exp/java.niabil.gen

View previous topic View next topic Go down

exp/java.niabil.gen

Post by lolaplow on Wed 04 Apr 2012, 9:23 am

Hello,

Yesterday i scanned my laptop with avira and detected Exp/java.Niabil.Gen I've never seen this before and chose to quarrentine it with avira. Today, i turned on my laptop and a box popped up saying,
"The profile could not be found." This has never appear before to day and i would like some help checking over my laptop.

thanks
James


Last edited by lolaplow on Wed 04 Apr 2012, 9:35 am; edited 2 times in total

lolaplow

Newbie Surfer
Newbie Surfer

Posts : 38
Joined : 2011-06-07
Operating System : windows 7

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by lolaplow on Wed 04 Apr 2012, 9:24 am

Here is the OTL text files, however there was no extra file that appeared.

OTL logfile created on: 4/4/2012 9:58:34 AM - Run 4
OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\James\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy

3.80 Gb Total Physical Memory | 2.07 Gb Available Physical Memory | 54.53% Memory free
7.60 Gb Paging File | 5.43 Gb Available in Paging File | 71.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 445.40 Gb Total Space | 38.77 Gb Free Space | 8.70% Space Free | Partition Type: NTFS
Drive D: | 20.06 Gb Total Space | 2.92 Gb Free Space | 14.54% Space Free | Partition Type: NTFS

Computer Name: JAMES-HP | User Name: James | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/04 09:54:33 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
PRC - [2012/03/21 19:39:39 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/07/04 17:15:27 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/01 21:28:41 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/17 11:43:32 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/03/04 13:36:51 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/02/19 12:04:12 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
PRC - [2011/02/16 19:23:40 | 001,759,232 | ---- | M] (TODO: ) -- C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
PRC - [2011/01/05 21:09:52 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/10/27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/10/14 16:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/08/25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/06/30 14:00:08 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/06/30 13:58:04 | 000,602,168 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/06/25 17:32:50 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2010/05/01 13:21:14 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/05/01 13:21:14 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/04/27 14:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
PRC - [2010/04/14 15:13:52 | 000,243,544 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe
PRC - [2010/04/10 11:54:38 | 001,441,544 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/12/02 21:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/12/02 21:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2007/12/19 11:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/27 17:23:18 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\94eb4ca06f43edf88bbdecd3729657d5\System.Management.ni.dll
MOD - [2011/05/26 23:55:20 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e1f199a523bdc014cd19072d583e7cc\PresentationFramework.Aero.ni.dll
MOD - [2011/05/26 23:55:05 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\adc8998d96ca331d17cef00b1ef95a5f\System.Runtime.Remoting.ni.dll
MOD - [2011/05/26 23:55:03 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\b9565c454a22ca564978b05db4186f22\System.Data.ni.dll
MOD - [2011/05/26 23:54:54 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7827588b8043e8be3184c8a64a867fc\PresentationFramework.ni.dll
MOD - [2011/05/26 23:54:41 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4ea95056046fdf87f06ae807308b627\System.Windows.Forms.ni.dll
MOD - [2011/05/26 23:54:35 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2a34e74599686e7383ae90670a994cdf\System.Drawing.ni.dll
MOD - [2011/05/26 23:54:33 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\03dd2b7701ca5cfe696d4ca5a0f7b8bb\PresentationCore.ni.dll
MOD - [2011/05/26 23:54:24 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\caa9d8bca3092573cdbb67c8e81bf0f3\WindowsBase.ni.dll
MOD - [2011/05/26 23:54:19 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\167c8c3817ba1f48fe7396cc56f557e3\System.Xml.ni.dll
MOD - [2011/05/26 23:54:16 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9d054fc9618b81d5703af1662cd11135\System.Configuration.ni.dll
MOD - [2011/05/26 23:54:15 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\50c67f851ae3df2d0ab7d86fd1c5c7e0\System.ni.dll
MOD - [2011/05/26 23:54:09 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ebdaeaeb9f66c9035b5f11431f10cda4\mscorlib.ni.dll
MOD - [2011/02/19 12:04:12 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
MOD - [2011/01/04 21:08:04 | 000,123,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2010/06/17 07:48:34 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/06/17 07:48:32 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/06/17 07:48:32 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2010/04/27 14:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
MOD - [2010/02/10 13:58:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/02/10 13:58:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/02/10 13:58:24 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2010/02/10 13:58:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2010/02/10 13:58:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2010/02/10 13:58:22 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2010/02/10 13:58:18 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2010/02/10 13:58:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2009/06/11 09:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/16 21:01:06 | 001,028,096 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/06/30 06:52:12 | 004,181,256 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV:64bit: - [2010/06/22 17:57:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/19 11:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/06/18 17:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/05/21 08:28:14 | 000,677,128 | ---- | M] (Motorola, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV:64bit: - [2010/05/21 08:28:12 | 001,096,968 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)
SRV:64bit: - [2009/07/14 13:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/09 07:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/03/03 22:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2011/07/04 17:15:27 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/01 21:28:41 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/04/17 11:43:32 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/10/14 16:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/09/16 21:01:05 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/30 14:00:08 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/05/01 13:21:14 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/05/01 13:21:14 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/04/04 11:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/12/02 21:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/12/02 21:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/06/11 09:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/08/02 16:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/04 17:15:28 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/07/04 17:15:28 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/01/16 20:44:18 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010/10/01 00:16:34 | 000,013,312 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VKbms.sys -- (VKbms)
DRV:64bit: - [2010/07/27 10:09:29 | 000,107,912 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/07/27 10:09:29 | 000,027,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/06/30 05:12:26 | 003,232,768 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmusb.sys -- (BTMUSB)
DRV:64bit: - [2010/06/25 17:32:52 | 000,032,880 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/24 16:37:24 | 000,931,168 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2010/06/22 19:17:52 | 006,856,704 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/06/22 17:28:32 | 010,342,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/06/22 17:28:32 | 010,342,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/06/22 17:24:12 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/06/18 17:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/05/28 11:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/05/07 01:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/05/01 13:21:00 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2010/04/14 04:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/04/10 11:53:04 | 000,052,736 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmcom.sys -- (BTMCOM)
DRV:64bit: - [2010/03/23 16:37:34 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\danew.sys -- (danewFltr)
DRV:64bit: - [2010/03/05 17:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/01/12 10:31:04 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/12/02 21:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2009/12/02 21:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009/12/02 21:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2009/12/02 21:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009/10/27 08:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/08/10 15:25:32 | 000,047,104 | ---- | M] (Cypress Semiconductor) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CYUSB.sys -- (CYUSB)
DRV:64bit: - [2009/07/14 13:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 13:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 13:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 13:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 13:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 11:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/09 07:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/09 07:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/11 09:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/11 09:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/11 09:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/11 08:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/11 08:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/11 08:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 08:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 08:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 08:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/14 13:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {A3CD4F45-D132-4B2A-9740-C9B08D241A47}
IE:64bit: - HKLM\..\SearchScopes\{483EAD0E-7B79-4758-BDBF-621C21009033}: "URL" = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\..\SearchScopes\{6F7730BB-5ED9-4475-A63C-AC5DC1A40C38}: "URL" = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\..\SearchScopes\{A3CD4F45-D132-4B2A-9740-C9B08D241A47}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\..\SearchScopes,DefaultScope = {A3CD4F45-D132-4B2A-9740-C9B08D241A47}
IE - HKLM\..\SearchScopes\{483EAD0E-7B79-4758-BDBF-621C21009033}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\..\SearchScopes\{6F7730BB-5ED9-4475-A63C-AC5DC1A40C38}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\..\SearchScopes\{A3CD4F45-D132-4B2A-9740-C9B08D241A47}: "URL" = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
IE - HKCU\..\SearchScopes,DefaultScope = {A3CD4F45-D132-4B2A-9740-C9B08D241A47}
IE - HKCU\..\SearchScopes\{483EAD0E-7B79-4758-BDBF-621C21009033}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{6F7730BB-5ED9-4475-A63C-AC5DC1A40C38}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{A3CD4F45-D132-4B2A-9740-C9B08D241A47}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co.nz/firefox?client=firefox-a&rls=org.mozilla:en-GB:official"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\Firefox [2010/09/16 21:26:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/09/16 21:26:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files (x86)\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox [2010/12/28 17:07:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/21 19:39:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/02/28 23:08:37 | 000,000,000 | ---D | M]

[2011/01/11 16:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\James\AppData\Roaming\Mozilla\Extensions
[2011/11/27 19:40:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\n1tjtog7.default\extensions
[2011/01/16 20:44:14 | 000,002,059 | ---- | M] () -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\n1tjtog7.default\searchplugins\daemon-search.xml
[2012/03/21 19:39:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/21 19:39:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/25 21:03:35 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/02 00:16:15 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/10/02 00:16:15 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/10/02 00:16:15 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/10/02 00:16:15 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/10/02 00:16:15 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009/06/11 09:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Program Files (x86)\ArcSoft\Media Converter for Philips\Internet Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O4 - HKCU..\Run: [RGSC] C:\Program Files (x86)\All games\gta4\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9:64bit: - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} [You must be registered and logged in to see this link.] (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_31)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} [You must be registered and logged in to see this link.] (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA6939F1-3D7E-4FBB-9FD9-6C96DF05E931}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*



SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

lolaplow

Newbie Surfer
Newbie Surfer

Posts : 38
Joined : 2011-06-07
Operating System : windows 7

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by lolaplow on Wed 04 Apr 2012, 9:29 am

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/04/04 09:54:51 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\James\Desktop\aswMBR.exe
[2012/04/04 09:54:26 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
[2012/03/18 21:26:28 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\engr assign. 2

========== Files - Modified Within 30 Days ==========

[2012/04/04 09:57:28 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/04 09:57:28 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/04 09:55:22 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\James\Desktop\aswMBR.exe
[2012/04/04 09:54:33 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\James\Desktop\OTL.com
[2012/04/04 09:48:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/04 09:48:08 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/03 22:44:57 | 000,000,206 | ---- | M] () -- C:\Users\James\Desktop\hwmonitorw.ini
[2012/04/03 08:42:03 | 000,740,656 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/03 08:42:03 | 000,637,672 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/03 08:42:03 | 000,114,824 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/02 09:46:36 | 001,392,000 | ---- | M] () -- C:\Users\James\Desktop\Rainmeter-2.2.exe
[2012/03/31 10:00:58 | 000,425,987 | ---- | M] () -- C:\Users\James\Desktop\x63_aurora_borealis_by_halonacc.jpg
[2012/03/28 06:18:42 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJames.job
[2012/03/18 17:08:28 | 000,042,052 | ---- | M] () -- C:\Users\James\Desktop\timetable.f.png
[2012/03/16 19:32:56 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/10 12:28:29 | 034,455,547 | ---- | M] () -- C:\Users\James\Desktop\Works of Satoshi Kamiya.pdf

