlov"	"c:\program files\7-zip\7-zip.dll"
+ "EPP"	"Microsoft Security Client Shell Extension"	"Microsoft Corporation"	"c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"	""	""	""
+ "7-Zip"	"7-Zip Shell Extension"	"Igor Pavlov"	"c:\program files\7-zip\7-zip.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "DropboxExt"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\han\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "ACE"	"AMD Desktop Control Panel"	"Advanced Micro Devices, Inc."	"c:\program files\ati technologies\ati.ace\core-static\atiacmxx.dll"
+ "Gadgets"	"Sidebar droptarget"	"Microsoft Corporation"	"c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui"	"igfxpph Module"	"Intel Corporation"	"c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"	""	""	""
+ "DefragglerShellExtension"	"DefragglerShell"	"Piriform Ltd"	"c:\program files\defraggler\defragglershell.dll"
+ "MBAMShlExt"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"	""	""	""
+ "DropboxExt1"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\han\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\han\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\han\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""
+ "Java(tm) Plug-In 2 SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java(tm) Plug-In SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "Office Document Cache Handler"	"Microsoft Office Document Cache Handler"	"Microsoft Corporation"	"c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper"	"Microsoft® Windows Live ID Login Helper"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"	""	""	""
+ "OneNote Lin&ked Notes"	"Microsoft OneNote Internet Explorer Add-in"	"Microsoft Corporation"	"c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote"	"Microsoft OneNote Internet Explorer Add-in"	"Microsoft Corporation"	"c:\program files\microsoft office\office14\onbttnie.dll"
"Task Scheduler"	""	""	""
+ "\AdobeAAMUpdater-1.0-Han-PC-Han"	"Adobe Updater Startup Utility"	"Adobe Systems Incorporated"	"c:\program files\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-609598541-2316262957-3864656836-1000Core"	"Google Installer"	"Google Inc."	"c:\users\han\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-609598541-2316262957-3864656836-1000UA"	"Google Installer"	"Google Inc."	"c:\users\han\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan"	"Microsoft Malware Protection Command Line Utility"	"Microsoft Corporation"	"c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"	"Windows Live Social Object Extractor Engine"	"Microsoft Corporation"	"c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"	""	""	"c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"	"Windows Media Player Network Sharing Service Configuration Application"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnscfg.exe"
+ "\PMTask"	"ThinkPad Power Manager Idle Task"	"Lenovo Group Limited"	"c:\program files\thinkpad\utilities\pwmidtsv.exe"
+ "\RunAsStdUser Task"	""	""	"c:\program files\matlab\r2010a\matlab r2010a.lnk"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "AdobeFlashPlayerUpdateSvc"	"This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."	"Adobe Systems Incorporated"	"c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility"	"AMD External Events Service Module"	"AMD"	"c:\windows\system32\atiesrxx.exe"
+ "DozeSvc"	"Doze Mode Service Program"	"Lenovo."	"c:\program files\thinkpad\utilities\dozesvc.exe"
+ "EvtEng"	"Manages the event trace messages for all the Intel® PROSet/Wireless Software components."	"Intel(R) Corporation"	"c:\program files\intel\wifi\bin\evteng.exe"
+ "FLEXnet Licensing Service"	"This service performs licensing functions on behalf of FLEXnet enabled products."	"Acresso Software Inc."	"c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "IAANTMON"	"RAID Monitor"	"Intel Corporation"	"c:\program files\intel\intel matrix storage manager\iaantmon.exe"
+ "IBMPMSVC"	"ThinkPad Power Management Service"	"Lenovo."	"c:\windows\system32\ibmpmsvc.exe"
+ "LENOVO.MICMUTE"	"Microphone Mute Controll Service for ThinkPad"	"Lenovo Group Limited"	"c:\program files\lenovo\hotkey\micmute.exe"
+ "Lenovo.VIRTSCRLSVC"	"Auto Scroll Start Service"	"Lenovo Group Limited"	"c:\program files\lenovo\virtscrl\lvvsst.exe"