========== Files Created - No Company Name ==========

[2012/04/02 09:57:30 | 000,001,220 | ---- | C] () -- C:\Users\Public\Documents\mathlab1.rdp
[2012/04/02 09:46:33 | 001,392,000 | ---- | C] () -- C:\Users\James\Desktop\Rainmeter-2.2.exe
[2012/03/31 09:56:18 | 000,425,987 | ---- | C] () -- C:\Users\James\Desktop\x63_aurora_borealis_by_halonacc.jpg
[2012/03/18 17:08:28 | 000,042,052 | ---- | C] () -- C:\Users\James\Desktop\timetable.f.png
[2012/03/10 12:20:48 | 034,455,547 | ---- | C] () -- C:\Users\James\Desktop\Works of Satoshi Kamiya.pdf
[2011/06/09 19:17:58 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/06/09 19:17:58 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/06/09 19:17:58 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/06/09 19:17:58 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/06/09 19:17:58 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/06/07 21:03:56 | 000,001,854 | ---- | C] () -- C:\Users\James\AppData\Roaming\GhostObjGAFix.xml
[2011/03/31 20:02:48 | 000,000,093 | ---- | C] () -- C:\Users\James\AppData\Local\fusioncache.dat
[2011/03/30 21:51:55 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/03/30 21:51:54 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/03/30 21:51:54 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/02/20 16:53:53 | 000,748,584 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/07 18:42:47 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011/02/07 18:42:47 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011/02/07 18:42:47 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011/02/07 18:42:47 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011/02/07 18:42:47 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011/02/07 18:42:47 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011/02/07 18:42:47 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011/02/07 18:42:47 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011/02/07 18:42:47 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011/02/07 18:42:47 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2011/02/07 18:42:47 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011/02/07 18:42:47 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011/02/07 18:42:47 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011/02/07 18:42:47 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011/02/07 18:42:47 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011/02/07 18:42:47 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2011/02/07 18:42:47 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2011/02/07 18:42:47 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011/02/07 18:42:47 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011/02/07 18:38:53 | 000,000,025 | ---- | C] () -- C:\Windows\CDE CX3900EC.ini
[2011/01/16 22:37:12 | 000,000,341 | ---- | C] () -- C:\Windows\game.ini
[2011/01/14 20:05:32 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2011/01/14 20:05:32 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2011/01/14 20:05:32 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2011/01/14 19:49:41 | 000,050,690 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2011/01/01 21:17:13 | 000,038,407 | ---- | C] () -- C:\Windows\scunin.dat
[2010/09/16 21:03:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/16 21:00:51 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2010/09/16 20:57:17 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2010/09/16 20:55:36 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010/09/16 20:55:36 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/09/16 20:55:36 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/09/16 20:55:35 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/09/16 20:55:35 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010/09/16 20:55:34 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/09/16 20:55:18 | 000,000,299 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/09/16 20:55:18 | 000,000,240 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/07/27 12:22:49 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010/07/27 11:22:20 | 000,000,186 | ---- | C] () -- C:\Windows\SysWow64\HP Documentation.ini

========== Custom Scans ==========

< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >
[2012/04/04 09:55:22 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\James\Desktop\aswMBR.exe
[2011/11/27 19:42:42 | 009,168,552 | ---- | M] (Gretech Corporation) -- C:\Users\James\Desktop\GOMPLAYERENSETUP.EXE
[2010/12/31 19:44:25 | 001,750,504 | ---- | M] (CPUID) -- C:\Users\James\Desktop\HWMonitor.exe
[2012/03/03 15:59:34 | 071,279,472 | ---- | M] (Apple Inc.) -- C:\Users\James\Desktop\iTunes64Setup.exe
[2012/02/23 13:58:03 | 039,401,336 | ---- | M] (Apple Inc.) -- C:\Users\James\Desktop\QuickTimeInstaller.exe
[2012/04/02 09:46:36 | 001,392,000 | ---- | M] () -- C:\Users\James\Desktop\Rainmeter-2.2.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2012/03/21 19:39:39 | 000,125,880 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
[2012/03/21 19:39:39 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
[2012/03/21 19:39:38 | 000,016,824 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
[2012/03/21 19:39:38 | 000,269,240 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2012/04/04 09:51:40 | 000,000,018 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\log.txt

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2011/06/18 12:34:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2011/11/30 21:02:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\All games
[2012/02/23 14:00:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2010/12/28 17:07:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ArcSoft
[2010/09/16 20:57:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
[2011/03/26 21:00:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Avira
[2010/09/16 21:26:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bing Bar Installer
[2012/03/03 16:01:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2012/02/25 21:03:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2010/09/16 21:18:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2011/01/16 20:44:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Lite
[2011/02/07 19:56:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EPSON
[2011/06/10 15:49:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ESET
[2011/11/27 19:45:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\gom player
[2011/01/04 21:07:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hewlett-Packard
[2010/09/16 21:01:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP
[2010/09/16 21:24:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP Games
[2010/07/27 11:32:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP Photo Creations
[2012/04/02 09:20:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2010/09/16 20:58:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2012/02/23 14:01:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2012/03/03 16:02:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2011/12/03 10:57:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2011/06/08 15:17:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/07/27 09:27:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2011/02/20 16:53:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2011/06/24 23:02:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011/03/28 21:49:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2011/07/09 17:12:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/07/27 09:28:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/03/28 21:49:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/03/28 21:47:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011/03/28 21:50:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2011/03/28 21:49:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2012/03/21 19:39:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2011/03/28 21:49:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2010/09/16 21:26:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN Toolbar
[2010/12/29 21:51:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2010/12/26 01:33:04 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Online Services
[2010/09/16 21:00:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ralink
[2011/05/21 11:13:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Razer
[2010/09/16 20:59:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 17:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010/09/16 21:04:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SoftStylus
[2011/03/30 20:49:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ubisoft
[2009/07/14 16:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2011/11/27 19:48:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Update
[2009/07/14 17:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2010/07/27 09:28:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/07/27 09:27:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010/12/29 21:59:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/12/29 21:59:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 17:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2009/07/14 17:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2009/07/14 17:32:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2010/12/26 01:32:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2011/01/14 18:56:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR

< MD5 for: AGP440.SYS >
[2009/07/14 13:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 13:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 13:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_0dbde3119acb22ca\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_dab2e93700ba2683\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16552_none_394a8c733b252fb9\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16593_none_39204d0d3b44b8d4\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20669_none_39d05b5854449cd5\atapi.sys
[2009/07/14 13:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20713_none_3a006b1e5421763d\atapi.sys

< MD5 for: DISK.SYS >
[2009/07/14 13:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\drivers\disk.sys
[2009/07/14 13:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009/07/14 13:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: IASTOR.SYS >
[2010/04/14 04:44:22 | 000,540,696 | ---- | M] (Intel Corporation) MD5=1384872112E8E7FD5786ECEB8BDDF4C9 -- C:\Windows\SysNative\drivers\iaStor.sys
[2010/04/14 04:44:22 | 000,540,696 | ---- | M] (Intel Corporation) MD5=1384872112E8E7FD5786ECEB8BDDF4C9 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_d085c8f0cb5c2856\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 13:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\ERDNT\cache64\netlogon.dll
[2009/07/14 13:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009/07/14 13:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 13:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache86\netlogon.dll
[2009/07/14 13:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 13:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2010/07/27 10:09:29 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\SysNative\drivers\nvstor.sys
[2010/07/27 10:09:29 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_c09ee40f078b4594\nvstor.sys
[2010/07/27 10:09:29 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009/07/14 13:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 13:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2010/07/27 10:09:29 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/03/21 19:39:38 | 000,834,704 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/03/21 19:39:38 | 000,834,704 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/03/21 19:39:38 | 000,834,704 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/03/21 19:39:39 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/03/21 19:39:39 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/03/21 19:39:39 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/14 13:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/14 13:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/14 13:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/04/23 07:29:16 | 000,673,040 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2011/04/23 07:29:16 | 000,673,040 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/03/21 19:39:38 | 000,834,704 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/03/21 19:39:38 | 000,834,704 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/03/21 19:39:38 | 000,834,704 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/03/21 19:39:39 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/03/21 19:39:39 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/03/21 19:39:39 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2009/07/14 13:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2009/07/14 13:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2009/07/14 13:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/04/23 07:29:16 | 000,673,040 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2011/04/23 07:29:16 | 000,673,040 | ---- | M] (Microsoft Corporation)

< End of report >



I downloaded aswMBR and it asked me to download the latest Avast. I didnt do this.

aswMBR text files

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-04 10:11:21
-----------------------------
10:11:21.331 OS Version: Windows x64 6.1.7600
10:11:21.331 Number of processors: 4 586 0x2505
10:11:21.331 ComputerName: JAMES-HP UserName: James
10:11:23.405 Initialize success
10:13:38.954 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:13:38.970 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
10:13:38.985 Disk 0 MBR read successfully
10:13:38.985 Disk 0 MBR scan
10:13:38.985 Disk 0 unknown MBR code
10:13:39.001 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
10:13:39.016 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 456091 MB offset 409600
10:13:39.048 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 20545 MB offset 934483968
10:13:39.079 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
10:13:39.126 Disk 0 scanning C:\Windows\system32\drivers
10:13:45.178 Service scanning
10:14:05.677 Modules scanning
10:14:05.677 Disk 0 trace - called modules:
10:14:05.708 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
10:14:06.223 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006ff6060]
10:14:06.223 3 CLASSPNP.SYS[fffff88001a8143f] -> nt!IofCallDriver -> [0xfffffa8005120b10]
10:14:06.238 5 hpdskflt.sys[fffff880015f6289] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005004050]
10:14:06.238 Scan finished successfully
10:14:55.441 Disk 0 MBR has been saved successfully to "C:\Users\James\Desktop\MBR.dat"
10:14:55.457 The log file has been saved successfully to "C:\Users\James\Desktop\aswMBR log.txt"



Security Check by screen317

Results of screen317's Security Check version 0.99.32
Windows 7 x64
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Avira AntiVir Personal - Free Antivirus
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Java(TM) 6 Update 31
Adobe Reader X 10.1.0 Adobe Reader out of Date!
Mozilla Firefox (11.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Avira Antivir avgnt.exe
Avira Antivir avguard.exe
``````````End of Log````````````


Thanks

lolaplow

Newbie Surfer
Newbie Surfer

Posts : 38
Joined : 2011-06-07
Operating System : windows 7

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by Superdave on Thu 05 Apr 2012, 9:34 am

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
Your C drive only has 8.7% free space. Windows requires at least 15%(67 Gb) to operate effectively. You should find some way to free up some space on that drive or soon it will become a major problem. You can uninstall unused programs and save important photos, music, videos and other data to an external harddrive of DVD's.

Please download MBRCheck.exe by a_d_13 from one of the links provided below and save it to your desktop.

Link 1
Link 2
Link 3

•Double-click on MBRCheck.exe to run it.

•It will open a black window...please do not fix anything (if it gives you an option).

•When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.

•A log named MBRCheck_date_time.txt (i.e. MBRCheck_07.21.10_10.22.51.txt) will appear on the desktop.
•Please copy and paste the contents of that log in your next reply.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by lolaplow on Thu 05 Apr 2012, 11:03 am

Hello Dave,
thanks for helping,
the ran the MBRcheck but i didnt c the Done!, however the log did appear;


MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv6 Notebook PC
Logical Drives Mask: 0x0001005c

Kernel Drivers (total 205):
0x02E5C000 \SystemRoot\system32\ntoskrnl.exe
0x02E13000 \SystemRoot\system32\hal.dll
0x00BA0000 \SystemRoot\system32\kdcom.dll
0x00CAF000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CF3000 \SystemRoot\system32\PSHED.dll
0x00D07000 \SystemRoot\system32\CLFS.SYS
0x00E6B000 \SystemRoot\system32\CI.dll
0x00F2B000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00FCF000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00E00000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00E57000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00E60000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00D65000 \SystemRoot\system32\DRIVERS\pci.sys
0x00FDE000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00FEB000 \SystemRoot\System32\drivers\partmgr.sys
0x00D98000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00DA1000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00DAD000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00C5C000 \SystemRoot\System32\drivers\mountmgr.sys
0x010FC000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x01306000 \SystemRoot\system32\DRIVERS\atapi.sys
0x0130F000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x01339000 \SystemRoot\system32\DRIVERS\msahci.sys
0x01344000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x01354000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x0135F000 \SystemRoot\system32\drivers\fltmgr.sys
0x013AB000 \SystemRoot\system32\drivers\fileinfo.sys
0x0140F000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01000000 \SystemRoot\System32\Drivers\msrpc.sys
0x015B1000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0105E000 \SystemRoot\System32\Drivers\cng.sys
0x015CB000 \SystemRoot\System32\drivers\pcw.sys
0x015DC000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x016C3000 \SystemRoot\system32\drivers\ndis.sys
0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
0x01660000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01801000 \SystemRoot\System32\drivers\tcpip.sys
0x017B5000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x0168B000 \SystemRoot\system32\DRIVERS\wd.sys
0x01A7F000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01ACB000 \SystemRoot\System32\Drivers\spldr.sys
0x01AD3000 \SystemRoot\System32\drivers\rdyboost.sys
0x01B0D000 \SystemRoot\System32\Drivers\mup.sys
0x01B1F000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01B28000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
0x01B32000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01B6C000 \SystemRoot\system32\DRIVERS\disk.sys
0x01B82000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x0450E000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x04538000 \SystemRoot\System32\Drivers\Null.SYS
0x04541000 \SystemRoot\System32\Drivers\Beep.SYS
0x04548000 \SystemRoot\System32\drivers\vga.sys
0x04556000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x0457B000 \SystemRoot\System32\drivers\watchdog.sys
0x0458B000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x04594000 \SystemRoot\system32\drivers\rdpencdd.sys
0x0459D000 \SystemRoot\system32\drivers\rdprefmp.sys
0x045A6000 \SystemRoot\System32\Drivers\Msfs.SYS
0x045B1000 \SystemRoot\System32\Drivers\Npfs.SYS
0x045C2000 \SystemRoot\system32\DRIVERS\tdx.sys
0x045E0000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x04200000 \SystemRoot\system32\drivers\afd.sys
0x04289000 \SystemRoot\System32\DRIVERS\netbt.sys
0x042CE000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x01BC0000 \SystemRoot\system32\DRIVERS\pacer.sys
0x042D7000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x045ED000 \SystemRoot\system32\DRIVERS\netbios.sys
0x01A00000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
0x01A43000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x01A5E000 \SystemRoot\system32\DRIVERS\termdd.sys
0x06EAD000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x06EFE000 \SystemRoot\system32\drivers\nsiproxy.sys
0x06F0A000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x06F15000 \SystemRoot\System32\drivers\discache.sys
0x06F24000 \SystemRoot\System32\Drivers\dfsc.sys
0x06F42000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x06F53000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x06F77000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x06F9D000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x0740F000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x07AEB000 \SystemRoot\System32\Drivers\fastfat.SYS
0x08219000 \SystemRoot\system32\DRIVERS\igdpmd64.sys
0x02E22000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x02F16000 \SystemRoot\System32\drivers\dxgmms1.sys
0x02F5C000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x02F80000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x02F91000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x02FA2000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x0708E000 \SystemRoot\system32\DRIVERS\netr28x.sys
0x07178000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x071DC000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x07000000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x0700F000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x07062000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x07064000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x07073000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x07B21000 \SystemRoot\system32\DRIVERS\Impcd.sys
0x07080000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
0x071FA000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x02E00000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x02E09000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x08200000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x02FF8000 \SystemRoot\system32\DRIVERS\clwvd.sys
0x07B47000 \SystemRoot\system32\DRIVERS\ks.sys
0x08210000 \SystemRoot\system32\drivers\ksthunk.sys
0x07B8A000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x07BA0000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x07BC4000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x07BD0000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x06FE3000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x06E00000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x06E21000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x07400000 \SystemRoot\system32\DRIVERS\VKbms.sys
0x08BF6000 \SystemRoot\System32\drivers\mshidkmdf.sys
0x06E3B000 \SystemRoot\System32\drivers\HIDCLASS.SYS
0x06E54000 \SystemRoot\System32\drivers\HIDPARSE.SYS
0x0708C000 \SystemRoot\system32\DRIVERS\swenum.sys
0x06E5D000 \SystemRoot\system32\DRIVERS\circlass.sys
0x06E6F000 \SystemRoot\system32\DRIVERS\umbus.sys
0x07EA4000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x07EFE000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x07F13000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x07F20000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x07F2E000 \SystemRoot\system32\drivers\AtiHdmi.sys
0x07F51000 \SystemRoot\system32\drivers\portcls.sys
0x07F8E000 \SystemRoot\system32\drivers\drmk.sys
0x07E00000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x000C0000 \SystemRoot\System32\win32k.sys
0x07E82000 \SystemRoot\System32\drivers\Dxapi.sys
0x07E8E000 \SystemRoot\System32\Drivers\crashdmp.sys
0x042ED000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x07FB0000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x07FC3000 \SystemRoot\system32\drivers\danew.sys
0x07FC6000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x09643000 \SystemRoot\System32\Drivers\btmusb.sys
0x09959000 \SystemRoot\system32\DRIVERS\monitor.sys
0x09967000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x09984000 \SystemRoot\System32\Drivers\usbvideo.sys
0x005E0000 \SystemRoot\System32\TSDDD.dll
0x00760000 \SystemRoot\System32\cdd.dll
0x008E0000 \SystemRoot\System32\ATMFD.DLL
0x099B2000 \SystemRoot\system32\drivers\luafv.sys
0x099D5000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x099F4000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
0x09600000 \SystemRoot\system32\drivers\WudfPf.sys
0x09621000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x07185000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x07FD4000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x07FE7000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x03ECA000 \SystemRoot\system32\drivers\HTTP.sys
0x03F92000 \SystemRoot\system32\DRIVERS\bowser.sys
0x03FB0000 \SystemRoot\System32\drivers\mpsdrv.sys
0x03FC8000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x03E00000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x03E4E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x09A79000 \SystemRoot\system32\drivers\peauth.sys
0x09B1F000 \SystemRoot\System32\Drivers\secdrv.SYS
0x09B2A000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
0x09A00000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
0x03E71000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x09A4D000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0BE9F000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0BF06000 \SystemRoot\System32\DRIVERS\srv.sys
0x0BF9B000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
0x776B0000 \Windows\System32\ntdll.dll
0x47760000 \Windows\System32\smss.exe
0xFF9D0000 \Windows\System32\apisetschema.dll
0xFF6D0000 \Windows\System32\autochk.exe
0xFF7B0000 \Windows\System32\ole32.dll
0x775B0000 \Windows\System32\user32.dll
0xFF5D0000 \Windows\System32\setupapi.dll
0xFF4F0000 \Windows\System32\oleaut32.dll
0xFF4A0000 \Windows\System32\Wldap32.dll
0xFF370000 \Windows\System32\rpcrt4.dll
0xFF110000 \Windows\System32\iertutil.dll
0x77880000 \Windows\System32\normaliz.dll
0x77870000 \Windows\System32\psapi.dll
0xFF0F0000 \Windows\System32\sechost.dll
0xFF010000 \Windows\System32\advapi32.dll
0xFEF70000 \Windows\System32\clbcatq.dll
0xFE1E0000 \Windows\System32\shell32.dll
0xFE170000 \Windows\System32\gdi32.dll
0xFE140000 \Windows\System32\imm32.dll
0xFE130000 \Windows\System32\nsi.dll
0x77490000 \Windows\System32\kernel32.dll
0xFE120000 \Windows\System32\lpk.dll
0xFE080000 \Windows\System32\comdlg32.dll
0xFDF70000 \Windows\System32\msctf.dll
0xFDF20000 \Windows\System32\ws2_32.dll
0xFDDF0000 \Windows\System32\wininet.dll
0xFDD50000 \Windows\System32\msvcrt.dll
0xFDBD0000 \Windows\System32\urlmon.dll
0xFDB50000 \Windows\System32\difxapi.dll
0xFDAD0000 \Windows\System32\shlwapi.dll
0xFDAB0000 \Windows\System32\imagehlp.dll
0xFD9E0000 \Windows\System32\usp10.dll
0xFD9A0000 \Windows\System32\cfgmgr32.dll
0xFD960000 \Windows\System32\wintrust.dll
0xFD8C0000 \Windows\System32\comctl32.dll
0xFD8A0000 \Windows\System32\devobj.dll
0xFD830000 \Windows\System32\KernelBase.dll
0xFD6C0000 \Windows\System32\crypt32.dll
0xFD6B0000 \Windows\System32\msasn1.dll
0x75460000 \Windows\SysWOW64\normaliz.dll

Processes (total 100):
0 System Idle Process
4 System
312 C:\Windows\System32\smss.exe
440 csrss.exe
576 C:\Windows\System32\wininit.exe
596 csrss.exe
636 C:\Windows\System32\services.exe
660 C:\Windows\System32\lsass.exe
668 C:\Windows\System32\lsm.exe