+ "MozillaMaintenance"	"The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."	"Mozilla Foundation"	"c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc"	"Helps protect users from malware and other potentially unwanted software"	"Microsoft Corporation"	"c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv"	"Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols"	"Microsoft Corporation"	"c:\program files\microsoft security client\nissrv.exe"
+ "ose"	"Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc"	"Office Software Protection Platform Service (unlocalized description)"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Power Manager DBC Service"	"Power Manager Dynamic Brightness Control Service"	"Lenovo"	"c:\program files\thinkpad\utilities\pwmdbsvc.exe"
+ "PwmEWSvc"	"Power Manager Cisco EnergyWise Enabler"	"Lenovo Group Limited"	"c:\program files\thinkpad\utilities\pwmewsvc.exe"
+ "RalinkRegistryWriter"	"RalinkRegistryWriter"	"Ralink Technology, Corp."	"c:\program files\netgear\wnda4100\service\raregistry.exe"
+ "RegSrvc"	"Provides registry access to all Intel® PROSet/Wireless Software components"	"Intel(R) Corporation"	"c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "SkypeUpdate"	"Enables the detection, download and installation of updates for Skype."	"Skype Technologies"	"c:\program files\skype\updater\updater.exe"
+ "Steam Client Service"	"Steam Client Service monitors and updates Steam content"	"Valve Corporation"	"c:\program files\common files\steam\steamservice.exe"
+ "SwitchBoard"	"Adobe SwitchBoard"	"Adobe Systems Incorporated"	"c:\program files\common files\adobe\switchboard\switchboard.exe"
+ "TPHDEXLGSVC"	"ThinkVantage Active Protection System - HDD Logger Module"	"Lenovo."	"c:\windows\system32\tphdexlg.exe"
+ "TPHKLOAD"	"ThinkPad Message Client Loader"	"Lenovo Group Limited"	"c:\program files\lenovo\hotkey\tphkload.exe"
+ "TPHKSVC"	"On screen display Fn+Fx handler"	"Lenovo Group Limited"	"c:\program files\lenovo\hotkey\tphksvc.exe"
+ "WinDefend"	"Protection against spyware and potentially unwanted software"	"Microsoft Corporation"	"c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc"	"Enables Windows Live ID authentication."	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc"	"Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnetwk.exe"
+ "WMZuneComm"	"Zune Connectivity for Windows Mobile devices"	"Microsoft Corporation"	"c:\program files\zune\wmzunecomm.exe"
+ "ZuneNetworkSvc"	"Shares Zune media libraries to Zune devices using Universal Plug and Play"	"Microsoft Corporation"	"c:\program files\zune\zunenss.exe"
+ "ZuneWlanCfgSvc"	"Configures Zune for wireless syncing"	"Microsoft Corporation"	"c:\program files\zune\zunewlancfgsvc.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "adp94xx"	"Adaptec Windows SAS/SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"	"Adaptec Windows SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"	"Adaptec StorPort Ultra320 SCSI Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx"	"Adaptec Ultra SCSI miniport"	"Adaptec, Inc."	"c:\windows\system32\drivers\djsvs.sys"
+ "aliide"	"ALi mini IDE Driver"	"Acer Laboratories Inc."	"c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag"	"ATI Radeon Kernel Mode Driver"	"ATI Technologies Inc."	"c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap"	"AMD multi-vendor Miniport Driver"	"Advanced Micro Devices, Inc."	"c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata"	"AHCI 1.2 Device Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"	"AMD Technology AHCI Compatible Controller Driver for Windows family"	"AMD Technologies Inc."	"c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"	"Storage Filter Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdxata.sys"
+ "arc"	"Adaptec RAID Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arc.sys"
+ "arcsas"	"Adaptec SAS RAID WS03 Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arcsas.sys"
+ "atikmdag"	"ATI Radeon Kernel Mode Driver"	"ATI Technologies Inc."	"c:\windows\system32\drivers\atikmdag.sys"