724 C:\Windows\System32\winlogon.exe
820 C:\Windows\System32\svchost.exe
908 C:\Windows\System32\svchost.exe
968 C:\Windows\System32\atiesrxx.exe
116 C:\Windows\System32\svchost.exe
348 C:\Windows\System32\svchost.exe
428 C:\Windows\System32\svchost.exe
360 C:\Program Files\IDT\WDM\stacsv64.exe
1160 C:\Windows\System32\svchost.exe
1208 C:\Windows\System32\hpservice.exe
1220 C:\Windows\System32\atieclxx.exe
1344 C:\Windows\System32\svchost.exe
1584 C:\Windows\System32\spoolsv.exe
1616 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
1624 C:\Windows\System32\taskhost.exe
1676 C:\Windows\System32\dwm.exe
1712 C:\Windows\explorer.exe
1816 C:\Windows\System32\taskeng.exe
1844 C:\Windows\System32\svchost.exe
1980 C:\Windows\System32\svchost.exe
2036 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
1060 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1268 C:\Program Files\IDT\WDM\AESTSr64.exe
1548 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
1752 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1808 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
1896 C:\Windows\System32\conhost.exe
2072 C:\Windows\System32\igfxpers.exe
2204 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2220 C:\Program Files\IDT\WDM\sttray64.exe
2228 C:\Windows\System32\rundll32.exe
2320 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2440 C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
2464 C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
2520 C:\Program Files\Bonjour\mDNSResponder.exe
2576 C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
2636 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2720 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
2836 C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
2972 C:\Windows\SysWOW64\PnkBstrA.exe
3024 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
3040 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
2360 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
2764 C:\Windows\System32\svchost.exe
3120 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
3196 C:\Program Files\Motorola\Bluetooth\obexsrv.exe
3240 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
3380 C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe
3416 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
3448 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
3456 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
3492 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
3520 C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
3588 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3628 C:\Program Files (x86)\iTunes\iTunesHelper.exe
3684 C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
3920 C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
3928 C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
4024 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
4060 WmiPrvSE.exe
4220 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
4296 C:\Windows\System32\SearchIndexer.exe
4664 C:\Program Files\iPod\bin\iPodService.exe
4756 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
5072 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
2296 unsecapp.exe
4820 C:\Program Files\Motorola\Bluetooth\audiosrv.exe
5264 C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
5272 C:\Windows\System32\svchost.exe
5520 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
5628 C:\Program Files\Windows Media Player\wmpnetwk.exe
4176 dllhost.exe
248 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
5792 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
6028 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
1204 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
2476 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
1880 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
3324 WmiPrvSE.exe
5424 C:\Windows\System32\svchost.exe
2096 C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
3076 C:\Program Files (x86)\Internet Explorer\ielowutil.exe
4520 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
5740 C:\Windows\System32\wuauclt.exe
4008 C:\Windows\System32\audiodg.exe
1196 C:\Windows\System32\SearchProtocolHost.exe
4808 C:\Windows\System32\SearchFilterHost.exe
6224 dllhost.exe
5304 dllhost.exe
3904 C:\Users\James\Desktop\MBRCheck(1).exe
6652 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000006f`66300000 (NTFS)
\\.\Q: --> error 5

PhysicalDrive0 Model Number: HitachiHTS545050B9A300, Rev: PB4OCA1G

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: FD83CA4F5C646A65EAA4066E65D7A17B66E88E56


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:


Cheers

lolaplow

Newbie Surfer
Newbie Surfer

Posts : 38
Joined : 2011-06-07
Operating System : windows 7

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by Superdave on Fri 06 Apr 2012, 5:43 am

Please Boot to the System Recovery Options
If you have Windows 7 installation disc, just insert a DVD to the drive, restart computer and it should load automatically (option two presented in the article).
It's possible also that your computer has a pre-installed recovery partition instead - in such a case use a method one (by pressing F8 before Windows starts loading)...
NOTE. If none of the above apply you can create System Repair Disc (link in "Option two") and boot from it.

On the System Recovery Options menu you will get the following options:


  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt


Choose Command Prompt
You should see X:\SOURCES>...

Execute the following commands in bold.
Press Enter after every one of them.

bootrec /fixmbr (<--- there is a "space" after "bootrec")

bootrec /fixboot (<--- there is a "space" after "bootrec")

exit

Restart computer and run MBRCheck again and post the log.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by lolaplow on Fri 06 Apr 2012, 8:35 am

hey,

it worked this time


MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv6 Notebook PC
Logical Drives Mask: 0x0001005c

Kernel Drivers (total 206):
0x02E50000 \SystemRoot\system32\ntoskrnl.exe
0x02E07000 \SystemRoot\system32\hal.dll
0x00BCF000 \SystemRoot\system32\kdcom.dll
0x00C2C000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00C70000 \SystemRoot\system32\PSHED.dll
0x00C84000 \SystemRoot\system32\CLFS.SYS
0x00CE2000 \SystemRoot\system32\CI.dll
0x00E22000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EC6000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00ED5000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00F2C000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00F35000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00F3F000 \SystemRoot\system32\DRIVERS\pci.sys
0x00F72000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00F7F000 \SystemRoot\System32\drivers\partmgr.sys
0x00F94000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00F9D000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00FA9000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00DA2000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FBE000 \SystemRoot\System32\drivers\mountmgr.sys
0x010F0000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x012FA000 \SystemRoot\system32\DRIVERS\atapi.sys
0x01303000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x0132D000 \SystemRoot\system32\DRIVERS\msahci.sys
0x01338000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x01348000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01353000 \SystemRoot\system32\drivers\fltmgr.sys
0x0139F000 \SystemRoot\system32\drivers\fileinfo.sys
0x01449000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01000000 \SystemRoot\System32\Drivers\msrpc.sys
0x01400000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0105E000 \SystemRoot\System32\Drivers\cng.sys
0x0141A000 \SystemRoot\System32\drivers\pcw.sys
0x0142B000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01611000 \SystemRoot\system32\drivers\ndis.sys
0x01703000 \SystemRoot\system32\drivers\NETIO.SYS
0x01763000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01801000 \SystemRoot\System32\drivers\tcpip.sys
0x0178E000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x017D8000 \SystemRoot\system32\DRIVERS\wd.sys
0x013B3000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x017E0000 \SystemRoot\System32\Drivers\spldr.sys
0x01A7E000 \SystemRoot\System32\drivers\rdyboost.sys
0x01AB8000 \SystemRoot\System32\Drivers\mup.sys
0x01ACA000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01AD3000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
0x01ADD000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01B17000 \SystemRoot\system32\DRIVERS\disk.sys
0x01B2D000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x04264000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x0428E000 \SystemRoot\System32\Drivers\Null.SYS
0x04297000 \SystemRoot\System32\Drivers\Beep.SYS
0x0429E000 \SystemRoot\System32\drivers\vga.sys
0x042AC000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x042D1000 \SystemRoot\System32\drivers\watchdog.sys
0x042E1000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x042EA000 \SystemRoot\system32\drivers\rdpencdd.sys
0x042F3000 \SystemRoot\system32\drivers\rdprefmp.sys
0x042FC000 \SystemRoot\System32\Drivers\Msfs.SYS
0x04307000 \SystemRoot\System32\Drivers\Npfs.SYS
0x04318000 \SystemRoot\system32\DRIVERS\tdx.sys
0x04336000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x04343000 \SystemRoot\system32\drivers\afd.sys
0x04000000 \SystemRoot\System32\DRIVERS\netbt.sys
0x043CC000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x043D5000 \SystemRoot\system32\DRIVERS\pacer.sys
0x01B6B000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x01B81000 \SystemRoot\system32\DRIVERS\netbios.sys
0x01B90000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
0x01BD3000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x01A00000 \SystemRoot\system32\DRIVERS\termdd.sys
0x01A14000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x01A65000 \SystemRoot\system32\drivers\nsiproxy.sys
0x01A71000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x01BEE000 \SystemRoot\System32\drivers\discache.sys
0x010D1000 \SystemRoot\System32\Drivers\dfsc.sys
0x017E8000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x00FD8000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x00C00000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x02E54000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x074E1000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x08204000 \SystemRoot\system32\DRIVERS\igdpmd64.sys
0x07BBD000 \SystemRoot\System32\Drivers\fastfat.SYS
0x02E9A000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x07400000 \SystemRoot\System32\drivers\dxgmms1.sys
0x07446000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x08BE1000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x0746A000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x0747B000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x06E9A000 \SystemRoot\system32\DRIVERS\netr28x.sys
0x06F84000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x06E00000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x06E1E000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x06E2D000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x06E80000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x06E82000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x06FE8000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x02F8E000 \SystemRoot\system32\DRIVERS\Impcd.sys
0x08BF2000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
0x06FF5000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x06E91000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x02FB4000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x074D1000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x07BF3000 \SystemRoot\system32\DRIVERS\clwvd.sys
0x02E00000 \SystemRoot\system32\DRIVERS\ks.sys
0x06FFA000 \SystemRoot\system32\drivers\ksthunk.sys
0x02FCA000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x0706C000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x07090000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x0709C000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x070CB000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x070E6000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x07107000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x07121000 \SystemRoot\system32\DRIVERS\VKbms.sys
0x0712C000 \SystemRoot\System32\drivers\mshidkmdf.sys
0x07134000 \SystemRoot\System32\drivers\HIDCLASS.SYS
0x0714D000 \SystemRoot\System32\drivers\HIDPARSE.SYS
0x07156000 \SystemRoot\system32\DRIVERS\swenum.sys
0x07158000 \SystemRoot\system32\DRIVERS\circlass.sys
0x0716A000 \SystemRoot\system32\DRIVERS\umbus.sys
0x0717C000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x071D6000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x071EB000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x07000000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x0700E000 \SystemRoot\system32\drivers\AtiHdmi.sys
0x0942C000 \SystemRoot\system32\drivers\portcls.sys
0x09469000 \SystemRoot\system32\drivers\drmk.sys
0x0948B000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x00030000 \SystemRoot\System32\win32k.sys
0x0950D000 \SystemRoot\System32\drivers\Dxapi.sys
0x09519000 \SystemRoot\system32\DRIVERS\udfs.sys
0x0956E000 \SystemRoot\system32\drivers\danew.sys
0x09571000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x0957F000 \SystemRoot\system32\DRIVERS\monitor.sys
0x09ECC000 \SystemRoot\System32\Drivers\btmusb.sys
0x0A1E2000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x09E00000 \SystemRoot\System32\Drivers\usbvideo.sys
0x09E2E000 \SystemRoot\System32\Drivers\crashdmp.sys
0x04045000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x09E3C000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00440000 \SystemRoot\System32\TSDDD.dll
0x00740000 \SystemRoot\System32\cdd.dll
0x008D0000 \SystemRoot\System32\ATMFD.DLL
0x09E4F000 \SystemRoot\system32\drivers\luafv.sys
0x09E72000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x09E91000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
0x09E9C000 \SystemRoot\system32\drivers\WudfPf.sys
0x0958D000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x095A2000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x09400000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x09413000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x03C65000 \SystemRoot\system32\drivers\HTTP.sys
0x03D2D000 \SystemRoot\system32\DRIVERS\bowser.sys
0x03D4B000 \SystemRoot\System32\drivers\mpsdrv.sys
0x03D63000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x03D90000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x03C00000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0B214000 \SystemRoot\system32\drivers\peauth.sys
0x0B2BA000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0B2C5000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
0x0B37C000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
0x0B3C9000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0B200000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0BC09000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0BC70000 \SystemRoot\System32\DRIVERS\srv.sys
0x0BD05000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
0x77890000 \Windows\System32\ntdll.dll
0x47970000 \Windows\System32\smss.exe
0xFFBB0000 \Windows\System32\apisetschema.dll
0xFF100000 \Windows\System32\autochk.exe
0xFFB00000 \Windows\System32\msvcrt.dll
0xFF8F0000 \Windows\System32\ole32.dll
0xFF8D0000 \Windows\System32\imagehlp.dll
0xFF7C0000 \Windows\System32\msctf.dll
0xFF7B0000 \Windows\System32\lpk.dll
0x77790000 \Windows\System32\user32.dll
0xFF710000 \Windows\System32\clbcatq.dll
0xFF4B0000 \Windows\System32\iertutil.dll
0xFF430000 \Windows\System32\shlwapi.dll
0xFF300000 \Windows\System32\wininet.dll
0x77A60000 \Windows\System32\psapi.dll
0xFE570000 \Windows\System32\shell32.dll
0xFE3F0000 \Windows\System32\urlmon.dll
0x77A50000 \Windows\System32\normaliz.dll
0xFE210000 \Windows\System32\setupapi.dll
0xFE0E0000 \Windows\System32\rpcrt4.dll
0xFE090000 \Windows\System32\ws2_32.dll
0xFDFC0000 \Windows\System32\usp10.dll
0xFDF50000 \Windows\System32\gdi32.dll
0xFDE70000 \Windows\System32\oleaut32.dll
0xFDE40000 \Windows\System32\imm32.dll
0xFDDF0000 \Windows\System32\Wldap32.dll
0xFDD50000 \Windows\System32\comdlg32.dll
0xFDD40000 \Windows\System32\nsi.dll
0xFDCC0000 \Windows\System32\difxapi.dll
0x77670000 \Windows\System32\kernel32.dll
0xFDBE0000 \Windows\System32\advapi32.dll
0xFDBC0000 \Windows\System32\sechost.dll
0xFDB50000 \Windows\System32\KernelBase.dll
0xFDAB0000 \Windows\System32\comctl32.dll
0xFD940000 \Windows\System32\crypt32.dll
0xFD900000 \Windows\System32\wintrust.dll
0xFD8C0000 \Windows\System32\cfgmgr32.dll
0xFD8A0000 \Windows\System32\devobj.dll
0xFD890000 \Windows\System32\msasn1.dll
0x75D20000 \Windows\SysWOW64\normaliz.dll

Processes (total 95):
0 System Idle Process
4 System
312 C:\Windows\System32\smss.exe
440 csrss.exe
624 C:\Windows\System32\wininit.exe
648 csrss.exe
680 C:\Windows\System32\services.exe
704 C:\Windows\System32\lsass.exe
712 C:\Windows\System32\lsm.exe
780 C:\Windows\System32\winlogon.exe
856 C:\Windows\System32\svchost.exe
944 C:\Windows\System32\svchost.exe
1004 C:\Windows\System32\atiesrxx.exe
372 C:\Windows\System32\svchost.exe
488 C:\Windows\System32\svchost.exe
528 C:\Windows\System32\svchost.exe
632 C:\Program Files\IDT\WDM\stacsv64.exe
1080 C:\Windows\System32\audiodg.exe
1140 C:\Windows\System32\svchost.exe
1188 C:\Windows\System32\hpservice.exe
1248 C:\Windows\System32\svchost.exe
1304 C:\Windows\System32\atieclxx.exe
1480 C:\Windows\System32\spoolsv.exe
1508 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
1588 C:\Windows\System32\taskhost.exe
1700 C:\Windows\System32\dwm.exe
1724 C:\Windows\explorer.exe
1912 C:\Windows\System32\taskeng.exe
1956 C:\Windows\System32\svchost.exe
1208 C:\Windows\System32\svchost.exe
1716 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
1800 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1976 C:\Program Files\IDT\WDM\AESTSr64.exe
1828 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
2088 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2104 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
2112 C:\Windows\System32\conhost.exe
2176 C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
2208 C:\Program Files\Bonjour\mDNSResponder.exe
2392 C:\Windows\System32\igfxpers.exe
2424 C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
2448 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2484 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2516 C:\Program Files\IDT\WDM\sttray64.exe
2528 C:\Windows\System32\rundll32.exe
2640 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
2796 C:\Windows\System32\GfxUI.exe
2824 C:\Windows\SysWOW64\PnkBstrA.exe
2848 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
1060 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
2792 C:\Windows\System32\svchost.exe
2780 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2372 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2344 C:\Program Files\Motorola\Bluetooth\obexsrv.exe
3104 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
3120 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
3148 C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
3156 C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
3480 WmiPrvSE.exe
3552 C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
3688 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
3780 C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe
3796 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
3804 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
3816 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
3836 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
3920 C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
3944 WmiPrvSE.exe
4016 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
4056 C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
1992 C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
3856 C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
4116 C:\Windows\System32\SearchIndexer.exe
4132 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
4336 C:\Program Files (x86)\iTunes\iTunesHelper.exe
4680 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
4896 C:\Program Files\Windows Media Player\wmpnetwk.exe
5004 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3248 unsecapp.exe
380 C:\Windows\System32\SearchProtocolHost.exe
4988 C:\Windows\System32\SearchFilterHost.exe
5168 C:\Program Files\iPod\bin\iPodService.exe
5248 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
5308 C:\Program Files\Motorola\Bluetooth\audiosrv.exe
5464 C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
5744 C:\Windows\System32\svchost.exe
6096 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2684 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
5324 dllhost.exe
5572 C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
4664 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
3604 dllhost.exe
4032 dllhost.exe
6072 C:\Users\James\Desktop\MBRCheck.exe
3340 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000006f`66300000 (NTFS)
\\.\Q: --> error 5

PhysicalDrive0 Model Number: HitachiHTS545050B9A300, Rev: PB4OCA1G

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!


thanks

lolaplow

Newbie Surfer
Newbie Surfer

Posts : 38
Joined : 2011-06-07
Operating System : windows 7

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by Superdave on Sat 07 Apr 2012, 10:29 am

SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download SuperAntispyware Free Edition (SAS)
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
*********************************************
Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
*************************************************
Download Combofix from any of the links below, and save it to your DESKTOP.

Link 1
Link 2
Link 3

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click ComboFix.exe to run it.

    You will see the following image:



Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by lolaplow on Sun 08 Apr 2012, 11:06 am

hey,
heres the SUPERAntiSpyware log,
SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 04/08/2012 at 10:07 AM

Application Version : 5.0.1146

Core Rules Database Version : 8424
Trace Rules Database Version: 6236

Scan type : Complete Scan
Total Scan Time : 01:27:10

Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC On - Limited User

Memory items scanned : 771
Memory threats detected : 0
Registry items scanned : 66340
Registry threats detected : 0
File items scanned : 183685
File threats detected : 426

Adware.Tracking Cookie
C:\Users\James\AppData\Roaming\Microsoft\Windows\Cookies\james@atdmt[2].txt [ /atdmt ]
C:\Users\James\AppData\Roaming\Microsoft\Windows\Cookies\james@bs.serving-sys[2].txt [ /bs.serving-sys ]
C:\Users\James\AppData\Roaming\Microsoft\Windows\Cookies\james@doubleclick[1].txt [ /doubleclick ]
C:\Users\James\AppData\Roaming\Microsoft\Windows\Cookies\james@imrworldwide[1].txt [ /imrworldwide ]
C:\Users\James\AppData\Roaming\Microsoft\Windows\Cookies\james@microsoftwllivemkt.112.2o7[1].txt [ /microsoftwllivemkt.112.2o7 ]
C:\Users\James\AppData\Roaming\Microsoft\Windows\Cookies\james@microsoftxbox.112.2o7[1].txt [ /microsoftxbox.112.2o7 ]
C:\Users\James\AppData\Roaming\Microsoft\Windows\Cookies\james@msnportal.112.2o7[1].txt [ /msnportal.112.2o7 ]
C:\Users\James\AppData\Roaming\Microsoft\Windows\Cookies\james@serving-sys[1].txt [ /serving-sys ]
C:\USERS\JAMES\AppData\Roaming\Microsoft\Windows\Cookies\Low\james@[You must be registered and logged in to see this link.] [ Cookie:james@[You must be registered and logged in to see this link.] ]
C:\USERS\JAMES\AppData\Roaming\Microsoft\Windows\Cookies\Low\james@c.atdmt[2].txt [ Cookie:james@c.atdmt.com/ ]
C:\USERS\JAMES\AppData\Roaming\Microsoft\Windows\Cookies\Low\james@chitika[1].txt [ Cookie:james@chitika.net/ ]
C:\USERS\JAMES\AppData\Roaming\Microsoft\Windows\Cookies\Low\james@emediatrack[1].txt [ Cookie:james@emediatrack.com/ ]
C:\USERS\JAMES\AppData\Roaming\Microsoft\Windows\Cookies\Low\james@doubleclick[2].txt [ Cookie:james@doubleclick.net/ ]
C:\USERS\JAMES\AppData\Roaming\Microsoft\Windows\Cookies\Low\james@statcounter[1].txt [ Cookie:james@statcounter.com/ ]
C:\USERS\JAMES\AppData\Roaming\Microsoft\Windows\Cookies\Low\james@invitemedia[1].txt [ Cookie:james@invitemedia.com/ ]
C:\USERS\JAMES\AppData\Roaming\Microsoft\Windows\Cookies\Low\james@[You must be registered and logged in to see this link.] [ Cookie:james@[You must be registered and logged in to see this link.] ]
C:\USERS\JAMES\AppData\Roaming\Microsoft\Windows\Cookies\Low\james@collective-media[2].txt [ Cookie:james@collective-media.net/ ]
C:\USERS\JAMES\AppData\Roaming\Microsoft\Windows\Cookies\Low\james@[You must be registered and logged in to see this link.] [ Cookie:james@[You must be registered and logged in to see this link.] ]
C:\USERS\JAMES\AppData\Roaming\Microsoft\Windows\Cookies\Low\james@imrworldwide[1].txt [ Cookie:james@imrworldwide.com/cgi-bin ]
C:\USERS\JAMES\AppData\Roaming\Microsoft\Windows\Cookies\Low\james@finda.co[1].txt [ Cookie:james@finda.co.nz/ ]
C:\USERS\JAMES\AppData\Roaming\Microsoft\Windows\Cookies\Low\james@atdmt[2].txt [ Cookie:james@atdmt.com/ ]
C:\USERS\JAMES\Cookies\james@doubleclick[1].txt [ Cookie:james@doubleclick.net/ ]
C:\USERS\JAMES\Cookies\james@serving-sys[1].txt [ Cookie:james@serving-sys.com/ ]
C:\USERS\JAMES\Cookies\james@msnportal.112.2o7[1].txt [ Cookie:james@msnportal.112.2o7.net/ ]
C:\USERS\JAMES\Cookies\james@bs.serving-sys[2].txt [ Cookie:james@bs.serving-sys.com/ ]
C:\USERS\JAMES\Cookies\james@microsoftxbox.112.2o7[1].txt [ Cookie:james@microsoftxbox.112.2o7.net/ ]