+ "b06bdrv"	"Broadcom NetXtreme II GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x"	"Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."	"Broadcom Corporation"	"c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo"	"Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"	"Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"	"Brotehr Serial I/F Driver (WDM)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"	"Brother Serial driver (WDM version)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"	"Brother USB MDM Driver "	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"	"Brother USB Serial Driver"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbser.sys"
+ "catchme"	""	""	"File not found: C:\Users\Han\AppData\Local\Temp\catchme.sys"
+ "cmdide"	"CMD PCI IDE Bus Driver"	"CMD Technology, Inc."	"c:\windows\system32\drivers\cmdide.sys"
+ "CnxtHdAudService"	"High Definition Audio Function Driver"	"Conexant Systems Inc."	"c:\windows\system32\drivers\chdrt32.sys"
+ "DozeHDD"	"Doze Mode Kernel Driver for HDD control"	"Lenovo."	"c:\windows\system32\drivers\dozehdd.sys"
+ "e1yexpress"	"Intel(R) Gigabit Network Connection NDIS 6 deserialized driver"	"Intel Corporation"	"c:\windows\system32\drivers\e1y6232.sys"
+ "EagleXNt"	""	""	"File not found: C:\Windows\system32\drivers\EagleXNt.sys"
+ "ebdrv"	"Broadcom NetXtreme II 10 GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\evbdx.sys"
+ "ElbyCDIO"	"ElbyCD Windows NT/2000/XP I/O driver"	"Elaborate Bytes AG"	"c:\windows\system32\drivers\elbycdio.sys"
+ "elxstor"	"Storport Miniport Driver for LightPulse HBAs"	"Emulex"	"c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir"	"Hauppauge WinTV 885 Consumer IR Driver for eHome"	"Hauppauge Computer Works, Inc."	"c:\windows\system32\drivers\hcw85cir.sys"
+ "HECI"	"Intel(R) Management Engine Interface"	"Intel Corporation"	"c:\windows\system32\drivers\heci.sys"
+ "HpSAMD"	"Smart Array SAS/SATA Controller Media Driver"	"Hewlett-Packard Company"	"c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor"	"Intel Matrix Storage Manager driver - ia32"	"Intel Corporation"	"c:\windows\system32\drivers\iastor.sys"
+ "iaStorV"	"Intel Matrix Storage Manager driver - ia32"	"Intel Corporation"	"c:\windows\system32\drivers\iastorv.sys"
+ "IBMPMDRV"	"ThinkPad Power Management Driver"	"Lenovo."	"c:\windows\system32\drivers\ibmpmdrv.sys"
+ "igfx"	"Intel Graphics Kernel Mode Driver"	"Intel Corporation"	"c:\windows\system32\drivers\igdkmd32.sys"
+ "iirsp"	"Intel/ICP Raid Storport Driver"	"Intel Corp./ICP vortex GmbH"	"c:\windows\system32\drivers\iirsp.sys"
+ "intelkmd"	"Intel Graphics Kernel Mode Driver"	"Intel Corporation"	"c:\windows\system32\drivers\igdpmd32.sys"
+ "lenovo.smi"	"SMI Driver for Lenovo system"	"Lenovo Group Limited"	"c:\windows\system32\drivers\smiif32.sys"
+ "LSI_FC"	"LSI Fusion-MPT FC Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"	"LSI Fusion-MPT SAS Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"	"LSI SAS Gen2 Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"	"LSI Fusion-MPT SCSI Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas"	"MEGASAS RAID Controller Driver for Windows 7 for x86"	"LSI Corporation"	"c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"	"LSI MegaRAID Software RAID Driver"	"LSI Corporation, Inc."	"c:\windows\system32\drivers\megasr.sys"
+ "netr28u"	"Ralink 802.11n Wireless Adapter Driver"	"Ralink Technology Corp."	"c:\windows\system32\drivers\netr28u.sys"
+ "netw5v32"	"Intel® Wireless WiFi Link Driver"	"Intel Corporation"	"c:\windows\system32\drivers\netw5v32.sys"
+ "NETwNs32"	"Intel® Wireless WiFi Link Driver"	"Intel Corporation"	"c:\windows\system32\drivers\netwns32.sys"
+ "nfrd960"	"IBM ServeRAID Controller Driver"	"IBM Corporation"	"c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid"	"NVIDIA® nForce(TM) RAID Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"	"NVIDIA® nForce(TM) Sata Performance Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvstor.sys"
+ "psadd"	"SMBIOS Driver"	"Lenovo Information Product(ShenZhen China) Inc."	"c:\windows\system32\drivers\psadd.sys"
+ "PxHelp20"	"Px Engine Device Driver for Windows 2000/XP"	"Sonic Solutions"	"c:\windows\system32\drivers\pxhelp20.sys"
+ "ql2300"	"QLogic Fibre Channel Stor Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"	"QLogic iSCSI Storport Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql40xx.sys"
+ "secdrv"	"Macrovision SECURITY Driver"	"Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."	"c:\windows\system32\drivers\secdrv.sys"