C:\USERS\JAMES\Cookies\james@imrworldwide[1].txt [ Cookie:james@imrworldwide.com/cgi-bin ]
C:\USERS\JAMES\Cookies\james@microsoftwllivemkt.112.2o7[1].txt [ Cookie:james@microsoftwllivemkt.112.2o7.net/ ]
C:\USERS\JAMES\Cookies\james@atdmt[2].txt [ Cookie:james@atdmt.com/ ]
a.ads2.msads.net [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
ads2.msads.net [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
aws-cdn.hottopicmedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
b.ads2.msads.net [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
cdn.complexmedianetwork.com [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
cdn.valuedinteractivemedia.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
ia.media-imdb.com [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
insight.randomhouse.com [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
media.asb.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
media.heavy.com [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
media.kyte.tv [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
media.mtvnservices.com [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
media1.shufuni.com [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
objects.tremormedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
secure-nz.imrworldwide.com [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
secure-us.imrworldwide.com [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
serving-sys.com [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
static.mediaworks.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
[You must be registered and logged in to see this link.] [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
[You must be registered and logged in to see this link.] [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
wwwstatic.megaporn.com [ C:\USERS\JAMES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M2FB7WR2 ]
C:\USERS\JAMES\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JAMES@[You must be registered and logged in to see this link.] [ /WWW.GOOGLEADSERVICES ]
C:\USERS\JAMES\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JAMES@[You must be registered and logged in to see this link.] [ /WWW.GOOGLEADSERVICES ]
.imrworldwide.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.msnportal.112.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.247realmedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.pubads.g.doubleclick.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.n4061ad.jp.doubleclick.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2mdn.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ad.nz.doubleclick.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.animetoplist.org [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
optimize.indieclick.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ad.doubleclick.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.animetoplist.org [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.animetoplist.org [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ipcmedia.122.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
s09.flagcounter.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.hentaitoplist.org [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.animetoplist.org [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.animetoplist.org [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
click.buzzcity.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adult-empire.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adult-empire.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.go.buy.xxx [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.go.buy.xxx [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.pincoporno.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.pincoporno.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ads2.zeusclicks.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ads.zeusclicks.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.indieclick.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
optimize.indieclick.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.scene-porn.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.scene-porn.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.xm.xtendmedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
my.enveromedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.clickaider.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.enoratraffic.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ox-d.enveromedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.mfeed.newzfind.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.mfeed.newzfind.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.sexyshare.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.sexyshare.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.girlsteachsex.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
openx.sexsearchcom.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
us.sitestat.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
us.sitestat.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.pornhub.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ads.crakmedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.pornerbros.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.pornerbros.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.syndication.traffichaus.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.syndication.traffichaus.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ads.pornerbros.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
stat.ed.cupidplc.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adxpansion.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.asianpornmovies.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.asianpornmovies.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ads.asianpornmovies.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
clicktrace.info [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.clicktrace.info [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.clicktrace.info [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.view.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.columbussearchd.122.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.magnetic-advertising.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.magnetic-advertising.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.findsomeone.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.findsomeone.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.findsomeone.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.findsomeone.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.findsomeone.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.findsomeone.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.findsomeone.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.findsomeone.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ad-apac.doubleclick.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.e-2dj6whlyandjgap.stats.esomniture.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.nissanjp.112.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.intporn.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.intporn.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.martiniadnetwork.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.martiniadnetwork.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.martiniadnetwork.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.sexad.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.finda.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjmigncpaeo.stats.esomniture.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
stats.matraxis.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
stats.matraxis.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.acronymfinder.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.putmanmedia.122.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.vodafonenz.122.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.finda.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.finda.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
[You must be registered and logged in to see this link.] [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.eventfinder.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.eventfinder.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ads.eventfinder.co.nz [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
scp.sitetracker.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
scp.sitetracker.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
network.alluremedia.com.au [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.kaspersky.122.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.account.norton.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.account.norton.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.eset.122.2o7.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
s05.flagcounter.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\JAMES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N1TJTOG7.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-FraudKrypt
C:\PROGRAM FILES (X86)\UBISOFT\UBISOFT GAME LAUNCHER\SKIDROW.EXE





Malwarebytes log
Malwarebytes Anti-Malware 1.60.1.1000
[You must be registered and logged in to see this link.]

Database version: v2012.04.07.11

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
James :: JAMES-HP [administrator]

8/04/2012 10:37:26 a.m.
mbam-log-2012-04-08 (10-37-26).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 386434
Time elapsed: 51 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files (x86)\All games\Games ISO\Call of Duty\crack\rzr-cod4.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.

(end)





lolaplow

Newbie Surfer
Newbie Surfer

Posts : 38
Joined : 2011-06-07
Operating System : windows 7

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by lolaplow on Sun 08 Apr 2012, 11:07 am

combofix,log

ComboFix 12-04-06.03 - James 08/04/2012 11:53:04.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.64.1033.18.3894.2455 [GMT 12:00]
Running from: c:\users\James\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Update
.
.
((((((((((((((((((((((((( Files Created from 2012-03-07 to 2012-04-07 )))))))))))))))))))))))))))))))
.
.
2012-04-07 23:58 . 2012-04-07 23:58 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-04-07 23:58 . 2012-04-07 23:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-07 06:19 . 2012-04-07 06:19 -------- d-----w- c:\users\James\AppData\Roaming\SUPERAntiSpyware.com
2012-04-07 06:18 . 2012-04-07 06:19 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-04-07 06:18 . 2012-04-07 06:18 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-03-23 13:45 . 2012-03-19 14:51 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C9C83AD4-958A-4612-89D5-EE1A36F30722}\mpengine.dll
2012-03-21 07:39 . 2012-03-21 07:39 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-21 07:39 . 2012-03-21 07:39 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-25 09:03 . 2010-07-26 23:43 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-22 20:18 . 2011-02-26 19:37 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-19 07:59 . 2011-06-18 03:14 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((( SnapShot_2011-06-22_02.29.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-27 02:45 . 2010-04-27 02:45 72856 c:\windows\SysWOW64\xliveinstallhost.exe
+ 2011-08-30 10:05 . 2011-08-30 10:05 50536 c:\windows\SysWOW64\jdns_sd.dll
+ 2011-08-30 10:05 . 2011-08-30 10:05 73064 c:\windows\SysWOW64\dnssd.dll
+ 2011-08-30 10:05 . 2011-08-30 10:05 83816 c:\windows\SysWOW64\dns-sd.exe
- 2011-06-21 20:41 . 2011-06-21 20:41 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2012-04-07 23:33 . 2012-04-07 23:33 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2009-07-14 04:54 . 2012-04-07 23:34 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-06-22 01:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-04-07 23:34 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-22 01:14 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-07 23:34 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-22 01:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-26 21:25 . 2012-04-07 23:35 63298 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-04-07 23:35 44248 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-12-25 13:33 . 2012-04-07 23:35 12460 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4024759652-3840768782-4020672648-1001_UserData.bin
+ 2011-08-30 10:05 . 2011-08-30 10:05 61288 c:\windows\system32\jdns_sd.dll
+ 2012-03-03 04:02 . 2009-05-18 00:17 34152 c:\windows\system32\DRVSTORE\GEARAspiWD_B60A2DA9F47E0A7F3329B57AA751F1789961A8BE\x64\GEARAspiWDM.sys
- 2009-07-14 05:30 . 2011-05-20 23:18 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2012-03-03 04:06 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-08-02 04:38 . 2011-08-02 04:38 51712 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_f9d62789100b9e9b\usbaapl64.sys
+ 2011-08-02 04:38 . 2011-08-02 04:38 22528 c:\windows\system32\DriverStore\FileRepository\netaapl64.inf_amd64_neutral_dc2cbd989eec1514\netaapl64.sys
+ 2011-08-02 04:38 . 2011-08-02 04:38 51712 c:\windows\system32\drivers\usbaapl64.sys
+ 2011-06-08 03:17 . 2011-12-10 03:24 23152 c:\windows\system32\drivers\mbam.sys
+ 2012-03-03 04:02 . 2009-05-18 00:17 34152 c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2011-03-26 09:00 . 2011-07-04 05:15 88288 c:\windows\system32\drivers\avgntflt.sys
+ 2011-08-30 10:05 . 2011-08-30 10:05 85864 c:\windows\system32\dnssd.dll
+ 2011-08-30 10:05 . 2011-08-30 10:05 96104 c:\windows\system32\dns-sd.exe
- 2010-12-26 08:21 . 2011-06-18 00:44 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-26 08:21 . 2012-04-05 23:52 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-26 08:21 . 2012-04-05 23:52 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-26 08:21 . 2011-06-18 00:44 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-05 23:52 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-18 00:44 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-26 01:34 . 2011-06-22 01:14 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-26 01:34 . 2012-04-07 23:35 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2012-03-15 05:13 80504 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-12-26 01:34 . 2012-04-07 23:35 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-26 01:34 . 2011-06-22 01:14 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-12-26 01:34 . 2012-04-07 23:35 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-26 01:34 . 2011-06-22 01:14 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-25 13:36 . 2011-06-22 02:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-25 13:36 . 2012-04-07 23:35 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-25 13:36 . 2012-04-07 23:35 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-25 13:36 . 2011-06-22 02:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-24 11:02 . 2011-06-24 11:02 83136 c:\windows\Installer\{F97E3841-CA9D-4964-9D64-26066241D26F}\GameForWindowsLiveDash.exe
+ 2011-07-21 11:31 . 2011-07-21 11:31 15086 c:\windows\Installer\{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}\game.exe
+ 2010-07-26 23:33 . 2011-07-09 01:44 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-07-26 23:33 . 2010-07-26 23:33 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2012-02-23 02:00 . 2012-02-23 02:00 27136 c:\windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
+ 2011-01-14 07:49 . 2011-11-21 20:20 50690 c:\windows\DIIUnin.dat
- 2011-06-10 06:55 . 2011-06-10 06:55 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-01-16 22:45 . 2012-02-23 01:03 3936 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2011-06-22 01:13 . 2011-06-22 01:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-07 23:33 . 2012-04-07 23:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-07 23:33 . 2012-04-07 23:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-06-22 01:13 . 2011-06-22 01:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-04-27 02:45 . 2010-04-27 02:45 187544 c:\windows\SysWOW64\xliveinstall.dll
+ 2010-04-02 05:17 . 2010-04-02 05:17 140952 c:\windows\SysWOW64\xlive\sqmapi.dll
+ 2012-02-19 07:59 . 2012-02-19 07:59 250016 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11f_Plugin.exe
+ 2011-12-02 22:55 . 2011-12-02 22:55 247968 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11e_Plugin.exe
- 2011-06-11 15:49 . 2011-06-11 15:49 157472 c:\windows\SysWOW64\javaws.exe
+ 2012-02-25 09:03 . 2012-02-25 09:03 157472 c:\windows\SysWOW64\javaws.exe
+ 2012-02-25 09:03 . 2012-02-25 09:03 149280 c:\windows\SysWOW64\javaw.exe
+ 2012-02-25 09:03 . 2012-02-25 09:03 149280 c:\windows\SysWOW64\java.exe
+ 2012-03-03 04:02 . 2008-04-16 23:12 107368 c:\windows\SysWOW64\GEARAspi.dll
+ 2011-08-30 10:05 . 2011-08-30 10:05 178536 c:\windows\SysWOW64\dnssdX.dll
+ 2010-12-28 04:53 . 2012-01-07 04:45 155980 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-12-27 07:02 . 2012-03-31 07:07 274726 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36 . 2011-06-21 06:40 637672 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-04-04 04:08 637672 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-06-21 06:40 114824 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-04-04 04:08 114824 c:\windows\system32\perfc009.dat
+ 2011-12-02 22:55 . 2012-02-19 07:59 465056 c:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_Plugin.exe
+ 2012-03-03 04:02 . 2008-04-16 23:12 126312 c:\windows\system32\GEARAspi64.dll
+ 2012-03-03 04:02 . 2008-04-16 23:12 126312 c:\windows\system32\DRVSTORE\GEARAspiWD_B60A2DA9F47E0A7F3329B57AA751F1789961A8BE\x64\GEARAspi64.dll
+ 2012-03-03 04:02 . 2008-04-16 23:12 107368 c:\windows\system32\DRVSTORE\GEARAspiWD_B60A2DA9F47E0A7F3329B57AA751F1789961A8BE\x64\GEARAspi.dll
- 2009-07-14 05:30 . 2011-05-20 23:18 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-03-03 04:06 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-03-03 04:01 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2011-05-20 23:14 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-03-26 09:00 . 2011-07-04 05:15 123784 c:\windows\system32\drivers\avipbb.sys
+ 2011-08-30 10:05 . 2011-08-30 10:05 212840 c:\windows\system32\dnssdX.dll
+ 2009-07-14 05:01 . 2012-04-07 23:33 405928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-06-21 20:41 405928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-08-04 11:49 . 2011-12-02 22:57 405928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4024759652-3840768782-4020672648-1001-12288.dat
+ 2011-05-17 21:42 . 2011-05-17 21:42 897024 c:\windows\Installer\778933.msi
+ 2012-03-27 05:14 . 2012-03-27 05:14 584192 c:\windows\Installer\11ba510.msi
+ 2012-02-25 09:03 . 2012-02-25 09:03 207360 c:\windows\Installer\108d735.msi
+ 2012-03-03 04:03 . 2012-03-03 04:03 380928 c:\windows\Installer\{5E11C972-1E76-45FE-8F92-14E0D1140B1B}\iTunesIco.exe
+ 2007-02-22 10:41 . 2007-02-22 10:41 304544 c:\windows\Downloaded Program Files\MessengerStatsPAClient.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2007-08-27 03:41 . 2007-08-27 03:41 1089440 c:\windows\SysWOW64\msidcrl40.dll
+ 2011-02-13 08:23 . 2012-02-19 07:59 8527008 c:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
+ 2011-08-02 04:38 . 2011-08-02 04:38 4517664 c:\windows\system32\usbaaplrc.dll
+ 2011-08-02 04:38 . 2011-08-02 04:38 4517664 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_f9d62789100b9e9b\usbaaplrc.dll
+ 2011-08-02 04:38 . 2011-08-02 04:38 1721576 c:\windows\system32\DriverStore\FileRepository\netaapl64.inf_amd64_neutral_dc2cbd989eec1514\wdfcoinstaller01009.dll
- 2009-07-14 04:45 . 2011-06-18 00:46 3777877 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-03-03 04:06 3777877 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2010-09-16 09:37 . 2012-04-07 22:11 1859736 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-11-14 07:12 . 2011-11-14 07:12 2682368 c:\windows\Installer\dee1a.msi
+ 2010-05-14 00:23 . 2010-05-14 00:23 5448704 c:\windows\Installer\77892b.msi
+ 2011-09-26 15:42 . 2011-09-26 15:42 2323456 c:\windows\Installer\1ffb65.msi
- 2011-06-10 06:55 . 2011-06-10 06:55 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-07-22 13:00 . 2011-07-22 13:00 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-06-10 06:55 . 2011-06-10 06:55 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-04-02 05:17 . 2010-04-02 05:17 13642904 c:\windows\SysWOW64\xlivefnt.dll
+ 2010-04-02 05:17 . 2010-04-02 05:17 15426200 c:\windows\SysWOW64\xlive.dll
+ 2009-07-14 02:34 . 2012-04-07 23:47 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2011-06-22 01:27 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2011-12-02 22:55 . 2012-02-19 07:59 11350688 c:\windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
+ 2010-12-26 02:39 . 2012-04-07 23:33 33801031 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4024759652-3840768782-4020672648-1001-8192.dat
+ 2012-01-18 05:49 . 2012-01-18 05:49 44700672 c:\windows\Installer\dee25.msi
+ 2011-11-14 07:09 . 2011-11-14 07:09 11081728 c:\windows\Installer\dee21.msi
+ 2011-11-29 03:38 . 2011-11-29 03:38 20304896 c:\windows\Installer\dedfe.msi
+ 2010-04-15 02:44 . 2010-04-15 02:44 22104064 c:\windows\Installer\778924.msi
+ 2011-07-09 01:44 . 2011-07-09 01:44 20333056 c:\windows\Installer\59a85.msp
+ 2012-02-25 09:02 . 2012-02-25 09:02 12938752 c:\windows\Installer\108d723.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-10 1712184]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-06-16 2736128]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-22 98304]
"Bing Bar"="c:\program files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe" [2010-04-14 243544]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-12 288088]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-06-30 602168]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-04 281768]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"DeathAdder"="c:\program files (x86)\Razer\DeathAdder\razerhid.exe" [2011-02-19 248320]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
.
c:\users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [x]
R3 CYUSB;Cypress Generic USB Driver;c:\windows\system32\Drivers\CYUSB.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-01 136360]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-27 821664]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-06-30 27192]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-01 2533400]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x]
S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [x]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-16 1028096]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S3 VKbms;Virtual HID Minidriver;c:\windows\system32\DRIVERS\VKbms.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-06-16 20:38 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-27 c:\windows\Tasks\HPCeeScheduleForJames.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-22 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-22 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-22 414744]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-18 487424]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-06-10 24783624]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-20 611896]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
.
------- Supplementary Scan -------
.
uStart Page = my.daemon-search.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\James\AppData\Roaming\Mozilla\Firefox\Profiles\n1tjtog7.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-RGSC - c:\program files (x86)\All games\gta4\Rockstar Games Social Club\RGSCLauncher.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4024759652-3840768782-4020672648-1001\Software\SecuROM\License information*]
"datasecu"=hex:28,1d,7d,d0,4f,e7,19,81,2a,35,aa,3f,ff,4f,03,c5,56,22,e3,f0,45,
d6,e5,84,98,ba,7f,f5,cd,c9,ae,70,1b,c5,d3,d6,02,95,fa,0c,e6,b7,73,12,11,37,\
"rkeysecu"=hex:50,8f,4c,17,63,68,cf,a5,b4,c6,00,73,69,8b,49,0f
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-04-08 12:00:55
ComboFix-quarantined-files.txt 2012-04-08 00:00
ComboFix2.txt 2011-06-22 02:31
ComboFix3.txt 2011-06-09 07:50
ComboFix4.txt 2011-06-09 07:27
.
Pre-Run: 78,806,171,648 bytes free
Post-Run: 78,722,199,552 bytes free
.
- - End Of File - - 84F0C7BF07E01E79CEE1AF2F34A4BFAC


thnx

lolaplow

Newbie Surfer
Newbie Surfer

Posts : 38
Joined : 2011-06-07
Operating System : windows 7

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by Superdave on Sun 08 Apr 2012, 12:19 pm

Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
**********************************************************
Please download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it



Click the "Scan" button to start scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives



On completion of the scan click save log, save it to your desktop and post in your next reply.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by lolaplow on Sun 08 Apr 2012, 12:54 pm

hello,
Security Check
Results of screen317's Security Check version 0.99.32
Windows 7 x64
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Avira AntiVir Personal - Free Antivirus
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:

Java(TM) 6 Update 31
Adobe Reader X 10.1.0 Adobe Reader out of Date!
Mozilla Firefox (11.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Avira Antivir avgnt.exe
Avira Antivir avguard.exe
``````````End of Log````````````