+ "Shockprf"	"Shockproof Disk Driver"	"Lenovo."	"c:\windows\system32\drivers\apsx86.sys"
+ "SiSRaid2"	"SiS RAID Stor Miniport Driver"	"Silicon Integrated Systems Corp."	"c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"	"SiS AHCI Stor-Miniport Driver"	"Silicon Integrated Systems"	"c:\windows\system32\drivers\sisraid4.sys"
+ "SNP2UVC"	"UVC Camera Streaming Driver"	""	"c:\windows\system32\drivers\snp2uvc.sys"
+ "SrvHsfHDA"	"HSF_HWAZL WDM driver"	"Conexant Systems, Inc."	"c:\windows\system32\drivers\vstazl3.sys"
+ "SrvHsfV92"	"HSF_DP driver"	"Conexant Systems, Inc."	"c:\windows\system32\drivers\vstdpv3.sys"
+ "SrvHsfWinac"	"HSF_CNXT driver"	"Conexant Systems, Inc."	"c:\windows\system32\drivers\vstcnxt3.sys"
+ "stexstor"	"Promise  SuperTrak EX Series Driver for Windows "	"Promise Technology"	"c:\windows\system32\drivers\stexstor.sys"
+ "Synth3dVsc"	""	""	"File not found: System32\drivers\synth3dvsc.sys"
+ "TPDIGIMN"	"APS Digitizer Activity Monitor"	"Lenovo."	"c:\windows\system32\drivers\apshm86.sys"
+ "TPPWRIF"	"Power Manager"	"Lenovo Group Limited"	"c:\windows\system32\drivers\tppwr32v.sys"
+ "tsusbhub"	"@%SystemRoot%\system32\drivers\tsusbhub.sys,-2"	""	"File not found: system32\drivers\tsusbhub.sys"
+ "VClone"	"VirtualCloneCD Driver"	"Elaborate Bytes AG"	"c:\windows\system32\drivers\vclone.sys"
+ "VGPU"	""	""	"File not found: System32\drivers\rdvgkmd.sys"
+ "viaide"	"VIA Generic PCI IDE Bus Driver"	"VIA Technologies, Inc."	"c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"	"VIA RAID DRIVER FOR AMD-X86-64"	"VIA Technologies Inc.,Ltd"	"c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\system32\l3codeca.acm"
+ "vidc.cvid"	"Cinepak® Codec"	"Radius Inc."	"c:\windows\system32\iccvid.dll"
+ "VIDC.FFDS"	""	""	"c:\program files\combined community codec pack\filters\ffdshow\ff_vfw.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""
+ ""MainConcept (Adobe2) AAC Decoder""	"AAC audio decoder filter"	"MainConcept AG"	"c:\program files\adobe\adobe premiere pro cs4\ad2daac.ax"
+ ""MainConcept (Adobe2) AAC Encoder""	"AAC audio encoder filter"	"MainConcept AG"	"c:\program files\adobe\adobe premiere pro cs4\ad2eaac.ax"
+ ""MainConcept (Adobe2) H.264 Encoder""	"DirectShow H.264/AVC Encoder Filter"	"MainConcept AG"	"c:\program files\adobe\adobe premiere pro cs4\ad2esh264.ax"
+ ""MainConcept (Adobe2) H.264/AVC Decoder""	"DirectShow H.264/AVC Decoder Filter"	"MainConcept AG"	"c:\program files\adobe\adobe premiere pro cs4\ad2dsh264.ax"
+ ""MainConcept (Adobe2) H.264/AVC Video Encoder""	"DirectShow H.264/AVC Video Encoder Filter"	"MainConcept AG"	"c:\program files\adobe\adobe premiere pro cs4\ad2evh264.ax"
+ ""MainConcept (Adobe2) MPEG Audio Decoder""	"MPEG Video and Audio Decoder"	"MainConcept AG"	"c:\program files\adobe\adobe premiere pro cs4\ad2mcdsmpeg.ax"
+ ""MainConcept (Adobe2) MPEG Audio Encoder""	"MPEG Audio Encoder"	"MainConcept AG"	"c:\program files\adobe\adobe premiere pro cs4\ad2mceampeg.ax"
+ ""MainConcept (Adobe2) MPEG Encoder""	"MPEG Encoder and Muxer"	"MainConcept AG"	"c:\program files\adobe\adobe premiere pro cs4\ad2mcesmpeg.ax"
+ ""MainConcept (Adobe2) MPEG Multiplexer""	"MPEG Multiplexer"	""	"c:\program files\adobe\adobe premiere pro cs4\ad2mcmuxmpeg.ax"
+ ""MainConcept (Adobe2) MPEG Splitter""	"Mpeg I/II Splitter"	"MainConcept AG"	"c:\program files\adobe\adobe premiere pro cs4\ad2mcspmpeg.ax"
+ ""MainConcept (Adobe2) MPEG Video Decoder""	"MPEG Video and Audio Decoder"	"MainConcept AG"	"c:\program files\adobe\adobe premiere pro cs4\ad2mcdsmpeg.ax"
+ ""MainConcept (Adobe2) MPEG Video Encoder""	"MPEG Video Encoder"	"MainConcept AG"	"c:\program files\adobe\adobe premiere pro cs4\ad2mcevmpeg.ax"
+ "Canon DES Resizer SaveMode"	"CanonDESResizer"	"Canon Inc."	"c:\program files\canon\mdl30\canondesresizer.ax"
+ "Canon H.264 Decode Filter"	"Canon H.264 Mov Filter"	"Canon Inc."	"c:\program files\canon\canon mov decoder\180\canonh264filter.ax"
+ "Canon H.264 Encoder 1.6.0"	"Canon H264 Encoder Filter"	"CANON INC."	"c:\program files\canon\canon mov encoder\canonh264encoder.ax"
+ "Canon Image Rotation Filter"	"Canon Image Rotation Filter "	"Canon Inc."	"c:\program files\canon\mdp\canonrotatefilter.dll"
+ "Canon MDP Motion-JPEG Decoder"	"Canon MDP Motion-JPEG Decoder Filter"	"Canon Inc."	"c:\program files\canon\mdp\canonmdpmjpegdecoder.ax"
+ "Canon Motion-JPEG Decoder"	"Canon Motion-JPEG Decoder Filter"	"Canon Inc."	"c:\program files\canon\mdl30\canonmjpegdecoder.ax"
+ "Canon Motion-JPEG Encoder"	"Motion-JPEG Encoder Filter"	"Canon Inc."	"c:\program files\canon\mdl30\canonmjpegencoder.ax"
+ "Canon Mov File Parser Filter"	"Canon H.264 Mov Filter"	"Canon Inc."	"c:\program files\canon\canon mov decoder\180\canonh264filter.ax"
+ "Canon Mov File Parser Filter2"	"Canon H.264 Mov Filter"	"Canon Inc."	"c:\program files\canon\canon mov decoder\180\canonh264filter.ax"
+ "Canon Resizer"	"CanonResizer"	"Canon Inc."	"c:\program files\canon\mdl30\canonresizer.ax"
+ "Canon Text Source Filter"	"Canon Text Source Filter"	"Canon Inc."	"c:\program files\canon\mdl30\canontextsourcefilter.ax"
+ "Canon WAV Dest"	"CanonWavDest"	"Canon Inc."	"c:\program files\canon\mdl30\canonwavdest.ax"
+ "Canon-Actual-Data-Length-Setter"	"CanonActualDataLengthSetter"	"Canon Inc."	"c:\program files\canon\mdl30\canonactualdatalengthsetter.ax"
+ "Capture File Writer"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "DirectVobSub"	"VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"	"MPC-HC Team"	"c:\program files\combined community codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)"	"VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"	"MPC-HC Team"	"c:\program files\combined community codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder"	"DirectShow and VFW video and audio decoding/encoding/processing filter"	""	"c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "Haali Matroska Muxer"	"Haali Media Splitter"	""	"c:\program files\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter"	"Haali Media Splitter"	""	"c:\program files\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)"	"Haali Media Splitter"	""	"c:\program files\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter"	"Haali Media Splitter"	""	"c:\program files\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer"	""	""	"c:\program files\combined community codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink"	"Haali Media Splitter"	""	"c:\program files\combined community codec pack\filters\haali\splitter.ax"
+ "LAV Audio Decoder"	"LAV Audio Decoder - DirectShow Audio Decoder"	"1f0.de - Hendrik Leppkes"	"c:\program files\combined community codec pack\filters\lavfilters\lavaudio.ax"
+ "LAV Splitter"	"LAV Splitter - DirectShow Media Splitter"	"1f0.de - Hendrik Leppkes"	"c:\program files\combined community codec pack\filters\lavfilters\lavsplitter.ax"
+ "LAV Splitter Source"	"LAV Splitter - DirectShow Media Splitter"	"1f0.de - Hendrik Leppkes"	"c:\program files\combined community codec pack\filters\lavfilters\lavsplitter.ax"
+ "LAV Video Decoder"	"LAV Video Decoder - DirectShow Video Decoder"	"1f0.de - Hendrik Leppkes"	"c:\program files\combined community codec pack\filters\lavfilters\lavvideo.ax"
+ "Microsoft Zune H.264 Video Decoder"	"Microsoft Zune H.264 Video Decoder"	"Microsoft Corporation"	"c:\program files\zune\zuneh264dec.dll"
+ "MPC - MPEG-2 Video Decoder (Gabest)"	"MPEG-2 Decoder Filter for DirectShow"	"MPC-HC Team"	"c:\program files\combined community codec pack\filters\mpeg2decfilter.ax"
+ "psWav Dest"	"Canon Utilities Support Library"	"Canon Inc."	"c:\program files\canon\zoombrowser ex mcu\pswavdes.ax"
+ "Record Queue"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMEnc Screen Capture Filter"	"ZuneSrcWrp Module"	"Microsoft Corporation"	"c:\program files\zune\zunesrcwrp.dll"
+ "WMT DV Extract Filter"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Zune Enhanced Video Renderer"	"Enhanced Video Renderer DLL"	"Microsoft Corporation"	"c:\program files\zune\zuneevr.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"	""	""	""
+ "WLIDCredentialProvider"	"Microsoft® Windows Live ID Credential Provider"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"	""	""	""
+ "igfxcui"	"igfxdev Module"	"Intel Corporation"	"c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"	""	""	""
+ "WindowsLive Local NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"	""	""	""
+ "Bullzip PDF Print Monitor"	"Bullzip PDF Writer"	"Bullzip"	"c:\windows\system32\bzpdf.dll"
+ "PCL hpz3l5k2"	"LanguageMonitor"	"Hewlett-Packard Company"	"c:\windows\system32\hpz3l5k2.dll"

Norman Log
Norman Malware Cleaner v2.05.06
Copyright © 1990 - 2012, Norman ASA.

Norman Scanner Engine Version: 6.08.06
nvcbin.def: Version: 6.08.00, Date: 2012/09/27 00:01:36, Variants: 18526623
nvcmacro.def: Version: 6.08.00, Date: 2011/12/19 04:20:35, Variants: 20465

Operating System: Windows 7 Service Pack 1 

Switches: /iagree /nosb

Scan started: 2012/09/27 13:40:03

Running pre-scan cleanup routine...
Potentially unwanted registry value: 'HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{417E626D-4F77-4EB6-8A3E-95FDDBC12377} --> NameServer = 202.98.198.167,202.98.192.67'
Modify registry value: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{417E626D-4F77-4EB6-8A3E-95FDDBC12377} --> NameServer from '202.98.198.167,202.98.192.67' to '8.8.8.8,8.8.4.4'
Cleaning successful
Potentially unwanted registry value: 'HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7A46FBA0-F787-4DA5-8491-9D5EAAC1C333} --> NameServer = 129.105.49.1 165.124.49.21'
Modify registry value: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7A46FBA0-F787-4DA5-8491-9D5EAAC1C333} --> NameServer from '129.105.49.1 165.124.49.21' to '8.8.8.8,8.8.4.4'
Cleaning successful

Number of malicious objects found: 2
Number of malicious objects cleaned: 2
Scanning time: 1s

Scanning system for active rootkit activity...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s

Scanning running processes and process memory...

Number of objects found: 2483
Number of objects scanned: 2483
Number of objects not scanned: 0
Number of malicious memory objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 3m 48s

Scanning system for FakeAV...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s

Running quick scan...
Fatal error occured while running quick scan

Number of files found: 0
Number of archives unpacked: 0
Number of objects found: 0
Number of objects scanned: 0
Number of objects not scanned: 0
Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 19s

Running post-scan cleanup routine...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s

Results:
Total number of files found: 0
Total number of archives unpacked: 0
Total number of objects found: 2483
Total number of objects scanned: 2483
Total number of objects not scanned: 0
Total number of malicious objects found: 2
Total number of malicious objects cleaned: 2
Total number of malicious files found: 0
Total number of malicious files cleaned: 0
Total number of objects quarantined: 2
Total scanning time: 4m 8s


#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:32 AM

Posted 29 September 2012 - 01:42 PM

Back up your firefox uninstall it and then reboot and reinstall.
http://kb.mozillazine.org/Backing_up_and_restoring_bookmarks_-_Firefox

#8 mistuhsun

mistuhsun
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 02 October 2012 - 04:18 PM

The redirects seem to have stopped after the backup. Thank you.

But I'm still concerned that there's something lurking on my system which will either come back or compromise my security. What are the next steps I should take?

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:32 AM

Posted 02 October 2012 - 05:45 PM

To be absolutely sure then you need to Post a DDS log.
Start a topic named "want to be sure I'm clean."


Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users