aswMBR log

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-08 13:50:59
-----------------------------
13:50:59.626 OS Version: Windows x64 6.1.7600
13:50:59.626 Number of processors: 4 586 0x2505
13:50:59.627 ComputerName: JAMES-HP UserName: James
13:51:02.052 Initialize success
13:51:32.762 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:51:32.766 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
13:51:32.797 Disk 0 MBR read successfully
13:51:32.801 Disk 0 MBR scan
13:51:32.805 Disk 0 Windows 7 default MBR code
13:51:32.818 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
13:51:32.836 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 456091 MB offset 409600
13:51:32.866 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 20545 MB offset 934483968
13:51:32.890 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
13:51:32.920 Disk 0 scanning C:\Windows\system32\drivers
13:51:41.498 Service scanning
13:52:02.887 Modules scanning
13:52:02.901 Disk 0 trace - called modules:
13:52:02.932 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
13:52:02.942 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005256060]
13:52:02.951 3 CLASSPNP.SYS[fffff88001b2043f] -> nt!IofCallDriver -> [0xfffffa80050f1b10]
13:52:02.959 5 hpdskflt.sys[fffff88001ac7289] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004fa4050]
13:52:02.971 Scan finished successfully
13:52:22.164 Disk 0 MBR has been saved successfully to "C:\Users\James\Desktop\MBR.dat"
13:52:22.169 The log file has been saved successfully to "C:\Users\James\Desktop\aswMBR log new.txt"


cheers

lolaplow

Newbie Surfer
Newbie Surfer

Posts : 38
Joined : 2011-06-07
Operating System : windows 7

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by Superdave on Mon 09 Apr 2012, 5:23 am

You should upgrade to Internet Explorer 9.

Please download Rooter and Save it to your desktop.

  • Double click it to start the tool.Vista and Windows7 run as administrator.
  • Click Scan.
  • Eventually, a Notepad file containing the report will open, also found at C:\Rooter.txt. Post that log in your next reply.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by lolaplow on Mon 09 Apr 2012, 9:24 am

hey i ve edited this post, just realised i didnt run as admin

heres the new log

Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows 7 Home Edition (6.1.7600)
[32_bits] - Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Enabled
Windows Defender -> Enabled
.
Internet Explorer 9.0.8112.16421
Mozilla Firefox 11.0 (en-GB)
.
C:\ [Fixed-NTFS] .. ( Total:445 Go - Free:73 Go )
D:\ [Fixed-NTFS] .. ( Total:20 Go - Free:2 Go )
E:\ [CD_Rom]
G:\ [CD_Rom]
Q:\ [Fixed-NTFS] .. ( Total:0 Go - Free:0 Go )
.
Scan : 11:58.41
Path : C:\Users\James\Desktop\Rooter.exe
User : James ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ ????????? (312)
______ ????????? (444)
______ ????????? (580)
______ ????????? (600)
______ ????????? (632)
______ ????????? (688)
______ ????????? (708)
______ ????????? (716)
______ ????????? (812)
______ ????????? (900)
______ ????????? (944)
______ ????????? (120)
______ ????????? (348)
______ ????????? (472)
______ ????????? (344)
Locked audiodg.exe (1044)
______ ????????? (1156)
______ ????????? (1196)
______ ????????? (1216)
______ ????????? (1288)
______ ????????? (1524)
______ ????????? (1544)
______ ????????? (1656)
______ C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (1684)
______ ????????? (1696)
______ ????????? (1768)
______ ????????? (1800)
______ ????????? (1924)
______ ????????? (1984)
______ C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (2004)
______ C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (2028)
______ ????????? (440)
______ C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (1280)
______ C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1508)
______ ????????? (2100)
______ ????????? (2128)
______ ????????? (2212)
______ ????????? (2220)
______ ????????? (2264)
______ ????????? (2292)
______ ????????? (2300)
______ ????????? (2308)
______ C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (2396)
______ C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (2420)
______ C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (2448)
______ ????????? (2492)
______ C:\Windows\SysWOW64\PnkBstrA.exe (2520)
______ C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2696)
______ C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (1112)
______ ????????? (1104)
______ ????????? (1416)
______ C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (2508)
______ ????????? (2316)
______ C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (2500)
______ C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (3088)
______ ????????? (3304)
______ C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe (3336)
______ C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe (3732)
______ C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (3764)
______ C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (3780)
______ C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (3792)
______ C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe (3852)
______ C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (3864)
______ C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (3936)
______ C:\Program Files (x86)\iTunes\iTunesHelper.exe (3944)
______ C:\Program Files (x86)\Razer\DeathAdder\razertra.exe (3708)
______ C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe (4064)
______ C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe (3872)
______ ????????? (4324)
______ C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (4464)
______ C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (4528)
______ ????????? (4584)
______ ????????? (4760)
______ ????????? (1224)
______ ????????? (5188)
______ ????????? (5268)
______ ????????? (5440)
______ ????????? (5540)
______ C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe (5692)
______ ????????? (5824)
______ C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (6048)
______ ????????? (5340)
______ ????????? (1412)
______ ????????? (4952)
______ ????????? (4940)
______ ????????? (3080)
______ ????????? (5148)
______ ????????? (4936)
______ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (1264)
______ ????????? (2780)
______ ????????? (5464)
______ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (4368)
______ ????????? (5348)
______ ????????? (480)
______ C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (912)
______ C:\Program Files (x86)\Mozilla Firefox\firefox.exe (3144)
______ C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (3428)
______ ????????? (6444)
______ ????????? (7040)
______ C:\Users\James\Desktop\Rooter.exe (5364)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:1048576 | Length:208666624)
\Device\Harddisk0\Partition2 (Start_Offset:209715200 | Length:478246076416)
\Device\Harddisk0\Partition3 (Start_Offset:478455791616 | Length:21542993920)
\Device\Harddisk0\Partition4 (Start_Offset:499998785536 | Length:108027904)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\HPCeeScheduleForJames.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 11:58.48
.
C:\Rooter$\Rooter_2.txt - (09/04/2012 | 11:58.48)


cheers

lolaplow

Newbie Surfer
Newbie Surfer

Posts : 38
Joined : 2011-06-07
Operating System : windows 7

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by Superdave on Tue 10 Apr 2012, 5:46 am

Please give me an update on how your computer is running now?

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the icon on your desktop.

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by lolaplow on Tue 10 Apr 2012, 7:30 pm

hey this scan took a while, well, the box with "The profile could not be found." doesnt pop up anymore. I seems 2 be running fine, but when i open firefox for the 1st time when i turn my computer on it doesnt respond sometimes. This has been like this for a while now, its proably cause i dont w8 for my laptop to fully load 1st. other than that no other problems ive encountered.

heres the exported text file

C:\Program Files (x86)\All games\Games ISO\sr-acii.iso a variant of Win32/Packed.VMProtect.AAA trojan deleted - quarantined


and the log file

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=53251
esets_scanner_update returned -1 esets_gle=53251
esets_scanner_update returned -1 esets_gle=0
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=15a3d3424159584aaf693741660aa993
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-10 03:06:12
# local_time=2012-04-10 03:06:12 (+1200, New Zealand Standard Time)
# country="New Zealand"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1797 16775165 100 94 0 70598987 129831 0
# compatibility_mode=5893 16776574 100 94 347549 85656288 0 0
# compatibility_mode=8192 67108863 100 0 25513458 25513458 0 0
# scanned=8143
# found=0
# cleaned=0
# scan_time=4334
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=15a3d3424159584aaf693741660aa993
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-10 08:21:21
# local_time=2012-04-10 08:21:21 (+1200, New Zealand Standard Time)
# country="New Zealand"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1797 16775165 100 94 0 70603847 134691 0
# compatibility_mode=5893 16776574 100 94 352409 85661148 0 0
# compatibility_mode=8192 67108863 100 0 25518318 25518318 0 0
# scanned=189712
# found=1
# cleaned=1
# scan_time=18383
C:\Program Files (x86)\All games\Games ISO\sr-acii.iso a variant of Win32/Packed.VMProtect.AAA trojan (deleted - quarantined) 00000000000000000000000000000000 C


cheers

lolaplow

Newbie Surfer
Newbie Surfer

Posts : 38
Joined : 2011-06-07
Operating System : windows 7

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by Superdave on Wed 11 Apr 2012, 5:04 am

but when i open firefox for the 1st time when i turn my computer on it doesnt respond sometimes.
You could try uninstall and re-installing FF.
Let's do some cleanup


To uninstall ComboFix


  • Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  • In the field, type in ComboFix /uninstall




(Note: Make sure there's a space between the word ComboFix and the forward-slash.)


  • Then, press Enter, or click OK.
  • This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.

*************************************************
To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

  • Click the CleanUp button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
************************************************
Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
*************************************************
Looking over your log it seems you don't have any evidence of a third party firewall.

Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.

Remember only install ONE firewall

1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)
2) Online Armor
3) Agnitum Outpost
4) PC Tools Firewall Plus

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.
*******************************************************
Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by lolaplow on Wed 11 Apr 2012, 10:11 am

Cool, Thank you for spending some time helping me check my laptop, Dave. Appreciate it.

(this has been solved.)

lolaplow

Newbie Surfer
Newbie Surfer

Posts : 38
Joined : 2011-06-07
Operating System : windows 7

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by Superdave on Thu 12 Apr 2012, 6:08 am

lolaplow wrote:Cool, Thank you for spending some time helping me check my laptop, Dave. Appreciate it.

(this has been solved.)

You're welcome. Safe Surfing!

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: exp/java.niabil.gen

Post by Sponsored content Today at 5:55 pm


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum