Computer Hope
Software => Computer viruses and spyware => Topic started by: kile32 on April 10, 2012, 12:06:06 AM
-
Have experienced alot of issues lately with slow speed. It started about a week after I downloaded Norton Utilities 15. Already have Norton Security Suite which I believe came with Comcast, my ISP. I couldn't even attach my scan log from superantispyware. Everytime I scrolled down to select the file from the desktop file, my internet would suddenly lose connection. So I had to paste it below.
Things that started happening ranged from my CTL+ALT+DEL function stopped working. It went to a black screen and then I received an error message.
Everytime I tried to do a re-boot, the computer wound up with a black screen and would not turn off so I had to turn off at the CPU.
Sometimes I receive never-ending pop ups from Norton Security which says Email Error and inside the box is foreign language detailing both sender and recipient emails (which none are mine) and what looks to be phishing emails. Everytime I close one box, another one would pop up.
I desparately need help.
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 04/09/2012 at 10:54 PM
Application Version : 5.0.1146
Core Rules Database Version : 8431
Trace Rules Database Version: 6243
Scan type : Complete Scan
Total Scan Time : 01:26:08
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 1 (Build 6.00.6001)
UAC On - Limited User (Administrator User)
Memory items scanned : 759
Memory threats detected : 1
Registry items scanned : 34531
Registry threats detected : 1
File items scanned : 140031
File threats detected : 360
Trojan.Agent/Gen-FakeRel
[AmdAgent] C:\WINDOWS\TEMP\TEMP68.EXE
C:\WINDOWS\TEMP\TEMP68.EXE
C:\WINDOWS\TEMP\TEMP68.EXE
Adware.Tracking Cookie
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\kile@doubleclick[1].txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@247REALMEDIA[1].TXT [ /247REALMEDIA ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\[email protected][2].TXT [ /AD.YIELDMANAGER ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@ADVERTISING[2].TXT [ /ADVERTISING ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@KANOODLE[1].TXT [ /KANOODLE ]
cdn.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
cdn2.baronsmedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
core.insightexpressai.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
crackle.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
ds.serving-sys.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
i.*adult URL* [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
media.mtvnservices.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
media3.onsugar.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
media4.onsugar.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
objects.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
secure-us.imrworldwide.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
tag.blutonicmedia.hiro.tv [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
tag.mediashakers.hiro.tv [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[1].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[2].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[3].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[1].TXT [ /247REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@2O7[1].TXT [ /2O7 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@2O7[2].TXT [ /2O7 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@2O7[3].TXT [ /2O7 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /A1.INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /A1.INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /A1.INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.360YIELD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AD.360YIELD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.DOUBLECLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.WSOD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[2].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[3].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[4].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[5].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADINTERAX[2].TXT [ /ADINTERAX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[1].TXT [ /ADNETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.ADK2 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.ADK2 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.BLOGTALKRADIO ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.BRIDGETRACK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.DRIVERDIGITAL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.FINANCIALCONTENT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.FOOTAR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.FOOTBALLMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.FOOTBALLMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.GAMERSMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.INTERGI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.LYCOS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.LYCOS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.LYCOS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.MSV-INC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.MSV-INC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.PAPERLEAF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.PIXFUTURE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.REDORBIT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.SHOPSTYLE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS1.ZENOVIAEXCHANGE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS1.ZENOVIAEXCHANGE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[1].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[2].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[3].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[4].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADULTSWIM[2].TXT [ /ADULTSWIM ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADUP.ROTATOR.HADJ7.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADUP.ROTATOR.HADJ7.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADVERTISING.EZANGA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[1].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[2].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[3].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[4].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[1].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[2].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[3].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[4].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AIM4MEDIA[1].TXT [ /AIM4MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AMAZON-ADSYSTEM[1].TXT [ /AMAZON-ADSYSTEM ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[1].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[2].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[3].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[4].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AR.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[1].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[2].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[3].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[5].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATWOLA[1].TXT [ /ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AZJMP[1].TXT [ /AZJMP ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[1].TXT [ /BIZZCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[2].TXT [ /BIZZCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[3].TXT [ /BIZZCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /BLOG.GOURMETCOUNTRY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[2].TXT [ /BURSTBEACON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[1].TXT [ /BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[2].TXT [ /BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[3].TXT [ /BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[4].TXT [ /BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[1].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[2].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[4].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[5].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /CDN.JEMAMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /CDN.JEMAMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CITYGRIDMEDIA[2].TXT [ /CITYGRIDMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CLICK.GET-ANSWERS-FAST ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CLICK.SCOUR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CLICK.SEARCHNATION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CLICKS.THESPECIALSEARCH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[1].TXT [ /CLICKSOR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@COLLECTIVE-MEDIA[1].TXT [ /COLLECTIVE-MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@COLLECTIVE-MEDIA[2].TXT [ /COLLECTIVE-MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@COLLECTIVE-MEDIA[4].TXT [ /COLLECTIVE-MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CONTENT.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CRACKLE[2].TXT [ /CRACKLE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CRACKLE[3].TXT [ /CRACKLE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /DC.TREMORMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /DC.TREMORMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /DC.TREMORMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /DC.TREMORMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@DMFIND[1].TXT [ /DMFIND ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@DOUBLECLICK[3].TXT [ /DOUBLECLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@DOUBLECLICK[4].TXT [ /DOUBLECLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ECLICKZ[1].TXT [ /ECLICKZ ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ENHANCE[2].TXT [ /ENHANCE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ENHANCE[3].TXT [ /ENHANCE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ENVEROMEDIA[1].TXT [ /ENVEROMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /EV.ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@EYEWONDER[2].TXT [ /EYEWONDER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FASTCLICK[1].TXT [ /FASTCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FASTCLICK[2].TXT [ /FASTCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FASTCLICK[3].TXT [ /FASTCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FASTCLICK[4].TXT [ /FASTCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /FIDELITY.ROTATOR.HADJ7.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /FILTER.PLUSFIND ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FINDOLOGY[1].TXT [ /FINDOLOGY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FINDOLOGY[2].TXT [ /FINDOLOGY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FINDSEARCHLOCATE[2].TXT [ /FINDSEARCHLOCATE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FINDVICTORIA[2].TXT [ /FINDVICTORIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@GETCLICKY[1].TXT [ /GETCLICKY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@GETCLICKY[2].TXT [ /GETCLICKY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@GHMEDIA[1].TXT [ /GHMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@GHMEDIA[3].TXT [ /GHMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@GOCLICKER[1].TXT [ /GOCLICKER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@GOFINDLINK[1].TXT [ /GOFINDLINK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@GOFINDLINK[2].TXT [ /GOFINDLINK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /GOTACHA.ROTATOR.HADJ7.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /GOTACHA.ROTATOR.HADJ7.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@HARRENMEDIANETWORK[1].TXT [ /HARRENMEDIANETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@HARRENMEDIANETWORK[2].TXT [ /HARRENMEDIANETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@HARRENMEDIANETWORK[3].TXT [ /HARRENMEDIANETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@IMRWORLDWIDE[2].TXT [ /IMRWORLDWIDE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@IMRWORLDWIDE[3].TXT [ /IMRWORLDWIDE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@IMRWORLDWIDE[4].TXT [ /IMRWORLDWIDE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@IMRWORLDWIDE[5].TXT [ /IMRWORLDWIDE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /IN.GETCLICKY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /IN.GETCLICKY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INCSFIND[1].TXT [ /INCSFIND ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INCSFIND[3].TXT [ /INCSFIND ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INDIECLICK[2].TXT [ /INDIECLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INSIGHTEXPRESSAI[1].TXT [ /INSIGHTEXPRESSAI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INSIGHTEXPRESSAI[2].TXT [ /INSIGHTEXPRESSAI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INSIGHTEXPRESSAI[3].TXT [ /INSIGHTEXPRESSAI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INSIGHTEXPRESSAI[4].TXT [ /INSIGHTEXPRESSAI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INTERCLICK[1].TXT [ /INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INTERCLICK[2].TXT [ /INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INTERCLICK[3].TXT [ /INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INTERMUNDOMEDIA[2].TXT [ /INTERMUNDOMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INTERMUNDOMEDIA[3].TXT [ /INTERMUNDOMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INTERMUNDOMEDIA[4].TXT [ /INTERMUNDOMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INVITEMEDIA[1].TXT [ /INVITEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INVITEMEDIA[2].TXT [ /INVITEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INVITEMEDIA[3].TXT [ /INVITEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INVITEMEDIA[4].TXT [ /INVITEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@KANOODLE[1].TXT [ /KANOODLE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@KANOODLE[2].TXT [ /KANOODLE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@KEEPUFIND[1].TXT [ /KEEPUFIND ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@KEEPUFIND[2].TXT [ /KEEPUFIND ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LEGOLAS-MEDIA[1].TXT [ /LEGOLAS-MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LEGOLAS-MEDIA[2].TXT [ /LEGOLAS-MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LEGOLAS-MEDIA[3].TXT [ /LEGOLAS-MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LUCIDMEDIA[1].TXT [ /LUCIDMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LUCIDMEDIA[2].TXT [ /LUCIDMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LUCIDMEDIA[3].TXT [ /LUCIDMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /MEDIA.ADFRONTIERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /MEDIA.ADFRONTIERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /MEDIA.ADFRONTIERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIA6DEGREES[1].TXT [ /MEDIA6DEGREES ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIA6DEGREES[2].TXT [ /MEDIA6DEGREES ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIA6DEGREES[3].TXT [ /MEDIA6DEGREES ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIA6DEGREES[4].TXT [ /MEDIA6DEGREES ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIAPLEX[1].TXT [ /MEDIAPLEX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIAPLEX[2].TXT [ /MEDIAPLEX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIAPLEX[3].TXT [ /MEDIAPLEX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIAPLEX[5].TXT [ /MEDIAPLEX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /MEDIASERVICES-D.OPENXENTERPRISE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /MEDIASERVICES-D.OPENXENTERPRISE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /MEDIASERVICES-D.OPENXENTERPRISE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /MEDIASERVICES-D.OPENXENTERPRISE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MICKLEMEDIA[1].TXT [ /MICKLEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MICKLEMEDIA[2].TXT [ /MICKLEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MIFIND[1].TXT [ /MIFIND ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /MM.CHITIKA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MYROITRACKING[2].TXT [ /MYROITRACKING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /NETWORK.REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /NETWORK.REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /NETWORK.REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /NETWORK.REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@NEXTAG[2].TXT [ /NEXTAG ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /OPTIMIZE.INDIECLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@OVERTURE[2].TXT [ /OVERTURE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /OX-D.AD.REPOFADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /OX-D.ADSERVERMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /OX-D.ENVEROMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /OX-D.ENVEROMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /OX-D.ENVEROMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /OX-D.FONDNESSMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@PERFIND[1].TXT [ /PERFIND ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@POINTROLL[1].TXT [ /POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@POINTROLL[2].TXT [ /POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@POINTROLL[3].TXT [ /POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@POINTROLL[5].TXT [ /POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@PRO-MARKET[1].TXT [ /PRO-MARKET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@PRO-MARKET[3].TXT [ /PRO-MARKET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@PRO-MARKET[4].TXT [ /PRO-MARKET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@PRO-MARKET[5].TXT [ /PRO-MARKET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@QUESTIONMARKET[1].TXT [ /QUESTIONMARKET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@QUESTIONMARKET[2].TXT [ /QUESTIONMARKET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@QUESTIONMARKET[3].TXT [ /QUESTIONMARKET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@QUESTIONMARKET[4].TXT [ /QUESTIONMARKET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@REALMEDIA[1].TXT [ /REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@REALMEDIA[2].TXT [ /REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@REALMEDIA[3].TXT [ /REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@REDORBIT[2].TXT [ /REDORBIT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@REVENUEMANTRA[1].TXT [ /REVENUEMANTRA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@REVSCI[1].TXT [ /REVSCI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@REVSCI[2].TXT [ /REVSCI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@REVSCI[3].TXT [ /REVSCI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@REVSCI[4].TXT [ /REVSCI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ROTATOR.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@RU4[1].TXT [ /RU4 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@RU4[2].TXT [ /RU4 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@RU4[4].TXT [ /RU4 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@RU4[5].TXT [ /RU4 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /S2.TRAFFICNO ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /S3.TRAFFICNO ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /S3.TRAFFICNO ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /S3.TRAFFICNO ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /SEARCH.ECLICKZ ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /SERVER.CPMSTAR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /SERVER.CPMSTAR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SERVING-SYS[1].TXT [ /SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SERVING-SYS[2].TXT [ /SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SERVING-SYS[3].TXT [ /SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SERVING-SYS[4].TXT [ /SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SMASHFIND[1].TXT [ /SMASHFIND ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SPECIFICCLICK[1].TXT [ /SPECIFICCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SPECIFICCLICK[2].TXT [ /SPECIFICCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SPECIFICCLICK[3].TXT [ /SPECIFICCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /STAT.ONESTAT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@STATCOUNTER[1].TXT [ /STATCOUNTER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@STATCOUNTER[2].TXT [ /STATCOUNTER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@STATCOUNTER[3].TXT [ /STATCOUNTER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@STATCOUNTER[5].TXT [ /STATCOUNTER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /STATIC.GETCLICKY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /STATIC.GETCLICKY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /STATSE.WEBTRENDSLIVE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@STEELHOUSEMEDIA[2].TXT [ /STEELHOUSEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /T.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /T.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /TACODA.AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /TACODA.AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TACODA[1].TXT [ /TACODA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TACODA[2].TXT [ /TACODA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /TAG.BLUTONICMEDIA.HIRO ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /TAG.MEDIASHAKERS.HIRO ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TECHNORATIMEDIA[2].TXT [ /TECHNORATIMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TECHNORATIMEDIA[3].TXT [ /TECHNORATIMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TECHNORATIMEDIA[4].TXT [ /TECHNORATIMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /TRACKING.CALLMEASUREMENT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRAFFICENGINE[1].TXT [ /TRAFFICENGINE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRAFFICMP[1].TXT [ /TRAFFICMP ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRAFFICMP[2].TXT [ /TRAFFICMP ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRAFFICMP[3].TXT [ /TRAFFICMP ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRAVELADVERTISING[1].TXT [ /TRAVELADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRIBALFUSION[1].TXT [ /TRIBALFUSION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRIBALFUSION[2].TXT [ /TRIBALFUSION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRIBALFUSION[3].TXT [ /TRIBALFUSION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRIBALFUSION[4].TXT [ /TRIBALFUSION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /TRISEPTSOLUTIONS.122.2O7 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@UIADSERVER[1].TXT [ /UIADSERVER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@UIADSERVER[2].TXT [ /UIADSERVER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@UNRULYMEDIA[2].TXT [ /UNRULYMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /VIDASCO.ROTATOR.HADJ7.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /WWW.ADULTSWIM ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /WWW.BURSTBEACON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /WWW.BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /WWW.BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /WWW.BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /WWW.BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /WWW.CRACKLE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /WWW.CRACKLE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /WWW.CRACKLE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /WWW.CRACKLE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /WWW.ENVEROMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /WWW.GOOGLEADSERVICES ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /WWW.GOOGLEADSERVICES ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /WWW.GOOGLEADSERVICES ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /XM.XTENDMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /XML.TRAFFICENGINE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@YIELDMANAGER[1].TXT [ /YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@YIELDMANAGER[2].TXT [ /YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@YIELDMANAGER[3].TXT [ /YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@YIELDMANAGER[4].TXT [ /YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ZEDO[1].TXT [ /ZEDO ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ZEDO[2].TXT [ /ZEDO ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ZEDO[4].TXT [ /ZEDO ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ZEDO[5].TXT [ /ZEDO ]
Trojan.Agent/Gen-FakeAlert[Local]
C:\USERS\KILE\APPDATA\LOCAL\TEMP\_UNPS.EXE
U
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 04/09/2012 at 10:54 PM
Application Version : 5.0.1146
Core Rules Database Version : 8431
Trace Rules Database Version: 6243
Scan type : Complete Scan
Total Scan Time : 01:26:08
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 1 (Build 6.00.6001)
UAC On - Limited User (Administrator User)
Memory items scanned : 759
Memory threats detected : 1
Registry items scanned : 34531
Registry threats detected : 1
File items scanned : 140031
File threats detected : 360
Trojan.Agent/Gen-FakeRel
[AmdAgent] C:\WINDOWS\TEMP\TEMP68.EXE
C:\WINDOWS\TEMP\TEMP68.EXE
C:\WINDOWS\TEMP\TEMP68.EXE
Adware.Tracking Cookie
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\kile@doubleclick[1].txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@247REALMEDIA[1].TXT [ /247REALMEDIA ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\[email protected][2].TXT [ /AD.YIELDMANAGER ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@ADVERTISING[2].TXT [ /ADVERTISING ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@KANOODLE[1].TXT [ /KANOODLE ]
cdn.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
cdn2.baronsmedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
core.insightexpressai.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
crackle.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
ds.serving-sys.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
i.*adult URL* [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
media.mtvnservices.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
media3.onsugar.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
media4.onsugar.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
objects.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
secure-us.imrworldwide.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
tag.blutonicmedia.hiro.tv [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
tag.mediashakers.hiro.tv [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[1].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[2].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[3].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[1].TXT [ /247REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@2O7[1].TXT [ /2O7 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@2O7[2].TXT [ /2O7 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@2O7[3].TXT [ /2O7 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /A1.INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /A1.INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /A1.INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.360YIELD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AD.360YIELD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.DOUBLECLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.WSOD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[2].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[3].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[4].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[5].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADINTERAX[2].TXT [ /ADINTERAX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[1].TXT [ /ADNETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.ADK2 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.ADK2 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.BLOGTALKRADIO ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.BRIDGETRACK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.DRIVERDIGITAL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.FINANCIALCONTENT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.FOOTAR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.FOOTBALLMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.FOOTBALLMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.GAMERSMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.INTERGI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.LYCOS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.LYCOS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.LYCOS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.MSV-INC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.MSV-INC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.PAPERLEAF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.PIXFUTURE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.REDORBIT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.SHOPSTYLE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS1.ZENOVIAEXCHANGE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS1.ZENOVIAEXCHANGE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[1].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[2].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[3].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[4].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADULTSWIM[2].TXT [ /ADULTSWIM ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADUP.ROTATOR.HADJ7.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADUP.ROTATOR.HADJ7.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADVERTISING.EZANGA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[1].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[2].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[3].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[4].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[1].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[2].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[3].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[4].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AIM4MEDIA[1].TXT [ /AIM4MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AMAZON-ADSYSTEM[1].TXT [ /AMAZON-ADSYSTEM ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[1].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[2].TXT [ /APMEBF
-
a couple of things about my computer that I failed to mention:
Computer is a Dell Insperion 530S
OS is Windows Vista 32 bit with a service pack 1
Processor: Genuine Intel(R) CPU 2160 @ 1.80 GHz
RAM: 2 GB
-
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.04.04.08
Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 8.0.6001.19088
Kile :: KILE-PC [administrator]
4/10/2012 2:04:49 AM
mbam-log-2012-04-10 (02-04-49).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 193489
Time elapsed: 12 minute(s), 45 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.
1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.
If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Download Security Check by screen317 from one of the following links and save it to your desktop.
Link 1 (http://screen317.spywareinfoforum.org/SecurityCheck.exe)
Link 2 (http://screen317.changelog.fr/SecurityCheck.exe)
* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.
Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
*************************************************
Download DDS from HERE (http://download.bleepingcomputer.com/sUBs/dds.scr) or HERE (http://www.forospyware.com/sUBs/dds) and save it to your desktop.
Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)
* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.
(http://i424.photobucket.com/albums/pp322/digistar/DDS.jpg)
1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread
Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.
•Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE (http://www.bleepingcomputer.com/forums/topic114351.html).Then post your DDS logs. (DDS.txt and Attach.txt )
-
Here are the chekup.txt results attached
[year+ old attachment deleted by admin]
-
Please do not attach your logs unless absolutely necessary. Copy and paste them in your reply(ies)
You should download and install Service Pack 2 for Vista.
Update Your Java (JRE)
Old versions of Java have vulnerabilities that malware can use to infect your system.
First Verify your Java Version (http://www.java.com/en/download/installed.jsp)
If there are any other version(s) installed then update now.
Get the new version (if needed)
If your version is out of date install the newest version of the Sun Java Runtime Environment (http://www.majorgeeks.com/Sun_Java_Runtime_Environment_d4648.html).
Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Be sure to close ALL open web browsers before starting the installation.
Remove any old versions
1. Download JavaRa (http://raproducts.org/click/click.php?id=1) and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.
Additional Note: The Java Quick Starter (JQS.exe) (http://java.sun.com/javase/6/docs/technotes/guides/jweb/otherFeatures/jqs.html) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
*******************************************
Please download the newest version of Adobe Acrobat Reader from Adobe.com (http://www.adobe.com/products/acrobat/readstep2.html)
Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs.
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.
Once old versions are gone, please install the newest version.
-
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19088 BrowserJavaVersion: 1.6.0_24
Run by Kile at 17:35:15 on 2012-04-10
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2036.228 [GMT -5:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Kile\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\SecureBackupShare\ComcastSecureBackupSharestat.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\AERTSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11g_ActiveX.exe
C:\Program Files\SecureBackupShare\ComcastSecureBackupSharebackup.exe
C:\Program Files\SecureBackupShare\ComcastSecureBackupSharebackup.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\ehome\mcupdate.EXE
C:\PROGRA~1\MICROS~3\Office10\OUTLOOK.EXE
C:\Windows\system32\msiexec.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.comcast.net/
uSearch Bar = Preserve
uWindow Title = Internet Explorer provided by Dell
mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0071106
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\5.2.0.13\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\5.2.0.13\ips\IPSBHO.DLL
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {f629a2e4-771b-4215-bfca-140d74011dbe} - No File
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo layers runtime\YontooIEClient.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\5.2.0.13\coIEPlg.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [SansaDispatch] c:\users\kile\appdata\roaming\sandisk\sansa updater\SansaDispatch.exe
uRun: [AROReminder]
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [<NO NAME>]
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
dRun: [dplaysvr] c:\windows\system32\config\systemprofile\appdata\local\dplaysvr.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secure~1.lnk - c:\program files\securebackupshare\ComcastSecureBackupSharestat.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Search
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Trusted Zone: realtor.org\www
Trusted Zone: yahoo.com\games
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{73560D62-A934-4875-952C-2161AAC78976} : DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg - c:\program files\sft\guardedid\gidi.exe /v
Hosts: 94.63.147.16 www.google.com
Hosts: 94.63.147.17 www.bing.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\kile\appdata\roaming\mozilla\firefox\profiles\nc2ggpmw.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/?pc=Z039&form=ZGAPHP
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm593YYUS&fl=0&ptb=kLYXbKBETjdxxEa8dEf0nQ&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPMyWebS.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
FF - plugin: c:\program files\virtools\3d life player\npvirtools.dll
FF - plugin: c:\users\kile\appdata\local\microsoft\internet explorer\downloaded program files\npsoe.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0502000.00d\symds.sys [2012-2-7 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0502000.00d\symefa.sys [2012-2-7 744568]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\bashdefs\20120402.001\BHDrvx86.sys [2012-4-2 821880]
R1 ComcastSecureBackupShareFilter;ComcastSecureBackupShareFilter;c:\windows\system32\drivers\ComcastSecureBackupShare.sys [2011-6-5 54776]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\ipsdefs\20120406.003\IDSvix86.sys [2012-4-9 368248]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0502000.00d\ironx86.sys [2012-2-7 136312]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0502000.00d\symtdiv.sys [2012-2-7 331384]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-5-4 116608]
R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
R2 ComcastSecureBackupSharebackup;Comcast Secure Backup & Share Backup Service;c:\program files\securebackupshare\ComcastSecureBackupSharebackup.exe [2010-12-14 15592]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-4-8 106104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-26 136176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-4-26 136176]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc.pkms [2011-5-12 21744]
S3 UsbGps;LGE CDMA USB GPS NMEA Port;c:\windows\system32\drivers\lgusbgps.sys [2011-2-5 19968]
.
=============== Created Last 30 ================
.
2012-04-08 14:50:00 -------- d-----w- c:\windows\pss
2012-04-07 23:15:13 113152 ----a-w- c:\programdata\microsoft\windows\drm\F275.tmp
2012-03-28 04:00:46 -------- d-----w- c:\users\kile\appdata\roaming\Norton Utilities
2012-03-28 03:52:13 -------- d-----w- c:\programdata\Norton Installer
2012-03-28 03:51:44 44544 ----a-w- c:\windows\system32\msxml4a.dll
.
==================== Find3M ====================
.
2012-04-04 20:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-15 02:44:00 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 17:38:01.76 ===============
-
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 11/6/2007 3:58:55 AM
System Uptime: 4/10/2012 5:19:32 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0RY007
Processor: Genuine Intel(R) CPU 2160 @ 1.80GHz | Socket 775 | 1200/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 288 GiB total, 243.653 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.929 GiB free.
E: is CDROM (UDF)
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
3DVIA player 5.0
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader 9.4.4
Adobe Shockwave Player 11.6
Advertising Center
AIO_Scan
Apple Mobile Device Support
Apple Software Update
ArcSoft MediaImpression
ARO 2011
Bonjour
Browser Address Error Redirector
BufferChm
C4200
c4200_Help
Compatibility Pack for the 2007 Office system
Conexant D850 PCI V.92 Modem
Copy
Coupon Printer for Windows
CustomerResearchQFolder
datasafeupdate
Dell DataSafe Online
Dell Support Center
Dell System Customization Wizard
DellSupport
Destinations
DeviceManagementQFolder
Digital Line Detect
DocProc
DocProcQFolder
DolbyFiles
eSupportQFolder
Games, Music, & Photos Launcher
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 8.0
HP Imaging Device Functions 8.0
HP OCR Software 8.0
HP Photosmart All-In-One Software 8.0
HP Photosmart Essential
HP Product Assistant
HP Product Detection
HP Solution Center 8.0
HP Update
HPProductAssistant
HPSSupply
ImagXpress
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections 12.1.11.0
iPod for Windows 2005-03-23
iTunes
Java Auto Updater
Java(TM) 6 Update 24
Java(TM) 6 Update 3
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6
LG USB Modem driver
Malwarebytes Anti-Malware version 1.61.0.1400
MarketResearch
Menu Templates - Starter Kit
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Corporation
Microsoft LifeCam
Microsoft Office Live Add-in 1.5
Microsoft Office XP Professional with FrontPage
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Modem Diagnostic Tool
Movie Templates - Starter Kit
Mozilla Firefox (3.5.3)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 9 Trial
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero Disc Copy Gadget
Nero DiscSpeed
Nero DriveSpeed
Nero InfoTool
Nero Installer
Nero PhotoSnap
Nero Recode
Nero Rescue Agent
Nero ShowTime
Nero StartSmart
Nero Vision
Nero WaveEditor
NeroBurningROM
NeroExpress
neroxml
NetWaiting
Norton Security Suite
OGA Notifier 2.0.0048.0
Product Documentation Launcher
PS_AIO_ProductContext
PS_AIO_Software
PS_AIO_Software_min
QuickTime
Realtek High Definition Audio Driver
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Sansa Updater
Scan
Secure Backup and Share
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Shop for HP Supplies
SolutionCenter
Sonic Activation Module
SoundTrax
Spelling Dictionaries Support For Adobe Reader 8
Status
SUPERAntiSpyware
swMSM
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
User's Guides
WebReg
Windows Live ID Sign-in Assistant
Windows Live installer
Windows Live Messenger
Yahoo! Detect
.
==== End Of File ===========================
-
I received an error when trying to update Java RE. A pop up box says the following:
Java Update cannot proceed with the current internet Connection settings of your system.
In your Windows Control panel, please check Internet Options-> Connections to make sure
the settings and proxy information are correct.
I don't really know what the correct settings are supposed to be.
-
received an error when trying to update Java RE. A pop up box says the following:
Java Update cannot proceed with the current internet Connection settings of your system.
In your Windows Control panel, please check Internet Options-> Connections to make sure
the settings and proxy information are correct.
In your IE browser click on Tools, internet options, connections and do a screen print and post it in your next post.
How to post screenshots or images (http://www.computerhope.com/forum/index.php/topic,61232.0.html)
Download Combofix from any of the links below, and save it to your DESKTOP.
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
Link 3 (http://subs.geekstogo.com/ComboFix.exe)
To prevent your anti-virus application interfering with ComboFix we need to disable it. See here (http://www.pchelpforum.com/anti-virus/110194-how-disable-your-security-applications-4.html) for a tutorial regarding how to do so if you are unsure.
- Close any open windows and double click ComboFix.exe to run it.
You will see the following image:
(http://i424.photobucket.com/albums/pp322/digistar/NSIS_disclaimer_ENG.png)
Click I Agree to start the program.
ComboFix will then extract the necessary files and you will see this:
(http://i424.photobucket.com/albums/pp322/digistar/NSIS_extraction.png)
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7
It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
If you did not have it installed, you will see the prompt below. Choose YES.
(http://i424.photobucket.com/albums/pp322/digistar/RcAuto1.gif)
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
(http://i424.photobucket.com/albums/pp322/digistar/whatnext.png)
Click on Yes, to continue scanning for malware.
When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.
Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.
-
The tutorial for disabling my anti-virus does not have instructions for what I have, which is Norton Security Suite. There are other Norton packages. I don't know if what I have falls under one of those. Please advise.
(http://img545.imageshack.us/img545/3836/internetoptionsconnecti.jpg) (http://imageshack.us/photo/my-images/545/internetoptionsconnecti.jpg/)
Look at what I just found in one of my emails. It looks this is where my infection came from. My Norton Anti-virus is associated wit my ISP, comcast
Constant Guard™ Alert
Dear XFINITY Customer,
Constant Guard from XFINITY identified one or more of your computers may be infected with a bot. A bot is a malicious form of software that is used to send spam, host a phishing site, or steal your identity by monitoring your keystrokes without your knowledge. It may be possible you are unaware that your computer is infected with a bot.
We strongly recommend that you visit XFINITY.com/BotAssistance for important information on how to remove malicious software from your computer(s).
We appreciate your prompt attention to this important security notice.
Sincerely,
Constant Guard from XFINITY
This is a service-related email. Comcast will occasionally send you service-related emails to inform you of service upgrades or new benefits to your Comcast High-Speed Internet service.
Copyright 2012. Comcast. All other trademarks are properties of their respective owners.
Comcast respects your privacy. For a complete description of our privacy policy, click here.
Comcast
One Comcast Center, 10th Floor
1701 JFK Boulevard
Philadelphia, PA 19103-2838
-
UPDATE***
I have successfully downladed Vista Service Pack 2
For downloading Jave Re, I got farther than before but just at the end, I received a new hurdle. It said "error 52099, failed unzipping case file"
for downloading CCleaner, I recived an error that said, "no more threads can be created in the system" I seem to get that alot. What does that mean?
And again, I don't know how to disable my Norton Security Suite so I can dowload Combofix.
-
I don't know if what I have falls under one of those. Please advise.
If you can't disable the AV just run ComboFix regardless.
I recived an error that said, "no more threads can be created in the system" I seem to get that alot. What does that mean?
Here's (http://msdn.microsoft.com/en-us/library/ms832079.aspx) an explanation.
Some additional info -- usually when you run out of thread space, an app is misbehaving; either it's spinning off too many threads or (usually) not releasing old ones properly. You can check the number of threads currently running in Task Manager under the Performance tab in the System section.
Does this error occur right after restarting Windows, or only after it's been running awhile? Try restarting Windows, minimizing the number of other programs that are running (including services and applets) and see if the problem persists. It might take a process of elimination to pinpoint which program is causing the problem.
-
If you can't disable the AV just run ComboFix regardless.Here's (http://msdn.microsoft.com/en-us/library/ms832079.aspx) an explanation.
I tried to but Norton alerted it as not safe and blocked me from running it.
Does this error occur right after restarting Windows, or only after it's been running awhile? Try restarting Windows, minimizing the number of other programs that are running (including services and applets) and see if the problem persists. It might take a process of elimination to pinpoint which program is causing the problem.
It happened after a while. I shut down and it worked after turning it back on.
-
Save these instructions so you can have access to them while in Safe Mode.
Please click here (http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/) to download AVP Tool by Kaspersky.
- Save it to your desktop.
- Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
- Double click the setup file to run it.
- Click Next to continue.
- Accept the License agreement and click on next.
- It will, by default, install it to your desktop folder. Click Next.
- It will then open a box There will be a tab that says Automatic scan.
- Under Automatic scan make sure these are checked.
- Hidden Startup Objects
- System Memory
- Disk Boot Sectors.
- My Computer.
- Also any other drives (Removable that you may have)
Leave the rest of the settings as they appear as default.
•Then click on Scan at the to right hand Corner.
•It will automatically Neutralize any objects found.
•If some objects are left un-neutralized then click the button that says Neutralize all
•If it says it cannot be neutralized then choose the delete option when prompted.
•After that is done click on the reports button at the bottom and save it to file name it Kas.
•Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.
Note: This tool will self uninstall when you close it so please save the log before closing it.
-
Status: Deleted (events: 1)
4/12/2012 8:26:29 PM Deleted Trojan program Trojan.Win32.TDSS.irdg C:\Documents and Settings\All Users\Microsoft\Windows\DRM\F275.tmp High
-
Let's run a few more scans to see what turns up.
Please download aswMBR.exe (http://public.avast.com/%7Egmerek/aswMBR.exe) ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
(http://i424.photobucket.com/albums/pp322/digistar/aswMBR_Scan.jpg)
Click the "Scan" button to start scan
Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives
(http://i424.photobucket.com/albums/pp322/digistar/aswMBR_SaveLog.png)
On completion of the scan click save log, save it to your desktop and post in your next reply
-
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-13 19:56:01
-----------------------------
19:56:01.408 OS Version: Windows 6.0.6002 Service Pack 2
19:56:01.408 Number of processors: 2 586 0xF02
19:56:01.408 ComputerName: KILE-PC UserName: Kile
19:56:04.200 Initialize success
19:56:13.113 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:56:13.129 Disk 0 Vendor: WDC_WD3200AAKS-75VYA0 12.01B02 Size: 305245MB BusType: 3
19:56:13.129 Disk 0 MBR read successfully
19:56:13.129 Disk 0 MBR scan
19:56:13.144 Disk 0 TDL4@MBR code has been found
19:56:13.144 Disk 0 Windows VISTA default MBR code found via API
19:56:13.144 Disk 0 MBR hidden
19:56:13.144 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
19:56:13.176 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 98304
19:56:13.191 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 294956 MB offset 21069824
19:56:13.191 Disk 0 MBR [TDL4] **ROOTKIT**
19:56:13.207 Disk 0 trace - called modules:
19:56:13.222 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x855f749f]<<
19:56:13.254 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84f9f030]
19:56:13.285 3 CLASSPNP.SYS[8819f8b3] -> nt!IofCallDriver -> [0x84dfd918]
19:56:13.300 5 acpi.sys[806a06bc] -> nt!IofCallDriver -> [0x8402b528]
19:56:13.300 \Driver\atapi[0x855c89f8] -> IRP_MJ_CREATE -> 0x855f749f
19:56:13.316 Scan finished successfully
19:56:34.280 Disk 0 MBR has been saved successfully to "C:\Users\Kile\Desktop\MBR.dat"
19:56:34.289 The log file has been saved successfully to "C:\Users\Kile\Desktop\aswMBR.txt"
-
- Download TDSSKiller (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) and save it to your Desktop.
- Extract its contents to your desktop.
- Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
(http://img.photobucket.com/albums/v420/kdiamondkenny/Computer/TDSSKillernumber1.png)
- If an infected file is detected, the default action will be Cure, click on Continue.
(http://img.photobucket.com/albums/v420/kdiamondkenny/Computer/TDSSKillernumber2.png)
- If a suspicious file is detected, the default action will be Skip, click on Continue.
(http://img.photobucket.com/albums/v420/kdiamondkenny/Computer/TDSSKillernumber3.png)
- It may ask you to reboot the computer to complete the process. Click on Reboot Now.
(http://img.photobucket.com/albums/v420/kdiamondkenny/Computer/TDSSKillerlastone3.png)
- Click the Report button and copy/paste the contents of it into your next reply
Note:It will also create a log in the C:\ directory..
Please run aswMBR.exe again after doing the above and post the log.
-
BEFORE
13:02:23.0768 5980 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
13:02:25.0781 5980 ============================================================
13:02:25.0781 5980 Current date / time: 2012/04/14 13:02:25.0781
13:02:25.0781 5980 SystemInfo:
13:02:25.0781 5980
13:02:25.0781 5980 OS Version: 6.0.6002 ServicePack: 2.0
13:02:25.0781 5980 Product type: Workstation
13:02:25.0781 5980 ComputerName: KILE-PC
13:02:25.0781 5980 UserName: Kile
13:02:25.0781 5980 Windows directory: C:\Windows
13:02:25.0781 5980 System windows directory: C:\Windows
13:02:25.0781 5980 Processor architecture: Intel x86
13:02:25.0781 5980 Number of processors: 2
13:02:25.0781 5980 Page size: 0x1000
13:02:25.0781 5980 Boot type: Normal boot
13:02:25.0781 5980 ============================================================
13:02:30.0305 5980 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:02:30.0320 5980 \Device\Harddisk0\DR0:
13:02:30.0320 5980 MBR used
13:02:30.0320 5980 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x1400000
13:02:30.0320 5980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1418000, BlocksNum 0x24016000
13:02:30.0398 5980 Initialize success
13:02:30.0398 5980 ============================================================
13:03:26.0541 4640 ============================================================
13:03:26.0541 4640 Scan started
13:03:26.0541 4640 Mode: Manual;
13:03:26.0541 4640 ============================================================
13:03:29.0505 4640 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
13:03:29.0520 4640 !SASCORE - ok
13:03:29.0661 4640 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:03:29.0661 4640 ACDaemon - ok
13:03:29.0879 4640 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
13:03:29.0879 4640 ACPI - ok
13:03:29.0941 4640 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:03:29.0941 4640 AdobeARMservice - ok
13:03:30.0035 4640 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
13:03:30.0051 4640 adp94xx - ok
13:03:30.0082 4640 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
13:03:30.0082 4640 adpahci - ok
13:03:30.0129 4640 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
13:03:30.0129 4640 adpu160m - ok
13:03:30.0160 4640 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
13:03:30.0160 4640 adpu320 - ok
13:03:30.0191 4640 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
13:03:30.0207 4640 AeLookupSvc - ok
13:03:30.0238 4640 AERTFilters (330a1e4df07c2e29949ed8631cd8828e) C:\Windows\system32\AERTSrv.exe
13:03:30.0238 4640 AERTFilters - ok
13:03:30.0300 4640 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
13:03:30.0316 4640 Afc - ok
13:03:30.0534 4640 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
13:03:30.0581 4640 AFD - ok
13:03:30.0815 4640 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
13:03:30.0831 4640 agp440 - ok
13:03:30.0877 4640 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:03:30.0909 4640 aic78xx - ok
13:03:30.0940 4640 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
13:03:30.0955 4640 ALG - ok
13:03:31.0002 4640 aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys
13:03:31.0018 4640 aliide - ok
13:03:31.0065 4640 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
13:03:31.0080 4640 amdagp - ok
13:03:31.0111 4640 amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys
13:03:31.0127 4640 amdide - ok
13:03:31.0158 4640 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
13:03:31.0189 4640 AmdK7 - ok
13:03:31.0236 4640 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
13:03:31.0267 4640 AmdK8 - ok
13:03:31.0345 4640 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
13:03:31.0377 4640 Appinfo - ok
13:03:31.0455 4640 Apple Mobile Device (7e94e567c1aa5abe6174032b3dab6c23) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
13:03:31.0470 4640 Apple Mobile Device - ok
13:03:31.0517 4640 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
13:03:31.0533 4640 arc - ok
13:03:31.0611 4640 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
13:03:31.0642 4640 arcsas - ok
13:03:31.0720 4640 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
13:03:31.0751 4640 AsyncMac - ok
13:03:31.0845 4640 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
13:03:31.0845 4640 atapi - ok
13:03:31.0907 4640 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:03:31.0923 4640 AudioEndpointBuilder - ok
13:03:31.0954 4640 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:03:31.0969 4640 Audiosrv - ok
13:03:32.0016 4640 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
13:03:32.0032 4640 Beep - ok
13:03:32.0094 4640 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
13:03:32.0110 4640 BFE - ok
13:03:32.0266 4640 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120402.001\BHDrvx86.sys
13:03:32.0297 4640 BHDrvx86 - ok
13:03:32.0859 4640 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
13:03:32.0874 4640 BITS - ok
13:03:32.0905 4640 blbdrive - ok
13:03:32.0999 4640 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe
13:03:33.0015 4640 Bonjour Service - ok
13:03:33.0108 4640 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
13:03:33.0202 4640 bowser - ok
13:03:33.0249 4640 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:03:33.0249 4640 BrFiltLo - ok
13:03:33.0280 4640 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:03:33.0311 4640 BrFiltUp - ok
13:03:33.0373 4640 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
13:03:33.0373 4640 Browser - ok
13:03:33.0420 4640 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:03:33.0420 4640 Brserid - ok
13:03:33.0451 4640 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:03:33.0483 4640 BrSerWdm - ok
13:03:33.0545 4640 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:03:33.0545 4640 BrUsbMdm - ok
13:03:33.0561 4640 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:03:33.0561 4640 BrUsbSer - ok
13:03:33.0576 4640 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
13:03:33.0592 4640 BTHMODEM - ok
13:03:33.0639 4640 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
13:03:33.0654 4640 cdfs - ok
13:03:33.0670 4640 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
13:03:33.0685 4640 cdrom - ok
13:03:33.0732 4640 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:03:33.0748 4640 CertPropSvc - ok
13:03:33.0810 4640 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
13:03:33.0841 4640 circlass - ok
13:03:33.0873 4640 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
13:03:33.0873 4640 CLFS - ok
13:03:33.0966 4640 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:03:33.0982 4640 clr_optimization_v2.0.50727_32 - ok
13:03:34.0153 4640 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:03:34.0153 4640 clr_optimization_v4.0.30319_32 - ok
13:03:34.0200 4640 cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys
13:03:34.0216 4640 cmdide - ok
13:03:34.0309 4640 ComcastSecureBackupSharebackup (1255218702d9873021f28fac47c20150) C:\Program Files\SecureBackupShare\ComcastSecureBackupSharebackup.exe
13:03:34.0309 4640 ComcastSecureBackupSharebackup - ok
13:03:34.0325 4640 ComcastSecureBackupShareFilter (b8e08bfcab2be31804cea983d2094faf) C:\Windows\system32\DRIVERS\ComcastSecureBackupShare.sys
13:03:34.0341 4640 ComcastSecureBackupShareFilter - ok
13:03:34.0372 4640 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
13:03:34.0372 4640 Compbatt - ok
13:03:34.0387 4640 COMSysApp - ok
13:03:34.0434 4640 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
13:03:34.0434 4640 crcdisk - ok
13:03:34.0481 4640 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
13:03:34.0497 4640 Crusoe - ok
13:03:34.0543 4640 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
13:03:34.0559 4640 CryptSvc - ok
13:03:34.0606 4640 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:03:34.0621 4640 DcomLaunch - ok
13:03:34.0637 4640 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
13:03:34.0637 4640 DfsC - ok
13:03:34.0731 4640 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
13:03:34.0777 4640 DFSR - ok
13:03:34.0855 4640 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
13:03:34.0855 4640 Dhcp - ok
13:03:34.0887 4640 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
13:03:34.0902 4640 disk - ok
13:03:34.0949 4640 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
13:03:34.0965 4640 Dnscache - ok
13:03:34.0996 4640 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
13:03:35.0011 4640 dot3svc - ok
13:03:35.0074 4640 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
13:03:35.0074 4640 Dot4 - ok
13:03:35.0105 4640 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:03:35.0121 4640 Dot4Print - ok
13:03:35.0183 4640 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
13:03:35.0183 4640 dot4usb - ok
13:03:35.0230 4640 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
13:03:35.0245 4640 DPS - ok
13:03:35.0277 4640 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
13:03:35.0277 4640 drmkaud - ok
13:03:35.0355 4640 DSBrokerService (245f62a2aa67f4a61f10174bf1017327) C:\Program Files\DellSupport\brkrsvc.exe
13:03:35.0355 4640 DSBrokerService - ok
13:03:35.0386 4640 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
13:03:35.0386 4640 DSproct - ok
13:03:35.0417 4640 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
13:03:35.0433 4640 dsunidrv - ok
13:03:35.0479 4640 DXGKrnl (fb85f7f69e9b109820409243f578cc4d) C:\Windows\System32\drivers\dxgkrnl.sys
13:03:35.0511 4640 DXGKrnl - ok
13:03:35.0542 4640 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
13:03:35.0573 4640 e1express - ok
13:03:35.0698 4640 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:03:35.0698 4640 E1G60 - ok
13:03:35.0745 4640 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
13:03:35.0760 4640 EapHost - ok
13:03:35.0791 4640 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
13:03:35.0807 4640 Ecache - ok
13:03:36.0041 4640 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
13:03:36.0150 4640 eeCtrl - ok
13:03:36.0369 4640 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
13:03:36.0384 4640 ehRecvr - ok
13:03:36.0400 4640 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
13:03:36.0400 4640 ehSched - ok
13:03:36.0431 4640 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
13:03:36.0431 4640 ehstart - ok
13:03:36.0525 4640 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
13:03:36.0525 4640 elxstor - ok
13:03:36.0603 4640 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
13:03:36.0649 4640 EMDMgmt - ok
13:03:36.0759 4640 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:03:36.0759 4640 EraserUtilRebootDrv - ok
13:03:36.0790 4640 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
13:03:36.0805 4640 EventSystem - ok
13:03:36.0852 4640 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
13:03:36.0883 4640 exfat - ok
13:03:36.0915 4640 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
13:03:36.0915 4640 fastfat - ok
13:03:37.0008 4640 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
13:03:37.0024 4640 fdc - ok
13:03:37.0055 4640 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
13:03:37.0071 4640 fdPHost - ok
13:03:37.0102 4640 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
13:03:37.0102 4640 FDResPub - ok
13:03:37.0149 4640 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
13:03:37.0258 4640 FileInfo - ok
13:03:37.0461 4640 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
13:03:37.0461 4640 Filetrace - ok
13:03:37.0539 4640 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:03:37.0554 4640 flpydisk - ok
13:03:37.0601 4640 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
13:03:37.0617 4640 FltMgr - ok
13:03:37.0663 4640 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:03:37.0663 4640 FontCache3.0.0.0 - ok
13:03:37.0695 4640 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
13:03:37.0695 4640 Fs_Rec - ok
13:03:37.0741 4640 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
13:03:37.0741 4640 gagp30kx - ok
13:03:37.0804 4640 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:03:37.0819 4640 GEARAspiWDM - ok
13:03:37.0929 4640 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
13:03:37.0944 4640 gpsvc - ok
13:03:38.0038 4640 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:03:38.0038 4640 gupdate - ok
13:03:38.0053 4640 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:03:38.0069 4640 gupdatem - ok
13:03:38.0209 4640 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:03:38.0225 4640 HDAudBus - ok
13:03:38.0256 4640 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:03:38.0256 4640 HidBth - ok
13:03:38.0287 4640 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:03:38.0287 4640 HidIr - ok
13:03:38.0319 4640 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
13:03:38.0319 4640 hidserv - ok
13:03:38.0350 4640 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
13:03:38.0350 4640 HidUsb - ok
13:03:38.0412 4640 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
13:03:38.0428 4640 hkmsvc - ok
13:03:38.0475 4640 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
13:03:38.0475 4640 HpCISSs - ok
13:03:38.0599 4640 hpqcxs08 (cc8a7d8a8dc9f357b57796583cf8b85f) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:03:38.0615 4640 hpqcxs08 - ok
13:03:38.0646 4640 hpqddsvc (4c2ca71caafd2cf1a673fc8dbfd219c4) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:03:38.0662 4640 hpqddsvc - ok
13:03:38.0740 4640 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
13:03:38.0755 4640 HSF_DPV - ok
13:03:38.0802 4640 HSXHWBS2 (ed98350ecd4a5a9c9f1e641c09872bb2) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
13:03:38.0818 4640 HSXHWBS2 - ok
13:03:38.0865 4640 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
13:03:38.0896 4640 HTTP - ok
13:03:38.0943 4640 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
13:03:38.0943 4640 i2omp - ok
13:03:39.0005 4640 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
13:03:39.0036 4640 i8042prt - ok
13:03:39.0192 4640 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
13:03:39.0192 4640 iaStor - ok
13:03:39.0239 4640 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
13:03:39.0270 4640 iaStorV - ok
13:03:39.0364 4640 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:03:39.0379 4640 IDriverT - ok
13:03:39.0598 4640 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:03:39.0629 4640 idsvc - ok
13:03:39.0785 4640 IDSVix86 (b6662611e8fa3a71473c4a9bd0d23755) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120413.001\IDSvix86.sys
13:03:39.0801 4640 IDSVix86 - ok
13:03:39.0972 4640 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
13:03:40.0050 4640 igfx - ok
13:03:40.0097 4640 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:03:40.0113 4640 iirsp - ok
13:03:40.0159 4640 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
13:03:40.0159 4640 IKEEXT - ok
13:03:40.0331 4640 IntcAzAudAddService (f8f53c5449f15b23d4c61d51d2701da8) C:\Windows\system32\drivers\RTKVHDA.sys
13:03:40.0393 4640 IntcAzAudAddService - ok
13:03:40.0409 4640 intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\DRIVERS\intelide.sys
13:03:40.0409 4640 intelide - ok
13:03:40.0471 4640 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
13:03:40.0471 4640 intelppm - ok
13:03:40.0518 4640 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
13:03:40.0518 4640 IPBusEnum - ok
13:03:40.0565 4640 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:03:40.0565 4640 IpFilterDriver - ok
13:03:40.0627 4640 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
13:03:40.0627 4640 iphlpsvc - ok
13:03:40.0643 4640 IpInIp - ok
13:03:40.0705 4640 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
13:03:40.0705 4640 IPMIDRV - ok
13:03:40.0768 4640 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
13:03:40.0768 4640 IPNAT - ok
13:03:40.0846 4640 iPod Service (05cf6a56fbf436c347bb87fd1957adc1) C:\Program Files\iPod\bin\iPodService.exe
13:03:40.0861 4640 iPod Service - ok
13:03:40.0908 4640 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
13:03:40.0955 4640 IRENUM - ok
13:03:40.0971 4640 is3srv - ok
13:03:41.0017 4640 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
13:03:41.0049 4640 isapnp - ok
13:03:41.0095 4640 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
13:03:41.0111 4640 iScsiPrt - ok
13:03:41.0173 4640 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:03:41.0205 4640 iteatapi - ok
13:03:41.0251 4640 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:03:41.0283 4640 iteraid - ok
13:03:41.0314 4640 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:03:41.0329 4640 kbdclass - ok
13:03:41.0361 4640 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
13:03:41.0361 4640 kbdhid - ok
13:03:42.0078 4640 KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:42.0094 4640 KeyIso - ok
13:03:42.0125 4640 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
13:03:42.0141 4640 KSecDD - ok
13:03:42.0203 4640 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
13:03:42.0219 4640 KtmRm - ok
13:03:42.0281 4640 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
13:03:42.0281 4640 LanmanServer - ok
13:03:42.0359 4640 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
13:03:42.0359 4640 LanmanWorkstation - ok
13:03:42.0421 4640 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
13:03:42.0437 4640 lltdio - ok
13:03:42.0515 4640 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
13:03:42.0515 4640 lltdsvc - ok
13:03:42.0593 4640 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
13:03:42.0593 4640 lmhosts - ok
13:03:42.0655 4640 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
13:03:42.0655 4640 LSI_FC - ok
13:03:42.0718 4640 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
13:03:42.0718 4640 LSI_SAS - ok
13:03:42.0796 4640 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
13:03:42.0796 4640 LSI_SCSI - ok
13:03:42.0843 4640 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
13:03:42.0843 4640 luafv - ok
13:03:42.0858 4640 MCSTRM - ok
13:03:42.0936 4640 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
13:03:42.0952 4640 Mcx2Svc - ok
13:03:42.0983 4640 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
13:03:42.0983 4640 mdmxsdk - ok
13:03:43.0030 4640 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
13:03:43.0030 4640 megasas - ok
13:03:43.0077 4640 mferkdk - ok
13:03:43.0123 4640 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:03:43.0139 4640 MMCSS - ok
13:03:43.0156 4640 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
13:03:43.0156 4640 Modem - ok
13:03:43.0212 4640 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
13:03:43.0213 4640 monitor - ok
13:03:43.0244 4640 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
13:03:43.0258 4640 mouclass - ok
13:03:43.0296 4640 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
13:03:43.0299 4640 mouhid - ok
13:03:43.0355 4640 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
13:03:43.0370 4640 MountMgr - ok
13:03:43.0447 4640 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
13:03:43.0493 4640 mpio - ok
13:03:43.0532 4640 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
13:03:43.0541 4640 mpsdrv - ok
13:03:43.0599 4640 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
13:03:43.0623 4640 MpsSvc - ok
13:03:43.0660 4640 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:03:43.0664 4640 Mraid35x - ok
13:03:43.0740 4640 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
13:03:43.0744 4640 MRxDAV - ok
13:03:43.0820 4640 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:03:43.0823 4640 mrxsmb - ok
13:03:43.0882 4640 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:03:43.0887 4640 mrxsmb10 - ok
13:03:43.0949 4640 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:03:43.0957 4640 mrxsmb20 - ok
13:03:43.0998 4640 msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys
13:03:44.0013 4640 msahci - ok
13:03:44.0091 4640 MSCamSvc (31e023681015c35ebfe1498b07813b87) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
13:03:44.0114 4640 MSCamSvc - ok
13:03:44.0183 4640 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
13:03:44.0187 4640 msdsm - ok
13:03:44.0253 4640 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
13:03:44.0259 4640 MSDTC - ok
13:03:44.0352 4640 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
13:03:44.0355 4640 Msfs - ok
13:03:44.0387 4640 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
13:03:44.0407 4640 msisadrv - ok
13:03:44.0483 4640 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
13:03:44.0492 4640 MSiSCSI - ok
13:03:44.0516 4640 msiserver - ok
13:03:44.0650 4640 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
13:03:44.0666 4640 MSKSSRV - ok
13:03:44.0731 4640 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
13:03:44.0734 4640 MSPCLOCK - ok
13:03:44.0812 4640 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
13:03:44.0814 4640 MSPQM - ok
13:03:44.0877 4640 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
13:03:44.0883 4640 MsRPC - ok
13:03:44.0904 4640 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
13:03:44.0906 4640 mssmbios - ok
13:03:44.0937 4640 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
13:03:44.0940 4640 MSTEE - ok
13:03:44.0991 4640 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
13:03:44.0998 4640 Mup - ok
13:03:45.0081 4640 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
13:03:45.0089 4640 N360 - ok
13:03:45.0129 4640 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
13:03:45.0146 4640 napagent - ok
13:03:45.0182 4640 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
13:03:45.0191 4640 NativeWifiP - ok
13:03:45.0506 4640 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120413.025\NAVENG.SYS
13:03:45.0524 4640 NAVENG - ok
13:03:45.0684 4640 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120413.025\NAVEX15.SYS
13:03:45.0855 4640 NAVEX15 - ok
13:03:45.0996 4640 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
13:03:46.0048 4640 NDIS - ok
13:03:46.0086 4640 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
13:03:46.0090 4640 NdisTapi - ok
13:03:46.0271 4640 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
13:03:46.0300 4640 Ndisuio - ok
13:03:46.0342 4640 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:03:46.0357 4640 NdisWan - ok
13:03:46.0409 4640 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
13:03:47.0494 4640 NDProxy - ok
13:03:47.0620 4640 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll
13:03:47.0624 4640 Net Driver HPZ12 - ok
13:03:47.0753 4640 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
13:03:47.0768 4640 NetBIOS - ok
13:03:47.0816 4640 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
13:03:47.0838 4640 netbt - ok
13:03:47.0881 4640 Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:47.0884 4640 Netlogon - ok
13:03:47.0930 4640 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
13:03:47.0937 4640 Netman - ok
13:03:48.0354 4640 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
13:03:48.0362 4640 netprofm - ok
13:03:48.0432 4640 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:03:48.0436 4640 NetTcpPortSharing - ok
13:03:48.0490 4640 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:03:48.0528 4640 nfrd960 - ok
13:03:48.0586 4640 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
13:03:48.0595 4640 NlaSvc - ok
13:03:48.0682 4640 nosGetPlusHelper (0e58f99692802c501454eac3d2ac3394) C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
13:03:48.0707 4640 nosGetPlusHelper - ok
13:03:48.0754 4640 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
13:03:48.0757 4640 Npfs - ok
13:03:48.0829 4640 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
13:03:48.0832 4640 nsi - ok
13:03:48.0863 4640 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
13:03:48.0878 4640 nsiproxy - ok
13:03:48.0961 4640 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
13:03:49.0017 4640 Ntfs - ok
13:03:49.0066 4640 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:03:49.0069 4640 ntrigdigi - ok
13:03:49.0116 4640 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
13:03:49.0127 4640 Null - ok
13:03:49.0168 4640 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
13:03:49.0172 4640 nvraid - ok
13:03:49.0228 4640 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
13:03:49.0257 4640 nvstor - ok
13:03:49.0303 4640 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
13:03:49.0334 4640 nv_agp - ok
13:03:49.0349 4640 NwlnkFlt - ok
13:03:49.0380 4640 NwlnkFwd - ok
13:03:49.0448 4640 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
13:03:49.0471 4640 ohci1394 - ok
13:03:49.0570 4640 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:49.0597 4640 p2pimsvc - ok
13:03:49.0616 4640 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:49.0623 4640 p2psvc - ok
13:03:49.0660 4640 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:03:49.0670 4640 Parport - ok
13:03:49.0725 4640 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
13:03:49.0743 4640 partmgr - ok
13:03:49.0775 4640 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:03:49.0796 4640 Parvdm - ok
13:03:49.0837 4640 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
13:03:49.0845 4640 PcaSvc - ok
13:03:49.0912 4640 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
13:03:49.0949 4640 pci - ok
13:03:50.0003 4640 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
13:03:50.0033 4640 pciide - ok
13:03:50.0279 4640 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
13:03:50.0284 4640 pcmcia - ok
13:03:50.0373 4640 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:03:50.0388 4640 PEAUTH - ok
13:03:50.0484 4640 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
13:03:50.0534 4640 pla - ok
13:03:50.0670 4640 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
13:03:50.0676 4640 PlugPlay - ok
13:03:50.0714 4640 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll
13:03:50.0716 4640 Pml Driver HPZ12 - ok
13:03:50.0776 4640 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:50.0785 4640 PNRPAutoReg - ok
13:03:50.0834 4640 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:50.0842 4640 PNRPsvc - ok
13:03:50.0893 4640 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
13:03:50.0902 4640 PolicyAgent - ok
13:03:50.0995 4640 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
13:03:51.0006 4640 PptpMiniport - ok
13:03:51.0073 4640 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
13:03:51.0076 4640 Processor - ok
13:03:51.0118 4640 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
13:03:51.0125 4640 ProfSvc - ok
13:03:51.0166 4640 ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:51.0169 4640 ProtectedStorage - ok
13:03:51.0221 4640 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
13:03:51.0224 4640 PSched - ok
13:03:51.0395 4640 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
13:03:51.0425 4640 PxHelp20 - ok
13:03:51.0781 4640 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
13:03:51.0818 4640 ql2300 - ok
13:03:51.0865 4640 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:03:51.0890 4640 ql40xx - ok
13:03:51.0948 4640 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
13:03:51.0955 4640 QWAVE - ok
13:03:51.0999 4640 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
13:03:52.0001 4640 QWAVEdrv - ok
13:03:52.0144 4640 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
13:03:52.0243 4640 R300 - ok
13:03:52.0290 4640 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
13:03:52.0290 4640 RasAcd - ok
13:03:52.0336 4640 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
13:03:52.0336 4640 RasAuto - ok
13:03:52.0368 4640 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:03:52.0368 4640 Rasl2tp - ok
13:03:52.0430 4640 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
13:03:52.0430 4640 RasMan - ok
13:03:52.0461 4640 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
13:03:52.0477 4640 RasPppoe - ok
13:03:52.0508 4640 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
13:03:52.0508 4640 RasSstp - ok
13:03:52.0680 4640 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
13:03:52.0726 4640 rdbss - ok
13:03:52.0867 4640 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:03:52.0867 4640 RDPCDD - ok
13:03:53.0007 4640 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
13:03:53.0007 4640 rdpdr - ok
13:03:53.0023 4640 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
13:03:53.0023 4640 RDPENCDD - ok
13:03:53.0054 4640 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
13:03:53.0054 4640 RDPWD - ok
13:03:53.0101 4640 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
13:03:53.0101 4640 RemoteAccess - ok
13:03:53.0132 4640 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
13:03:53.0148 4640 RemoteRegistry - ok
13:03:53.0335 4640 RoxMediaDB9 (ebcde8b48fadc6479d96a56d0a432160) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
13:03:53.0366 4640 RoxMediaDB9 - ok
13:03:53.0428 4640 RoxWatch9 (ab2b1de1c8f31efce2384b14b3dc4260) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
13:03:53.0444 4640 RoxWatch9 - ok
13:03:53.0475 4640 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
13:03:53.0475 4640 RpcLocator - ok
13:03:53.0538 4640 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:03:53.0538 4640 RpcSs - ok
13:03:53.0647 4640 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
13:03:53.0787 4640 rspndr - ok
13:03:53.0912 4640 SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:53.0928 4640 SamSs - ok
13:03:53.0990 4640 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
13:03:54.0006 4640 SASDIFSV - ok
13:03:54.0037 4640 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
13:03:54.0037 4640 SASKUTIL - ok
13:03:54.0068 4640 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:03:54.0084 4640 sbp2port - ok
13:03:54.0130 4640 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
13:03:54.0130 4640 SCardSvr - ok
13:03:54.0208 4640 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
13:03:54.0224 4640 Schedule - ok
13:03:54.0286 4640 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:03:54.0302 4640 SCPolicySvc - ok
13:03:54.0333 4640 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
13:03:54.0349 4640 SDRSVC - ok
13:03:54.0411 4640 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:03:54.0411 4640 secdrv - ok
13:03:54.0489 4640 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
13:03:54.0489 4640 seclogon - ok
13:03:54.0536 4640 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
13:03:54.0536 4640 SENS - ok
13:03:54.0583 4640 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
13:03:54.0583 4640 Serenum - ok
13:03:54.0614 4640 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
13:03:54.0614 4640 Serial - ok
13:03:54.0786 4640 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
13:03:54.0817 4640 sermouse - ok
13:03:54.0910 4640 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
13:03:54.0910 4640 SessionEnv - ok
13:03:54.0957 4640 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
13:03:54.0957 4640 sffdisk - ok
13:03:54.0973 4640 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
13:03:54.0973 4640 sffp_mmc - ok
13:03:55.0004 4640 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
13:03:55.0004 4640 sffp_sd - ok
13:03:55.0020 4640 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:03:55.0020 4640 sfloppy - ok
13:03:55.0066 4640 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
13:03:55.0082 4640 SharedAccess - ok
13:03:55.0113 4640 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
13:03:55.0129 4640 ShellHWDetection - ok
13:03:55.0160 4640 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
13:03:55.0160 4640 sisagp - ok
13:03:55.0176 4640 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
13:03:55.0191 4640 SiSRaid2 - ok
13:03:55.0238 4640 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
13:03:55.0238 4640 SiSRaid4 - ok
13:03:55.0347 4640 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
13:03:55.0503 4640 slsvc - ok
13:03:55.0550 4640 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
13:03:55.0550 4640 SLUINotify - ok
13:03:55.0581 4640 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
13:03:55.0597 4640 Smb - ok
13:03:55.0768 4640 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
13:03:55.0784 4640 SNMPTRAP - ok
13:03:55.0862 4640 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
13:03:55.0893 4640 spldr - ok
13:03:55.0924 4640 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
13:03:55.0924 4640 Spooler - ok
13:03:55.0987 4640 sprtsvc_dellsupportcenter - ok
13:03:56.0221 4640 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\N360\0502000.00D\SRTSP.SYS
13:03:56.0236 4640 SRTSP - ok
13:03:56.0283 4640 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\N360\0502000.00D\SRTSPX.SYS
13:03:56.0299 4640 SRTSPX - ok
13:03:56.0361 4640 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
13:03:56.0377 4640 srv - ok
13:03:56.0455 4640 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
13:03:56.0455 4640 srv2 - ok
13:03:56.0470 4640 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
13:03:56.0470 4640 srvnet - ok
13:03:56.0642 4640 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
13:03:56.0658 4640 SSDPSRV - ok
13:03:56.0938 4640 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
13:03:56.0938 4640 SstpSvc - ok
13:03:57.0141 4640 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
13:03:57.0157 4640 stisvc - ok
13:03:57.0250 4640 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
13:03:57.0266 4640 stllssvr - ok
13:03:57.0297 4640 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
13:03:57.0313 4640 swenum - ok
13:03:57.0360 4640 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
13:03:57.0375 4640 swprv - ok
13:03:57.0406 4640 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:03:57.0453 4640 Symc8xx - ok
13:03:57.0500 4640 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\N360\0502000.00D\SYMDS.SYS
13:03:57.0531 4640 SymDS - ok
13:03:57.0594 4640 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\N360\0502000.00D\SYMEFA.SYS
13:03:57.0625 4640 SymEFA - ok
13:03:57.0687 4640 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
13:03:57.0687 4640 SymEvent - ok
13:03:57.0765 4640 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\N360\0502000.00D\Ironx86.SYS
13:03:57.0781 4640 SymIRON - ok
13:03:57.0843 4640 SYMTDIv (d42a7229e333af725f1445f785e4658d) C:\Windows\System32\Drivers\N360\0502000.00D\SYMTDIV.SYS
13:03:57.0859 4640 SYMTDIv - ok
13:03:57.0890 4640 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:03:57.0906 4640 Sym_hi - ok
13:03:57.0921 4640 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:03:57.0921 4640 Sym_u3 - ok
13:03:58.0436 4640 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
13:03:58.0514 4640 SysMain - ok
13:03:58.0530 4640 szkg5 - ok
13:03:58.0545 4640 szkgfs - ok
13:03:58.0639 4640 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
13:03:58.0654 4640 TabletInputService - ok
13:03:58.0717 4640 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
13:03:58.0717 4640 TapiSrv - ok
13:03:58.0795 4640 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
13:03:58.0795 4640 TBS - ok
13:03:58.0857 4640 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
13:03:58.0904 4640 Tcpip - ok
13:03:58.0935 4640 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
13:03:58.0951 4640 Tcpip6 - ok
13:03:58.0966 4640 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
13:03:58.0966 4640 tcpipreg - ok
13:03:59.0013 4640 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
13:03:59.0029 4640 TDPIPE - ok
13:03:59.0044 4640 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
13:03:59.0076 4640 TDTCP - ok
13:03:59.0107 4640 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
13:03:59.0107 4640 tdx - ok
13:03:59.0169 4640 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
13:03:59.0169 4640 TermDD - ok
13:03:59.0200 4640 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
13:03:59.0216 4640 TermService - ok
13:03:59.0247 4640 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
13:03:59.0247 4640 Themes - ok
13:03:59.0294 4640 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:03:59.0294 4640 THREADORDER - ok
13:03:59.0341 4640 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
13:03:59.0341 4640 TrkWks - ok
13:03:59.0356 4640 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
13:03:59.0372 4640 TrustedInstaller - ok
13:03:59.0419 4640 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:03:59.0450 4640 tssecsrv - ok
13:03:59.0497 4640 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
13:03:59.0512 4640 tunmp - ok
13:03:59.0544 4640 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
13:03:59.0544 4640 tunnel - ok
13:03:59.0606 4640 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
13:03:59.0622 4640 uagp35 - ok
13:03:59.0684 4640 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
13:03:59.0715 4640 udfs - ok
13:03:59.0762 4640 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
13:03:59.0762 4640 UI0Detect - ok
13:03:59.0809 4640 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
13:03:59.0809 4640 uliagpkx - ok
13:03:59.0902 4640 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
13:03:59.0902 4640 uliahci - ok
13:03:59.0980 4640 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:03:59.0980 4640 UlSata - ok
13:04:00.0012 4640 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:04:00.0012 4640 ulsata2 - ok
13:04:00.0058 4640 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
13:04:00.0058 4640 umbus - ok
13:04:00.0090 4640 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
13:04:00.0105 4640 upnphost - ok
13:04:00.0168 4640 USBAAPL (60a68a5ea173a97971ee9f1ff49eb2b3) C:\Windows\system32\Drivers\usbaapl.sys
13:04:00.0183 4640 USBAAPL - ok
13:04:00.0214 4640 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
13:04:00.0214 4640 usbaudio - ok
13:04:00.0277 4640 usbbus (9419faac6552a51542dbba02971c841c) C:\Windows\system32\DRIVERS\lgusbbus.sys
13:04:00.0277 4640 usbbus - ok
13:04:00.0370 4640 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
13:04:00.0386 4640 usbccgp - ok
13:04:00.0464 4640 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:04:00.0480 4640 usbcir - ok
13:04:00.0526 4640 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\Windows\system32\DRIVERS\lgusbdiag.sys
13:04:00.0573 4640 UsbDiag - ok
13:04:00.0620 4640 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
13:04:00.0620 4640 usbehci - ok
13:04:00.0667 4640 UsbGps (071b8e7a0ca11a2a9b32109058136bbe) C:\Windows\system32\DRIVERS\lgusbgps.sys
13:04:00.0698 4640 UsbGps - ok
13:04:00.0760 4640 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
13:04:00.0760 4640 usbhub - ok
13:04:00.0807 4640 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\Windows\system32\DRIVERS\lgusbmodem.sys
13:04:00.0823 4640 USBModem - ok
13:04:00.0854 4640 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
13:04:00.0854 4640 usbohci - ok
13:04:00.0885 4640 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
13:04:00.0901 4640 usbprint - ok
13:04:00.0916 4640 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
13:04:00.0916 4640 usbscan - ok
13:04:00.0963 4640 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:04:00.0963 4640 USBSTOR - ok
13:04:00.0994 4640 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:04:01.0010 4640 usbuhci - ok
13:04:01.0088 4640 usnjsvc (9d19b042a4fd5c02195071ea2fe0c821) C:\Program Files\Windows Live\Messenger\usnsvc.exe
13:04:01.0104 4640 usnjsvc - ok
13:04:01.0135 4640 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
13:04:01.0135 4640 UxSms - ok
13:04:01.0182 4640 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
13:04:01.0197 4640 vds - ok
13:04:01.0244 4640 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
13:04:01.0260 4640 vga - ok
13:04:01.0306 4640 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
13:04:01.0306 4640 VgaSave - ok
13:04:01.0353 4640 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
13:04:01.0353 4640 viaagp - ok
13:04:01.0369 4640 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
13:04:01.0384 4640 ViaC7 - ok
13:04:01.0400 4640 viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys
13:04:01.0416 4640 viaide - ok
13:04:01.0462 4640 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
13:04:01.0462 4640 volmgr - ok
13:04:01.0509 4640 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
13:04:01.0509 4640 volmgrx - ok
13:04:01.0540 4640 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
13:04:01.0572 4640 volsnap - ok
13:04:01.0587 4640 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
13:04:01.0587 4640 vsmraid - ok
13:04:01.0728 4640 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
13:04:01.0743 4640 VSS - ok
13:04:01.0852 4640 VX3000 (42870675b4d84acd81a9da69b83f14c5) C:\Windows\system32\DRIVERS\VX3000.sys
13:04:01.0915 4640 VX3000 - ok
13:04:01.0946 4640 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
13:04:01.0962 4640 W32Time - ok
13:04:02.0008 4640 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
13:04:02.0008 4640 WacomPen - ok
13:04:02.0055 4640 Wanarp &
-
I tried to edit the previous reply because it was incorrect. Here are the correct before and after results
13:02:23.0768 5980 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
13:02:25.0781 5980 ============================================================
13:02:25.0781 5980 Current date / time: 2012/04/14 13:02:25.0781
13:02:25.0781 5980 SystemInfo:
13:02:25.0781 5980
13:02:25.0781 5980 OS Version: 6.0.6002 ServicePack: 2.0
13:02:25.0781 5980 Product type: Workstation
13:02:25.0781 5980 ComputerName: KILE-PC
13:02:25.0781 5980 UserName: Kile
13:02:25.0781 5980 Windows directory: C:\Windows
13:02:25.0781 5980 System windows directory: C:\Windows
13:02:25.0781 5980 Processor architecture: Intel x86
13:02:25.0781 5980 Number of processors: 2
13:02:25.0781 5980 Page size: 0x1000
13:02:25.0781 5980 Boot type: Normal boot
13:02:25.0781 5980 ============================================================
13:02:30.0305 5980 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:02:30.0320 5980 \Device\Harddisk0\DR0:
13:02:30.0320 5980 MBR used
13:02:30.0320 5980 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x1400000
13:02:30.0320 5980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1418000, BlocksNum 0x24016000
13:02:30.0398 5980 Initialize success
13:02:30.0398 5980 ============================================================
13:03:26.0541 4640 ============================================================
13:03:26.0541 4640 Scan started
13:03:26.0541 4640 Mode: Manual;
13:03:26.0541 4640 ============================================================
13:03:29.0505 4640 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
13:03:29.0520 4640 !SASCORE - ok
13:03:29.0661 4640 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:03:29.0661 4640 ACDaemon - ok
13:03:29.0879 4640 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
13:03:29.0879 4640 ACPI - ok
13:03:29.0941 4640 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:03:29.0941 4640 AdobeARMservice - ok
13:03:30.0035 4640 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
13:03:30.0051 4640 adp94xx - ok
13:03:30.0082 4640 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
13:03:30.0082 4640 adpahci - ok
13:03:30.0129 4640 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
13:03:30.0129 4640 adpu160m - ok
13:03:30.0160 4640 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
13:03:30.0160 4640 adpu320 - ok
13:03:30.0191 4640 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
13:03:30.0207 4640 AeLookupSvc - ok
13:03:30.0238 4640 AERTFilters (330a1e4df07c2e29949ed8631cd8828e) C:\Windows\system32\AERTSrv.exe
13:03:30.0238 4640 AERTFilters - ok
13:03:30.0300 4640 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
13:03:30.0316 4640 Afc - ok
13:03:30.0534 4640 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
13:03:30.0581 4640 AFD - ok
13:03:30.0815 4640 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
13:03:30.0831 4640 agp440 - ok
13:03:30.0877 4640 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:03:30.0909 4640 aic78xx - ok
13:03:30.0940 4640 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
13:03:30.0955 4640 ALG - ok
13:03:31.0002 4640 aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys
13:03:31.0018 4640 aliide - ok
13:03:31.0065 4640 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
13:03:31.0080 4640 amdagp - ok
13:03:31.0111 4640 amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys
13:03:31.0127 4640 amdide - ok
13:03:31.0158 4640 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
13:03:31.0189 4640 AmdK7 - ok
13:03:31.0236 4640 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
13:03:31.0267 4640 AmdK8 - ok
13:03:31.0345 4640 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
13:03:31.0377 4640 Appinfo - ok
13:03:31.0455 4640 Apple Mobile Device (7e94e567c1aa5abe6174032b3dab6c23) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
13:03:31.0470 4640 Apple Mobile Device - ok
13:03:31.0517 4640 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
13:03:31.0533 4640 arc - ok
13:03:31.0611 4640 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
13:03:31.0642 4640 arcsas - ok
13:03:31.0720 4640 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
13:03:31.0751 4640 AsyncMac - ok
13:03:31.0845 4640 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
13:03:31.0845 4640 atapi - ok
13:03:31.0907 4640 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:03:31.0923 4640 AudioEndpointBuilder - ok
13:03:31.0954 4640 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:03:31.0969 4640 Audiosrv - ok
13:03:32.0016 4640 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
13:03:32.0032 4640 Beep - ok
13:03:32.0094 4640 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
13:03:32.0110 4640 BFE - ok
13:03:32.0266 4640 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120402.001\BHDrvx86.sys
13:03:32.0297 4640 BHDrvx86 - ok
13:03:32.0859 4640 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
13:03:32.0874 4640 BITS - ok
13:03:32.0905 4640 blbdrive - ok
13:03:32.0999 4640 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe
13:03:33.0015 4640 Bonjour Service - ok
13:03:33.0108 4640 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
13:03:33.0202 4640 bowser - ok
13:03:33.0249 4640 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:03:33.0249 4640 BrFiltLo - ok
13:03:33.0280 4640 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:03:33.0311 4640 BrFiltUp - ok
13:03:33.0373 4640 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
13:03:33.0373 4640 Browser - ok
13:03:33.0420 4640 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:03:33.0420 4640 Brserid - ok
13:03:33.0451 4640 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:03:33.0483 4640 BrSerWdm - ok
13:03:33.0545 4640 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:03:33.0545 4640 BrUsbMdm - ok
13:03:33.0561 4640 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:03:33.0561 4640 BrUsbSer - ok
13:03:33.0576 4640 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
13:03:33.0592 4640 BTHMODEM - ok
13:03:33.0639 4640 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
13:03:33.0654 4640 cdfs - ok
13:03:33.0670 4640 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
13:03:33.0685 4640 cdrom - ok
13:03:33.0732 4640 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:03:33.0748 4640 CertPropSvc - ok
13:03:33.0810 4640 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
13:03:33.0841 4640 circlass - ok
13:03:33.0873 4640 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
13:03:33.0873 4640 CLFS - ok
13:03:33.0966 4640 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:03:33.0982 4640 clr_optimization_v2.0.50727_32 - ok
13:03:34.0153 4640 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:03:34.0153 4640 clr_optimization_v4.0.30319_32 - ok
13:03:34.0200 4640 cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys
13:03:34.0216 4640 cmdide - ok
13:03:34.0309 4640 ComcastSecureBackupSharebackup (1255218702d9873021f28fac47c20150) C:\Program Files\SecureBackupShare\ComcastSecureBackupSharebackup.exe
13:03:34.0309 4640 ComcastSecureBackupSharebackup - ok
13:03:34.0325 4640 ComcastSecureBackupShareFilter (b8e08bfcab2be31804cea983d2094faf) C:\Windows\system32\DRIVERS\ComcastSecureBackupShare.sys
13:03:34.0341 4640 ComcastSecureBackupShareFilter - ok
13:03:34.0372 4640 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
13:03:34.0372 4640 Compbatt - ok
13:03:34.0387 4640 COMSysApp - ok
13:03:34.0434 4640 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
13:03:34.0434 4640 crcdisk - ok
13:03:34.0481 4640 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
13:03:34.0497 4640 Crusoe - ok
13:03:34.0543 4640 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
13:03:34.0559 4640 CryptSvc - ok
13:03:34.0606 4640 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:03:34.0621 4640 DcomLaunch - ok
13:03:34.0637 4640 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
13:03:34.0637 4640 DfsC - ok
13:03:34.0731 4640 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
13:03:34.0777 4640 DFSR - ok
13:03:34.0855 4640 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
13:03:34.0855 4640 Dhcp - ok
13:03:34.0887 4640 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
13:03:34.0902 4640 disk - ok
13:03:34.0949 4640 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
13:03:34.0965 4640 Dnscache - ok
13:03:34.0996 4640 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
13:03:35.0011 4640 dot3svc - ok
13:03:35.0074 4640 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
13:03:35.0074 4640 Dot4 - ok
13:03:35.0105 4640 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:03:35.0121 4640 Dot4Print - ok
13:03:35.0183 4640 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
13:03:35.0183 4640 dot4usb - ok
13:03:35.0230 4640 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
13:03:35.0245 4640 DPS - ok
13:03:35.0277 4640 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
13:03:35.0277 4640 drmkaud - ok
13:03:35.0355 4640 DSBrokerService (245f62a2aa67f4a61f10174bf1017327) C:\Program Files\DellSupport\brkrsvc.exe
13:03:35.0355 4640 DSBrokerService - ok
13:03:35.0386 4640 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
13:03:35.0386 4640 DSproct - ok
13:03:35.0417 4640 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
13:03:35.0433 4640 dsunidrv - ok
13:03:35.0479 4640 DXGKrnl (fb85f7f69e9b109820409243f578cc4d) C:\Windows\System32\drivers\dxgkrnl.sys
13:03:35.0511 4640 DXGKrnl - ok
13:03:35.0542 4640 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
13:03:35.0573 4640 e1express - ok
13:03:35.0698 4640 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:03:35.0698 4640 E1G60 - ok
13:03:35.0745 4640 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
13:03:35.0760 4640 EapHost - ok
13:03:35.0791 4640 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
13:03:35.0807 4640 Ecache - ok
13:03:36.0041 4640 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
13:03:36.0150 4640 eeCtrl - ok
13:03:36.0369 4640 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
13:03:36.0384 4640 ehRecvr - ok
13:03:36.0400 4640 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
13:03:36.0400 4640 ehSched - ok
13:03:36.0431 4640 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
13:03:36.0431 4640 ehstart - ok
13:03:36.0525 4640 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
13:03:36.0525 4640 elxstor - ok
13:03:36.0603 4640 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
13:03:36.0649 4640 EMDMgmt - ok
13:03:36.0759 4640 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:03:36.0759 4640 EraserUtilRebootDrv - ok
13:03:36.0790 4640 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
13:03:36.0805 4640 EventSystem - ok
13:03:36.0852 4640 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
13:03:36.0883 4640 exfat - ok
13:03:36.0915 4640 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
13:03:36.0915 4640 fastfat - ok
13:03:37.0008 4640 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
13:03:37.0024 4640 fdc - ok
13:03:37.0055 4640 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
13:03:37.0071 4640 fdPHost - ok
13:03:37.0102 4640 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
13:03:37.0102 4640 FDResPub - ok
13:03:37.0149 4640 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
13:03:37.0258 4640 FileInfo - ok
13:03:37.0461 4640 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
13:03:37.0461 4640 Filetrace - ok
13:03:37.0539 4640 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:03:37.0554 4640 flpydisk - ok
13:03:37.0601 4640 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
13:03:37.0617 4640 FltMgr - ok
13:03:37.0663 4640 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:03:37.0663 4640 FontCache3.0.0.0 - ok
13:03:37.0695 4640 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
13:03:37.0695 4640 Fs_Rec - ok
13:03:37.0741 4640 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
13:03:37.0741 4640 gagp30kx - ok
13:03:37.0804 4640 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:03:37.0819 4640 GEARAspiWDM - ok
13:03:37.0929 4640 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
13:03:37.0944 4640 gpsvc - ok
13:03:38.0038 4640 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:03:38.0038 4640 gupdate - ok
13:03:38.0053 4640 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:03:38.0069 4640 gupdatem - ok
13:03:38.0209 4640 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:03:38.0225 4640 HDAudBus - ok
13:03:38.0256 4640 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:03:38.0256 4640 HidBth - ok
13:03:38.0287 4640 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:03:38.0287 4640 HidIr - ok
13:03:38.0319 4640 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
13:03:38.0319 4640 hidserv - ok
13:03:38.0350 4640 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
13:03:38.0350 4640 HidUsb - ok
13:03:38.0412 4640 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
13:03:38.0428 4640 hkmsvc - ok
13:03:38.0475 4640 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
13:03:38.0475 4640 HpCISSs - ok
13:03:38.0599 4640 hpqcxs08 (cc8a7d8a8dc9f357b57796583cf8b85f) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:03:38.0615 4640 hpqcxs08 - ok
13:03:38.0646 4640 hpqddsvc (4c2ca71caafd2cf1a673fc8dbfd219c4) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:03:38.0662 4640 hpqddsvc - ok
13:03:38.0740 4640 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
13:03:38.0755 4640 HSF_DPV - ok
13:03:38.0802 4640 HSXHWBS2 (ed98350ecd4a5a9c9f1e641c09872bb2) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
13:03:38.0818 4640 HSXHWBS2 - ok
13:03:38.0865 4640 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
13:03:38.0896 4640 HTTP - ok
13:03:38.0943 4640 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
13:03:38.0943 4640 i2omp - ok
13:03:39.0005 4640 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
13:03:39.0036 4640 i8042prt - ok
13:03:39.0192 4640 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
13:03:39.0192 4640 iaStor - ok
13:03:39.0239 4640 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
13:03:39.0270 4640 iaStorV - ok
13:03:39.0364 4640 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:03:39.0379 4640 IDriverT - ok
13:03:39.0598 4640 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:03:39.0629 4640 idsvc - ok
13:03:39.0785 4640 IDSVix86 (b6662611e8fa3a71473c4a9bd0d23755) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120413.001\IDSvix86.sys
13:03:39.0801 4640 IDSVix86 - ok
13:03:39.0972 4640 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
13:03:40.0050 4640 igfx - ok
13:03:40.0097 4640 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:03:40.0113 4640 iirsp - ok
13:03:40.0159 4640 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
13:03:40.0159 4640 IKEEXT - ok
13:03:40.0331 4640 IntcAzAudAddService (f8f53c5449f15b23d4c61d51d2701da8) C:\Windows\system32\drivers\RTKVHDA.sys
13:03:40.0393 4640 IntcAzAudAddService - ok
13:03:40.0409 4640 intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\DRIVERS\intelide.sys
13:03:40.0409 4640 intelide - ok
13:03:40.0471 4640 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
13:03:40.0471 4640 intelppm - ok
13:03:40.0518 4640 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
13:03:40.0518 4640 IPBusEnum - ok
13:03:40.0565 4640 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:03:40.0565 4640 IpFilterDriver - ok
13:03:40.0627 4640 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
13:03:40.0627 4640 iphlpsvc - ok
13:03:40.0643 4640 IpInIp - ok
13:03:40.0705 4640 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
13:03:40.0705 4640 IPMIDRV - ok
13:03:40.0768 4640 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
13:03:40.0768 4640 IPNAT - ok
13:03:40.0846 4640 iPod Service (05cf6a56fbf436c347bb87fd1957adc1) C:\Program Files\iPod\bin\iPodService.exe
13:03:40.0861 4640 iPod Service - ok
13:03:40.0908 4640 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
13:03:40.0955 4640 IRENUM - ok
13:03:40.0971 4640 is3srv - ok
13:03:41.0017 4640 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
13:03:41.0049 4640 isapnp - ok
13:03:41.0095 4640 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
13:03:41.0111 4640 iScsiPrt - ok
13:03:41.0173 4640 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:03:41.0205 4640 iteatapi - ok
13:03:41.0251 4640 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:03:41.0283 4640 iteraid - ok
13:03:41.0314 4640 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:03:41.0329 4640 kbdclass - ok
13:03:41.0361 4640 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
13:03:41.0361 4640 kbdhid - ok
13:03:42.0078 4640 KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:42.0094 4640 KeyIso - ok
13:03:42.0125 4640 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
13:03:42.0141 4640 KSecDD - ok
13:03:42.0203 4640 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
13:03:42.0219 4640 KtmRm - ok
13:03:42.0281 4640 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
13:03:42.0281 4640 LanmanServer - ok
13:03:42.0359 4640 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
13:03:42.0359 4640 LanmanWorkstation - ok
13:03:42.0421 4640 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
13:03:42.0437 4640 lltdio - ok
13:03:42.0515 4640 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
13:03:42.0515 4640 lltdsvc - ok
13:03:42.0593 4640 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
13:03:42.0593 4640 lmhosts - ok
13:03:42.0655 4640 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
13:03:42.0655 4640 LSI_FC - ok
13:03:42.0718 4640 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
13:03:42.0718 4640 LSI_SAS - ok
13:03:42.0796 4640 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
13:03:42.0796 4640 LSI_SCSI - ok
13:03:42.0843 4640 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
13:03:42.0843 4640 luafv - ok
13:03:42.0858 4640 MCSTRM - ok
13:03:42.0936 4640 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
13:03:42.0952 4640 Mcx2Svc - ok
13:03:42.0983 4640 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
13:03:42.0983 4640 mdmxsdk - ok
13:03:43.0030 4640 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
13:03:43.0030 4640 megasas - ok
13:03:43.0077 4640 mferkdk - ok
13:03:43.0123 4640 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:03:43.0139 4640 MMCSS - ok
13:03:43.0156 4640 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
13:03:43.0156 4640 Modem - ok
13:03:43.0212 4640 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
13:03:43.0213 4640 monitor - ok
13:03:43.0244 4640 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
13:03:43.0258 4640 mouclass - ok
13:03:43.0296 4640 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
13:03:43.0299 4640 mouhid - ok
13:03:43.0355 4640 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
13:03:43.0370 4640 MountMgr - ok
13:03:43.0447 4640 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
13:03:43.0493 4640 mpio - ok
13:03:43.0532 4640 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
13:03:43.0541 4640 mpsdrv - ok
13:03:43.0599 4640 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
13:03:43.0623 4640 MpsSvc - ok
13:03:43.0660 4640 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:03:43.0664 4640 Mraid35x - ok
13:03:43.0740 4640 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
13:03:43.0744 4640 MRxDAV - ok
13:03:43.0820 4640 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:03:43.0823 4640 mrxsmb - ok
13:03:43.0882 4640 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:03:43.0887 4640 mrxsmb10 - ok
13:03:43.0949 4640 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:03:43.0957 4640 mrxsmb20 - ok
13:03:43.0998 4640 msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys
13:03:44.0013 4640 msahci - ok
13:03:44.0091 4640 MSCamSvc (31e023681015c35ebfe1498b07813b87) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
13:03:44.0114 4640 MSCamSvc - ok
13:03:44.0183 4640 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
13:03:44.0187 4640 msdsm - ok
13:03:44.0253 4640 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
13:03:44.0259 4640 MSDTC - ok
13:03:44.0352 4640 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
13:03:44.0355 4640 Msfs - ok
13:03:44.0387 4640 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
13:03:44.0407 4640 msisadrv - ok
13:03:44.0483 4640 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
13:03:44.0492 4640 MSiSCSI - ok
13:03:44.0516 4640 msiserver - ok
13:03:44.0650 4640 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
13:03:44.0666 4640 MSKSSRV - ok
13:03:44.0731 4640 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
13:03:44.0734 4640 MSPCLOCK - ok
13:03:44.0812 4640 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
13:03:44.0814 4640 MSPQM - ok
13:03:44.0877 4640 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
13:03:44.0883 4640 MsRPC - ok
13:03:44.0904 4640 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
13:03:44.0906 4640 mssmbios - ok
13:03:44.0937 4640 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
13:03:44.0940 4640 MSTEE - ok
13:03:44.0991 4640 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
13:03:44.0998 4640 Mup - ok
13:03:45.0081 4640 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
13:03:45.0089 4640 N360 - ok
13:03:45.0129 4640 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
13:03:45.0146 4640 napagent - ok
13:03:45.0182 4640 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
13:03:45.0191 4640 NativeWifiP - ok
13:03:45.0506 4640 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120413.025\NAVENG.SYS
13:03:45.0524 4640 NAVENG - ok
13:03:45.0684 4640 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120413.025\NAVEX15.SYS
13:03:45.0855 4640 NAVEX15 - ok
13:03:45.0996 4640 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
13:03:46.0048 4640 NDIS - ok
13:03:46.0086 4640 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
13:03:46.0090 4640 NdisTapi - ok
13:03:46.0271 4640 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
13:03:46.0300 4640 Ndisuio - ok
13:03:46.0342 4640 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:03:46.0357 4640 NdisWan - ok
13:03:46.0409 4640 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
13:03:47.0494 4640 NDProxy - ok
13:03:47.0620 4640 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll
13:03:47.0624 4640 Net Driver HPZ12 - ok
13:03:47.0753 4640 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
13:03:47.0768 4640 NetBIOS - ok
13:03:47.0816 4640 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
13:03:47.0838 4640 netbt - ok
13:03:47.0881 4640 Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:47.0884 4640 Netlogon - ok
13:03:47.0930 4640 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
13:03:47.0937 4640 Netman - ok
13:03:48.0354 4640 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
13:03:48.0362 4640 netprofm - ok
13:03:48.0432 4640 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:03:48.0436 4640 NetTcpPortSharing - ok
13:03:48.0490 4640 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:03:48.0528 4640 nfrd960 - ok
13:03:48.0586 4640 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
13:03:48.0595 4640 NlaSvc - ok
13:03:48.0682 4640 nosGetPlusHelper (0e58f99692802c501454eac3d2ac3394) C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
13:03:48.0707 4640 nosGetPlusHelper - ok
13:03:48.0754 4640 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
13:03:48.0757 4640 Npfs - ok
13:03:48.0829 4640 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
13:03:48.0832 4640 nsi - ok
13:03:48.0863 4640 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
13:03:48.0878 4640 nsiproxy - ok
13:03:48.0961 4640 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
13:03:49.0017 4640 Ntfs - ok
13:03:49.0066 4640 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:03:49.0069 4640 ntrigdigi - ok
13:03:49.0116 4640 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
13:03:49.0127 4640 Null - ok
13:03:49.0168 4640 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
13:03:49.0172 4640 nvraid - ok
13:03:49.0228 4640 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
13:03:49.0257 4640 nvstor - ok
13:03:49.0303 4640 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
13:03:49.0334 4640 nv_agp - ok
13:03:49.0349 4640 NwlnkFlt - ok
13:03:49.0380 4640 NwlnkFwd - ok
13:03:49.0448 4640 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
13:03:49.0471 4640 ohci1394 - ok
13:03:49.0570 4640 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:49.0597 4640 p2pimsvc - ok
13:03:49.0616 4640 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:49.0623 4640 p2psvc - ok
13:03:49.0660 4640 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:03:49.0670 4640 Parport - ok
13:03:49.0725 4640 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
13:03:49.0743 4640 partmgr - ok
13:03:49.0775 4640 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:03:49.0796 4640 Parvdm - ok
13:03:49.0837 4640 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
13:03:49.0845 4640 PcaSvc - ok
13:03:49.0912 4640 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
13:03:49.0949 4640 pci - ok
13:03:50.0003 4640 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
13:03:50.0033 4640 pciide - ok
13:03:50.0279 4640 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
13:03:50.0284 4640 pcmcia - ok
13:03:50.0373 4640 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:03:50.0388 4640 PEAUTH - ok
13:03:50.0484 4640 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
13:03:50.0534 4640 pla - ok
13:03:50.0670 4640 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
13:03:50.0676 4640 PlugPlay - ok
13:03:50.0714 4640 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll
13:03:50.0716 4640 Pml Driver HPZ12 - ok
13:03:50.0776 4640 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:50.0785 4640 PNRPAutoReg - ok
13:03:50.0834 4640 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:50.0842 4640 PNRPsvc - ok
13:03:50.0893 4640 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
13:03:50.0902 4640 PolicyAgent - ok
13:03:50.0995 4640 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
13:03:51.0006 4640 PptpMiniport - ok
13:03:51.0073 4640 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
13:03:51.0076 4640 Processor - ok
13:03:51.0118 4640 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
13:03:51.0125 4640 ProfSvc - ok
13:03:51.0166 4640 ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:51.0169 4640 ProtectedStorage - ok
13:03:51.0221 4640 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
13:03:51.0224 4640 PSched - ok
13:03:51.0395 4640 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
13:03:51.0425 4640 PxHelp20 - ok
13:03:51.0781 4640 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
13:03:51.0818 4640 ql2300 - ok
13:03:51.0865 4640 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:03:51.0890 4640 ql40xx - ok
13:03:51.0948 4640 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
13:03:51.0955 4640 QWAVE - ok
13:03:51.0999 4640 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
13:03:52.0001 4640 QWAVEdrv - ok
13:03:52.0144 4640 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
13:03:52.0243 4640 R300 - ok
13:03:52.0290 4640 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
13:03:52.0290 4640 RasAcd - ok
13:03:52.0336 4640 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
13:03:52.0336 4640 RasAuto - ok
13:03:52.0368 4640 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:03:52.0368 4640 Rasl2tp - ok
13:03:52.0430 4640 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
13:03:52.0430 4640 RasMan - ok
13:03:52.0461 4640 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
13:03:52.0477 4640 RasPppoe - ok
13:03:52.0508 4640 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
13:03:52.0508 4640 RasSstp - ok
13:03:52.0680 4640 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
13:03:52.0726 4640 rdbss - ok
13:03:52.0867 4640 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:03:52.0867 4640 RDPCDD - ok
13:03:53.0007 4640 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
13:03:53.0007 4640 rdpdr - ok
13:03:53.0023 4640 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
13:03:53.0023 4640 RDPENCDD - ok
13:03:53.0054 4640 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
13:03:53.0054 4640 RDPWD - ok
13:03:53.0101 4640 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
13:03:53.0101 4640 RemoteAccess - ok
13:03:53.0132 4640 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
13:03:53.0148 4640 RemoteRegistry - ok
13:03:53.0335 4640 RoxMediaDB9 (ebcde8b48fadc6479d96a56d0a432160) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
13:03:53.0366 4640 RoxMediaDB9 - ok
13:03:53.0428 4640 RoxWatch9 (ab2b1de1c8f31efce2384b14b3dc4260) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
13:03:53.0444 4640 RoxWatch9 - ok
13:03:53.0475 4640 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
13:03:53.0475 4640 RpcLocator - ok
13:03:53.0538 4640 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:03:53.0538 4640 RpcSs - ok
13:03:53.0647 4640 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
13:03:53.0787 4640 rspndr - ok
13:03:53.0912 4640 SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:53.0928 4640 SamSs - ok
13:03:53.0990 4640 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
13:03:54.0006 4640 SASDIFSV - ok
13:03:54.0037 4640 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
13:03:54.0037 4640 SASKUTIL - ok
13:03:54.0068 4640 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:03:54.0084 4640 sbp2port - ok
13:03:54.0130 4640 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
13:03:54.0130 4640 SCardSvr - ok
13:03:54.0208 4640 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
13:03:54.0224 4640 Schedule - ok
13:03:54.0286 4640 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:03:54.0302 4640 SCPolicySvc - ok
13:03:54.0333 4640 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
13:03:54.0349 4640 SDRSVC - ok
13:03:54.0411 4640 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:03:54.0411 4640 secdrv - ok
13:03:54.0489 4640 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
13:03:54.0489 4640 seclogon - ok
13:03:54.0536 4640 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
13:03:54.0536 4640 SENS - ok
13:03:54.0583 4640 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
13:03:54.0583 4640 Serenum - ok
13:03:54.0614 4640 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
13:03:54.0614 4640 Serial - ok
13:03:54.0786 4640 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
13:03:54.0817 4640 sermouse - ok
13:03:54.0910 4640 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
13:03:54.0910 4640 SessionEnv - ok
13:03:54.0957 4640 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
13:03:54.0957 4640 sffdisk - ok
13:03:54.0973 4640 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
13:03:54.0973 4640 sffp_mmc - ok
13:03:55.0004 4640 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
13:03:55.0004 4640 sffp_sd - ok
13:03:55.0020 4640 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:03:55.0020 4640 sfloppy - ok
13:03:55.0066 4640 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
13:03:55.0082 4640 SharedAccess - ok
13:03:55.0113 4640 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
13:03:55.0129 4640 ShellHWDetection - ok
13:03:55.0160 4640 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
13:03:55.0160 4640 sisagp - ok
13:03:55.0176 4640 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
13:03:55.0191 4640 SiSRaid2 - ok
13:03:55.0238 4640 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
13:03:55.0238 4640 SiSRaid4 - ok
13:03:55.0347 4640 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
13:03:55.0503 4640 slsvc - ok
13:03:55.0550 4640 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
13:03:55.0550 4640 SLUINotify - ok
13:03:55.0581 4640 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
13:03:55.0597 4640 Smb - ok
13:03:55.0768 4640 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
13:03:55.0784 4640 SNMPTRAP - ok
13:03:55.0862 4640 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
13:03:55.0893 4640 spldr - ok
13:03:55.0924 4640 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
13:03:55.0924 4640 Spooler - ok
13:03:55.0987 4640 sprtsvc_dellsupportcenter - ok
13:03:56.0221 4640 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\N360\0502000.00D\SRTSP.SYS
13:03:56.0236 4640 SRTSP - ok
13:03:56.0283 4640 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\N360\0502000.00D\SRTSPX.SYS
13:03:56.0299 4640 SRTSPX - ok
13:03:56.0361 4640 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
13:03:56.0377 4640 srv - ok
13:03:56.0455 4640 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
13:03:56.0455 4640 srv2 - ok
13:03:56.0470 4640 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
13:03:56.0470 4640 srvnet - ok
13:03:56.0642 4640 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
13:03:56.0658 4640 SSDPSRV - ok
13:03:56.0938 4640 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
13:03:56.0938 4640 SstpSvc - ok
13:03:57.0141 4640 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
13:03:57.0157 4640 stisvc - ok
13:03:57.0250 4640 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
13:03:57.0266 4640 stllssvr - ok
13:03:57.0297 4640 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
13:03:57.0313 4640 swenum - ok
13:03:57.0360 4640 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
13:03:57.0375 4640 swprv - ok
13:03:57.0406 4640 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:03:57.0453 4640 Symc8xx - ok
13:03:57.0500 4640 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\N360\0502000.00D\SYMDS.SYS
13:03:57.0531 4640 SymDS - ok
13:03:57.0594 4640 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\N360\0502000.00D\SYMEFA.SYS
13:03:57.0625 4640 SymEFA - ok
13:03:57.0687 4640 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
13:03:57.0687 4640 SymEvent - ok
13:03:57.0765 4640 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\N360\0502000.00D\Ironx86.SYS
13:03:57.0781 4640 SymIRON - ok
13:03:57.0843 4640 SYMTDIv (d42a7229e333af725f1445f785e4658d) C:\Windows\System32\Drivers\N360\0502000.00D\SYMTDIV.SYS
13:03:57.0859 4640 SYMTDIv - ok
13:03:57.0890 4640 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:03:57.0906 4640 Sym_hi - ok
13:03:57.0921 4640 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:03:57.0921 4640 Sym_u3 - ok
13:03:58.0436 4640 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
13:03:58.0514 4640 SysMain - ok
13:03:58.0530 4640 szkg5 - ok
13:03:58.0545 4640 szkgfs - ok
13:03:58.0639 4640 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
13:03:58.0654 4640 TabletInputService - ok
13:03:58.0717 4640 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
13:03:58.0717 4640 TapiSrv - ok
13:03:58.0795 4640 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
13:03:58.0795 4640 TBS - ok
13:03:58.0857 4640 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
13:03:58.0904 4640 Tcpip - ok
13:03:58.0935 4640 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
13:03:58.0951 4640 Tcpip6 - ok
13:03:58.0966 4640 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
13:03:58.0966 4640 tcpipreg - ok
13:03:59.0013 4640 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
13:03:59.0029 4640 TDPIPE - ok
13:03:59.0044 4640 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
13:03:59.0076 4640 TDTCP - ok
13:03:59.0107 4640 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
13:03:59.0107 4640 tdx - ok
13:03:59.0169 4640 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
13:03:59.0169 4640 TermDD - ok
13:03:59.0200 4640 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
13:03:59.0216 4640 TermService - ok
13:03:59.0247 4640 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
13:03:59.0247 4640 Themes - ok
13:03:59.0294 4640 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:03:59.0294 4640 THREADORDER - ok
13:03:59.0341 4640 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
13:03:59.0341 4640 TrkWks - ok
13:03:59.0356 4640 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
13:03:59.0372 4640 TrustedInstaller - ok
13:03:59.0419 4640 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:03:59.0450 4640 tssecsrv - ok
13:03:59.0497 4640 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
13:03:59.0512 4640 tunmp - ok
13:03:59.0544 4640 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
13:03:59.0544 4640 tunnel - ok
13:03:59.0606 4640 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
13:03:59.0622 4640 uagp35 - ok
13:03:59.0684 4640 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
13:03:59.0715 4640 udfs - ok
13:03:59.0762 4640 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
13:03:59.0762 4640 UI0Detect - ok
13:03:59.0809 4640 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
13:03:59.0809 4640 uliagpkx - ok
13:03:59.0902 4640 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
13:03:59.0902 4640 uliahci - ok
13:03:59.0980 4640 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:03:59.0980 4640 UlSata - ok
13:04:00.0012 4640 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:04:00.0012 4640 ulsata2 - ok
13:04:00.0058 4640 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
13:04:00.0058 4640 umbus - ok
13:04:00.0090 4640 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
13:04:00.0105 4640 upnphost - ok
13:04:00.0168 4640 USBAAPL (60a68a5ea173a97971ee9f1ff49eb2b3) C:\Windows\system32\Drivers\usbaapl.sys
13:04:00.0183 4640 USBAAPL - ok
13:04:00.0214 4640 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
13:04:00.0214 4640 usbaudio - ok
13:04:00.0277 4640 usbbus (9419faac6552a51542dbba02971c841c) C:\Windows\system32\DRIVERS\lgusbbus.sys
13:04:00.0277 4640 usbbus - ok
13:04:00.0370 4640 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
13:04:00.0386 4640 usbccgp - ok
13:04:00.0464 4640 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:04:00.0480 4640 usbcir - ok
13:04:00.0526 4640 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\Windows\system32\DRIVERS\lgusbdiag.sys
13:04:00.0573 4640 UsbDiag - ok
13:04:00.0620 4640 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
13:04:00.0620 4640 usbehci - ok
13:04:00.0667 4640 UsbGps (071b8e7a0ca11a2a9b32109058136bbe) C:\Windows\system32\DRIVERS\lgusbgps.sys
13:04:00.0698 4640 UsbGps - ok
13:04:00.0760 4640 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
13:04:00.0760 4640 usbhub - ok
13:04:00.0807 4640 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\Windows\system32\DRIVERS\lgusbmodem.sys
13:04:00.0823 4640 USBModem - ok
13:04:00.0854 4640 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
13:04:00.0854 4640 usbohci - ok
13:04:00.0885 4640 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
13:04:00.0901 4640 usbprint - ok
13:04:00.0916 4640 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
13:04:00.0916 4640 usbscan - ok
13:04:00.0963 4640 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:04:00.0963 4640 USBSTOR - ok
13:04:00.0994 4640 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:04:01.0010 4640 usbuhci - ok
13:04:01.0088 4640 usnjsvc (9d19b042a4fd5c02195071ea2fe0c821) C:\Program Files\Windows Live\Messenger\usnsvc.exe
13:04:01.0104 4640 usnjsvc - ok
13:04:01.0135 4640 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
13:04:01.0135 4640 UxSms - ok
13:04:01.0182 4640 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
13:04:01.0197 4640 vds - ok
13:04:01.0244 4640 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
13:04:01.0260 4640 vga - ok
13:04:01.0306 4640 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
13:04:01.0306 4640 VgaSave - ok
13:04:01.0353 4640 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
13:04:01.0353 4640 viaagp - ok
13:04:01.0369 4640 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
13:04:01.0384 4640 ViaC7 - ok
13:04:01.0400 4640 viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys
13:04:01.0416 4640 viaide - ok
13:04:01.0462 4640 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
13:04:01.0462 4640 volmgr - ok
13:04:01.0509 4640 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
13:04:01.0509 4640 volmgrx - ok
13:04:01.0540 4640 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
13:04:01.0572 4640 volsnap - ok
13:04:01.0587 4640 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
13:04:01.0587 4640 vsmraid - ok
13:04:01.0728 4640 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
13:04:01.0743 4640 VSS - ok
13:04:01.0852 4640 VX3000 (42870675b4d84acd81a9da69b83f14c5) C:\Windows\system32\DRIVERS\VX3000.sys
13:04:01.0915 4640 VX3000 - ok
13:04:01.0946 4640 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
13:04:01.0962 4640 W32Time - ok
13:04:02.0008 4640 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system3
-
Please run aswMBR.exe again and post the log as well as this one.
Please download MBRCheck.exe by a_d_13 from one of the links provided below and save it to your desktop.
Link 1 (http://download.bleepingcomputer.com/rootrepeal/MBRCheck.exe)
Link 2 (http://ad13.geekstogo.com/MBRCheck.exe)
Link 3 (http://www.kernelmode.info/MBRCheck.exe)
•Double-click on MBRCheck.exe to run it.
•It will open a black window...please do not fix anything (if it gives you an option).
•When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.
•A log named MBRCheck_date_time.txt (i.e. MBRCheck_07.21.10_10.22.51.txt) will appear on the desktop.
•Please copy and paste the contents of that log in your next reply.
-
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-15 09:27:24
-----------------------------
09:27:24.600 OS Version: Windows 6.0.6002 Service Pack 2
09:27:24.600 Number of processors: 2 586 0xF02
09:27:24.600 ComputerName: KILE-PC UserName: Kile
09:27:25.318 Initialize success
09:27:29.553 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:27:29.553 Disk 0 Vendor: WDC_WD3200AAKS-75VYA0 12.01B02 Size: 305245MB BusType: 3
09:27:29.585 Disk 0 MBR read successfully
09:27:29.585 Disk 0 MBR scan
09:27:29.585 Disk 0 Windows VISTA default MBR code
09:27:29.585 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
09:27:29.600 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 98304
09:27:29.600 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 294956 MB offset 21069824
09:27:29.616 Disk 0 scanning sectors +625139712
09:27:29.678 Disk 0 scanning C:\Windows\system32\drivers
09:27:37.135 Service scanning
09:27:48.055 Modules scanning
09:27:53.063 Disk 0 trace - called modules:
09:27:53.094 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
09:27:53.094 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84f9fa10]
09:27:53.094 3 CLASSPNP.SYS[881a38b3] -> nt!IofCallDriver -> [0x84de2268]
09:27:53.109 5 acpi.sys[806986bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8402b528]
09:27:53.109 Scan finished successfully
09:28:01.892 Disk 0 MBR has been saved successfully to "C:\Users\Kile\Desktop\MBR.dat"
09:28:01.923 The log file has been saved successfully to "C:\Users\Kile\Desktop\aswMBR.txt"
-
Please update and run SAS and MBAM again and post the logs. Also try running ComboFix again. You should be able to de-activate your AV because I had another user with the same AV and he had no problem de-activating it.
-
That's the thing? I don't know how to deactivate it. None of the directions on your link matched what my setting on Norton.
Here is my SAS log. Huge list! I guess I still am not out of the woods yet. Although things are working much faster and smoother than from the start.
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 04/15/2012 at 12:29 PM
Application Version : 5.0.1146
Core Rules Database Version : 8458
Trace Rules Database Version: 6270
Scan type : Complete Scan
Total Scan Time : 01:31:17
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)
Memory items scanned : 752
Memory threats detected : 0
Registry items scanned : 33723
Registry threats detected : 0
File items scanned : 162151
File threats detected : 1049
Adware.Tracking Cookie
C:\Users\Kile\AppData\Roaming\Microsoft\Windows\Cookies\LU59J01M.txt [ /doubleclick.net ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\kile@adxpose[2].txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\F7D3AC7M.txt [ Cookie:[email protected]/pagead/conversion/1026588662/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7IW7NF6V.txt [ Cookie:[email protected]/pagead/conversion/1035118810/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\MKIAG4PK.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\kile@yieldmanager[2].txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\kile@imrworldwide[3].txt [ Cookie:[email protected]/cgi-bin ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\BH4M1VRJ.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\9XGL5ED8.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\STHS97GA.txt [ Cookie:[email protected]/adsense/support ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\JYQ5Y1ID.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\SOLF1BRO.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\HIZ4Y5K0.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\DNF8Z1Z5.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6PZPTO3M.txt [ Cookie:[email protected]/adserving ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\EZOUCTBH.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\kile@atdmt[1].txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\LWAXM3YD.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\DHIZP7LQ.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\SH70HGNW.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\RLM76NCZ.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\IMCTVV7U.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\AZ92IEAD.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\8G91H74K.txt [ Cookie:[email protected]/pagead/conversion/1018962202/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\5QAJ3ARY.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\V3DWFQ7D.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\UZJ05X30.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\LGPNGQNO.txt [ Cookie:[email protected]/adsense/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PRPMSWE5.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\H54JV6CY.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\QU8N63UX.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\kile@specificclick[1].txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\W1EHAPEU.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZL2KLC1K.txt [ Cookie:[email protected]/ ]
C:\USERS\KILE\Cookies\LU59J01M.txt [ Cookie:[email protected]/ ]
cloud.bannergadgets.com [ C:\USERS\KILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\J5WYQFKA ]
core.insightexpressai.com [ C:\USERS\KILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\J5WYQFKA ]
media.mtvnservices.com [ C:\USERS\KILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\J5WYQFKA ]
s0.2mdn.net [ C:\USERS\KILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\J5WYQFKA ]
secure-us.imrworldwide.com [ C:\USERS\KILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\J5WYQFKA ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@247REALMEDIA[1].TXT [ /247REALMEDIA ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@2O7[1].TXT [ /2O7 ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\[email protected][1].TXT [ /AD.WSOD ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\[email protected][1].TXT [ /AD.YIELDMANAGER ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\[email protected][2].TXT [ /AD.YIELDMANAGER ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@ADINTERAX[2].TXT [ /ADINTERAX ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@ADVERTISING[1].TXT [ /ADVERTISING ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@ADXPOSE[1].TXT [ /ADXPOSE ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@ATDMT[2].TXT [ /ATDMT ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@DOUBLECLICK[3].TXT [ /DOUBLECLICK ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@IMRWORLDWIDE[2].TXT [ /IMRWORLDWIDE ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@INVITEMEDIA[1].TXT [ /INVITEMEDIA ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@KANOODLE[1].TXT [ /KANOODLE ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@KANOODLE[2].TXT [ /KANOODLE ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@KANOODLE[3].TXT [ /KANOODLE ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\[email protected][1].TXT [ /KASPERSKY.122.2O7 ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\[email protected][2].TXT [ /OASC09.247REALMEDIA ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@OVERTURE[2].TXT [ /OVERTURE ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@YADRO[2].TXT [ /YADRO ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@YIELDMANAGER[1].TXT [ /YIELDMANAGER ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@ZEDO[2].TXT [ /ZEDO ]
C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@ZEDO[3].TXT [ /ZEDO ]
account.goodgamestudios.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
art.aim4media.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
cdn.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
cdn2.baronsmedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
click.searchnation.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
core.insightexpressai.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
crackle.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
ds.serving-sys.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
media.heavy.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
media1.break.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
media4.onsugar.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
objects.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
secure-us.imrworldwide.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
tag.2bluemedia.hiro.tv [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
videocdn.pgoamedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
www.quick-click-commissions.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[10].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[11].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[1].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[2].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[3].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[4].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[5].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[6].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[7].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[8].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[9].TXT [ /1SADX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[10].TXT [ /247REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[11].TXT [ /247REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[1].TXT [ /247REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[2].TXT [ /247REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[3].TXT [ /247REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[4].TXT [ /247REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[5].TXT [ /247REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[6].TXT [ /247REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[7].TXT [ /247REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[8].TXT [ /247REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[9].TXT [ /247REALMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@2O7[2].TXT [ /2O7 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@2O7[3].TXT [ /2O7 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /A1.INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /A1.INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /A1.INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /A1.INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /A1.INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /A1.INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /A1.INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /A1.INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /A1.INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ACCOUNTS.GOOGLE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ACCOUNTS.GOOGLE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.360YIELD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AD.360YIELD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /AD.360YIELD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AD.360YIELD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /AD.360YIELD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.DOUBLECLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.WSOD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AD.WSOD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AD.WSOD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AD.WSOD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /AD.WSOD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[10].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[11].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[1].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[2].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[3].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[4].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[5].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[6].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[7].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[8].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[9].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADINTERAX[1].TXT [ /ADINTERAX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADINTERAX[2].TXT [ /ADINTERAX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADINTERAX[4].TXT [ /ADINTERAX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADJUGGLER[1].TXT [ /ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADJUGGLER[2].TXT [ /ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADJUGGLER[3].TXT [ /ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[10].TXT [ /ADNETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[11].TXT [ /ADNETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[1].TXT [ /ADNETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[2].TXT [ /ADNETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[3].TXT [ /ADNETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[4].TXT [ /ADNETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[5].TXT [ /ADNETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[6].TXT [ /ADNETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[7].TXT [ /ADNETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[8].TXT [ /ADNETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[9].TXT [ /ADNETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.24HLOCALSERVICES ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.ADK2 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.ADK2 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.ADK2 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.ADK2 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.ADK2 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADS.ADK2 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADS.ADK2 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADS.ADK2 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /ADS.ADK2 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.ADOPTIMIZED ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.ADOPTIMIZED ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.BRIDGETRACK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.CPXCENTER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.CPXCENTER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.FINANCIALCONTENT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.FINANCIALCONTENT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.FINANCIALCONTENT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.FOOTAR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.FOOTAR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.FOOTAR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.FOOTAR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.FOOTBALLMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.FOOTBALLMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.FOOTBALLMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.FOOTBALLMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.GAMERSMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.GAMERSMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.GAMERSMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.GAMERSMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.GAMERSMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADS.GAMERSMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADS.GAMERSMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADS.GAMERSMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /ADS.GAMERSMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.GLISPA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.INTERGI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.INTERGI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.INTERGI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.INTERGI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.INTERGI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADS.INTERGI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADS.INTERGI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADS.INTERGI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.LYCOS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.LYCOS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.LYCOS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.LYCOS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.MSV-INC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.MSV-INC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.MSV-INC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.MSV-INC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADS.MSV-INC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.NETWORLDMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.PARTSBROKERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.PIXFUTURE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /ADS.POINTROLL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.REACT2MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.SHOPSTYLE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.SHOPSTYLE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.SHOPSTYLE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /ADS.UNDERTONE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.XTARGETING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS1.ZENOVIAEXCHANGE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS1.ZENOVIAEXCHANGE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS1.ZENOVIAEXCHANGE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS2.IWEB.CORTICA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADSERVER.VALWA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECHUS[1].TXT [ /ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECHUS[2].TXT [ /ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECHUS[3].TXT [ /ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[1].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[2].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[3].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[4].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[5].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[6].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[7].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADULTSWIM[2].TXT [ /ADULTSWIM ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADUP.ROTATOR.HADJ7.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADUP.ROTATOR.HADJ7.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADUP.ROTATOR.HADJ7.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADUP.ROTATOR.HADJ7.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADUP.ROTATOR.HADJ7.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADVERTISERS.PIXFUTURE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADVERTISING.EZANGA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADVERTISING.EZANGA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADVERTISING.EZANGA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADVERTISING.EZANGA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADVERTISING.SHEKNOWS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[10].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[11].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[1].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[2].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[3].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[4].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[5].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[6].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[7].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[8].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[9].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[10].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[11].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[1].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[2].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[3].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[4].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[5].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[6].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[7].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[8].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[9].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AIM4MEDIA[1].TXT [ /AIM4MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AJPN.ROTATOR.HADJ1.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AJPN.ROTATOR.HADJ1.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AJPN.ROTATOR.HADJ1.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AMAZON-ADSYSTEM[1].TXT [ /AMAZON-ADSYSTEM ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AMAZON-ADSYSTEM[2].TXT [ /AMAZON-ADSYSTEM ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AMAZON-ADSYSTEM[3].TXT [ /AMAZON-ADSYSTEM ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AMERIPRISESTATS[1].TXT [ /AMERIPRISESTATS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[10].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[11].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[1].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[2].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[3].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[4].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[5].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[6].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[7].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[8].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[9].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AR.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AR.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AR.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /AR.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AR.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /AT.ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[10].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[11].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[1].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[2].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[3].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[4].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[5].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[6].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[7].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[8].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[9].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATWOLA[1].TXT [ /ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATWOLA[2].TXT [ /ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATWOLA[3].TXT [ /ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATWOLA[4].TXT [ /ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATWOLA[5].TXT [ /ATWOLA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AWESOME-FIND[1].TXT [ /AWESOME-FIND ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AZJMP[1].TXT [ /AZJMP ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AZJMP[2].TXT [ /AZJMP ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[1].TXT [ /BIZZCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[2].TXT [ /BIZZCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[3].TXT [ /BIZZCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[4].TXT [ /BIZZCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[5].TXT [ /BIZZCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[6].TXT [ /BIZZCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[7].TXT [ /BIZZCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[8].TXT [ /BIZZCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[9].TXT [ /BIZZCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /BLOG.GOURMETCOUNTRY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /BLOG.GOURMETCOUNTRY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /BLOG.GOURMETCOUNTRY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BOOM-FIND[1].TXT [ /BOOM-FIND ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[10].TXT [ /BURSTBEACON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[11].TXT [ /BURSTBEACON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[1].TXT [ /BURSTBEACON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[2].TXT [ /BURSTBEACON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[3].TXT [ /BURSTBEACON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[4].TXT [ /BURSTBEACON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[5].TXT [ /BURSTBEACON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[6].TXT [ /BURSTBEACON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[7].TXT [ /BURSTBEACON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[8].TXT [ /BURSTBEACON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[9].TXT [ /BURSTBEACON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[10].TXT [ /BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[11].TXT [ /BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[1].TXT [ /BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[2].TXT [ /BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[3].TXT [ /BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[4].TXT [ /BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[5].TXT [ /BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[6].TXT [ /BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[7].TXT [ /BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[8].TXT [ /BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[9].TXT [ /BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /C.ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /C.ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /C.GIGCOUNT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected] [ /CA2O7TQ0.TXT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected] [ /CAH2O7I4.TXT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected] [ /CAKMXXXO.TXT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected] [ /CAMGXXX6.TXT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CANYONRANCH.112.2O7 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[10].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[11].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[1].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[2].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[3].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[4].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[5].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[6].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[7].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[8].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[9].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected] [ /CATU5RU4.TXT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CDN.JEMAMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /CDN.JEMAMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CITYGRIDMEDIA[2].TXT [ /CITYGRIDMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CITYGRIDMEDIA[3].TXT [ /CITYGRIDMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CLICK.GET-ANSWERS-FAST ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CLICK.PMI5MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /CLICK.PMI5MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CLICK.PRIMOSEARCH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CLICK.SEARCHNATION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /CLICK.SEARCHNATION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[1].TXT [ /CLICKSOR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[2].TXT [ /CLICKSOR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[3].TXT [ /CLICKSOR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[4].TXT [ /CLICKSOR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[6].TXT [ /CLICKSOR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[7].TXT [ /CLICKSOR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[8].TXT [ /CLICKSOR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[9].TXT [ /CLICKSOR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSURE[1].TXT [ /CLICKSURE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@COLLECTIVE-MEDIA[10].TXT [ /COLLECTIVE-MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@C
-
I got it to work finally!
ComboFix 12-04-15.02 - Kile 04/15/2012 22:06:13.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2036.865 [GMT -5:00]
Running from: c:\users\Kile\Desktop\ComboFix.exe
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Kile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery
c:\users\Kile\Favorites\ehthumbs_vista.db
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_usnjsvc
.
.
((((((((((((((((((((((((( Files Created from 2012-03-16 to 2012-04-16 )))))))))))))))))))))))))))))))
.
.
2012-04-16 03:14 . 2012-04-16 03:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-15 15:19 . 2012-04-15 15:19 -------- d-----w- c:\users\Kile\AppData\Local\VS Revo Group
2012-04-15 15:19 . 2009-12-30 15:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2012-04-15 15:19 . 2012-04-15 15:19 -------- d-----w- c:\program files\VS Revo Group
2012-04-15 01:53 . 2012-04-15 01:53 74703 ----a-w- c:\windows\system32\mfc45.dll
2012-04-15 01:53 . 2012-04-15 01:54 -------- d-----w- c:\programdata\iolo
2012-04-15 01:53 . 2012-04-15 01:53 -------- d-----w- c:\program files\iolo
2012-04-15 01:48 . 2012-03-20 08:53 6582328 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A66504D9-B908-4655-A814-7C8E62574E27}\mpengine.dll
2012-04-14 20:12 . 2012-04-14 20:12 98816 ----a-w- c:\windows\system32\mfps.dll
2012-04-14 18:46 . 2012-04-14 18:46 -------- d-----w- c:\program files\Windows Portable Devices
2012-04-14 18:40 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2012-04-14 18:40 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2012-04-14 18:40 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2012-04-14 18:38 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-14 18:38 . 2012-02-29 15:11 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-04-14 18:38 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-14 18:38 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-14 18:38 . 2012-03-06 06:39 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-14 18:38 . 2012-03-06 06:39 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-14 18:31 . 2011-08-13 04:43 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2012-04-14 18:30 . 2011-12-14 16:17 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-04-14 18:30 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-04-14 18:30 . 2011-09-20 21:02 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-04-14 18:30 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-04-14 18:30 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-04-14 18:29 . 2011-11-17 06:48 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-04-14 18:29 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-04-14 18:29 . 2011-11-16 16:23 278528 ----a-w- c:\windows\system32\schannel.dll
2012-04-14 18:29 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-04-14 18:29 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll
2012-04-14 18:29 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe
2012-04-14 18:29 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-04-14 18:29 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-04-14 18:29 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2012-04-14 18:22 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll
2012-04-14 18:22 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-04-14 18:21 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-04-14 18:21 . 2011-07-29 16:01 293376 ----a-w- c:\windows\system32\psisdecd.dll
2012-04-14 18:21 . 2011-07-29 16:01 217088 ----a-w- c:\windows\system32\psisrndr.ax
2012-04-14 18:21 . 2011-07-29 16:00 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2012-04-14 18:21 . 2011-07-29 16:00 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2012-04-14 18:20 . 2012-02-02 15:16 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-04-14 18:19 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2012-04-14 18:19 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-04-14 18:18 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll
2012-04-14 18:16 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll
2012-04-14 18:15 . 2011-11-08 14:42 2048 ----a-w- c:\windows\system32\tzres.dll
2012-04-14 18:14 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2012-04-14 18:14 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2012-04-14 18:14 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2012-04-14 18:14 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2012-04-14 18:12 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-04-14 18:12 . 2012-01-09 13:58 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-14 18:11 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2012-04-14 18:04 . 2012-04-14 18:04 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-14 03:19 . 2012-04-14 03:19 -------- d-----w- c:\program files\Microsoft Download Manager
2012-04-13 05:30 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-04-13 00:49 . 2012-04-13 00:49 -------- d-----w- c:\programdata\Kaspersky Lab
2012-04-13 00:32 . 2012-04-13 00:32 -------- d-----w- c:\program files\Common Files\Java
2012-04-12 07:17 . 2012-04-12 07:18 -------- d-----w- c:\program files\CCleaner
2012-04-12 05:28 . 2012-04-12 05:31 -------- d-----w- c:\windows\system32\ca-ES
2012-04-12 05:28 . 2012-04-12 05:30 -------- d-----w- c:\windows\system32\eu-ES
2012-04-12 05:28 . 2012-04-12 05:30 -------- d-----w- c:\windows\system32\vi-VN
2012-04-12 04:03 . 2012-04-12 04:11 -------- d-----w- c:\windows\system32\SPReview
2012-04-12 03:40 . 2009-04-11 04:28 928768 ----a-w- c:\windows\system32\scavenge.dll
2012-04-12 03:40 . 2009-04-11 04:27 57856 ----a-w- c:\windows\system32\compcln.exe
2012-04-12 03:37 . 2009-04-11 04:28 1591296 ----a-w- c:\windows\system32\setupapi.dll
2012-04-12 03:36 . 2009-04-11 04:32 438744 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2012-04-12 03:26 . 2012-04-12 03:26 -------- d-----w- c:\windows\system32\EventProviders
2012-03-28 04:00 . 2012-03-28 05:36 -------- d-----w- c:\users\Kile\AppData\Roaming\Norton Utilities
2012-03-28 03:55 . 2012-04-08 13:37 -------- d-----w- c:\program files\Real
2012-03-28 03:52 . 2012-03-28 03:52 -------- d-----w- c:\programdata\Norton Installer
2012-03-28 03:51 . 2010-11-30 07:23 44544 ----a-w- c:\windows\system32\msxml4a.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-13 00:25 . 2010-05-24 12:14 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 20:56 . 2011-06-04 23:59 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-15 02:44 . 2011-06-23 22:10 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-23 15:18 . 2009-10-03 06:37 237072 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ComcastSecureBackupShare]
@="{72bcb80d-7778-eb4a-ec51-22340ad33e07}"
[HKEY_CLASSES_ROOT\CLSID\{72bcb80d-7778-eb4a-ec51-22340ad33e07}]
2010-12-14 17:06 3424488 ----a-w- c:\program files\SecureBackupShare\ComcastSecureBackupShareshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ComcastSecureBackupShare2]
@="{b723586e-9ca0-5b27-341a-4990a8c342cf}"
[HKEY_CLASSES_ROOT\CLSID\{b723586e-9ca0-5b27-341a-4990a8c342cf}]
2010-12-14 17:06 3424488 ----a-w- c:\program files\SecureBackupShare\ComcastSecureBackupShareshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ComcastSecureBackupShare3]
@="{f614e4c4-b3fa-5249-b9ea-4fe7d38b8cd0}"
[HKEY_CLASSES_ROOT\CLSID\{f614e4c4-b3fa-5249-b9ea-4fe7d38b8cd0}]
2010-12-14 17:06 3424488 ----a-w- c:\program files\SecureBackupShare\ComcastSecureBackupShareshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"SansaDispatch"="c:\users\Kile\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2010-05-31 79872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-05-25 17920]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 4907008]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-12 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-12 133656]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"VX3000"="c:\windows\vVX3000.exe" [2009-06-26 757248]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-11-6 50688]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Secure Backup and Share Status.lnk - c:\program files\SecureBackupShare\ComcastSecureBackupSharestat.exe [2010-12-14 3539688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-13 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Constant Guard.lnk]
backup=c:\windows\pss\Constant Guard.lnkCommon Startup
backupExtension=Common Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2009-07-24 20:05 118640 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2012-04-08 07:44 3905920 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]
2009-06-26 22:21 757248 ----a-w- c:\windows\vVX3000.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-27 116608]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-05 77824]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg]
2011-07-05 15:26 435976 ----a-w- c:\program files\SFT\GuardedID\GIDI.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-26 23:37]
.
2012-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-26 23:37]
.
2012-04-15 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2009-10-12 05:01]
.
2012-04-13 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-10-12 05:01]
.
2012-04-11 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-03-28 22:52]
.
2012-04-16 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-03-28 22:52]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.comcast.net/
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Trusted Zone: dell.com\www
Trusted Zone: realtor.org\www
Trusted Zone: yahoo.com\games
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
FF - ProfilePath - c:\users\Kile\AppData\Roaming\Mozilla\Firefox\Profiles\nc2ggpmw.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/?pc=Z039&form=ZGAPHP
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm593YYUS&fl=0&ptb=kLYXbKBETjdxxEa8dEf0nQ&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{f629a2e4-771b-4215-bfca-140d74011dbe} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-AROReminder - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-15 22:29
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
SansaDispatch = c:\users\Kile\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe???????????0???????/sansa/Application/SansaUpdaterInstall_1_018.exe????
.
scanning hidden files ...
.
.
c:\users\Kile\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\5.2.0.13\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5 977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,66,91,4b,f8,ec,40,2a,42,9d,eb,a2,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839 E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,66,91,4b,f8,ec,40,2a,42,9d,eb,a2,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1040)
c:\program files\SecureBackupShare\ComcastSecureBackupShareshell.dll
c:\program files\SecureBackupShare\LIBEAY32.dll
c:\windows\system32\ieframe.dll
c:\program files\Common Files\System\MAPI\1033\msmapi32.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\program files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
c:\windows\system32\DllHost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\SecureBackupShare\ComcastSecureBackupSharebackup.exe
c:\program files\SecureBackupShare\ComcastSecureBackupSharebackup.exe
c:\windows\system32\DllHost.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2012-04-15 22:35:15 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-16 03:35
.
Pre-Run: 238,673,174,528 bytes free
Post-Run: 238,567,510,016 bytes free
.
- - End Of File - - A9F231E9BF1421FCB813B19ACB0E01B0
-
Re-running ComboFix to remove infections:
- Close any open browsers.
- Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
- Open notepad and copy/paste the text in the quotebox below into it:
KillAll::
FireFox::
Trusted Zone: dell.com\www
Trusted Zone: realtor.org\www
Trusted Zone: yahoo.com\games
DDS::
Trusted Zone: dell.com\www
Trusted Zone: realtor.org\www
Trusted Zone: yahoo.com\games
- Save this as CFScript.txt, in the same location as ComboFix.exe
(http://i424.photobucket.com/albums/pp322/digistar/cfscriptb4.gif)
- Referring to the picture above, drag CFScript into ComboFix.exe
- When finished, it shall produce a log for you at C:\ComboFix.txt
- I don't need to see the log from this action.
**********************************************
SysProt Antirootkit
Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).
http://sites.google.com/site/sysprotantirootkit/ (http://sites.google.com/site/sysprotantirootkit/)
Unzip it into a folder on your desktop.
- Double click Sysprot.exe to start the program.
- Click on the Log tab.
- In the Write to log box select the following items.
- Process << Selected
- Kernel Modules << Selected
- SSDT << Selected
- Kernel Hooks << Selected
- IRP Hooks << NOT Selected
- Ports << NOT Selected
- Hidden Files << Selected
- At the bottom of the page
- Hidden Objects Only << Selected
- Click on the Create Log button on the bottom right.
- After a few seconds a new window should appear.
- Select Scan Root Drive. Click on the Start button.
- When it is complete a new window will appear to indicate that the scan is finished.
- The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.
-
SysProt AntiRootkit v1.0.1.0
by swatkat
******************************************************************************************
******************************************************************************************
No Hidden Processes found
******************************************************************************************
******************************************************************************************
No Hidden Kernel Modules found
******************************************************************************************
******************************************************************************************
No SSDT Hooks found
******************************************************************************************
******************************************************************************************
No Kernel Hooks found
******************************************************************************************
******************************************************************************************
No hidden files/folders found
-
I'd like to scan your machine with ESET OnlineScan
•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan (http://eset.com/onlinescan)
•Click the (http://i424.photobucket.com/albums/pp322/digistar/esetOnline.png) button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on (http://i424.photobucket.com/albums/pp322/digistar/esetSmartInstall.png) to download the ESET Smart Installer. Save it to your desktop.
- Double click on the (http://i424.photobucket.com/albums/pp322/digistar/esetSmartInstallDesktopIcon-1.png) icon on your desktop.
•Check (http://i424.photobucket.com/albums/pp322/digistar/esetAcceptTerms.png)
•Click the (http://i424.photobucket.com/albums/pp322/digistar/esetStart.png) button.
•Accept any security warnings from your browser.
•Check (http://i424.photobucket.com/albums/pp322/digistar/esetScanArchives.png)
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push (http://i424.photobucket.com/albums/pp322/digistar/esetListThreats.png)
•Push (http://i424.photobucket.com/albums/pp322/digistar/esetExport.png), and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the (http://i424.photobucket.com/albums/pp322/digistar/esetBack.png) button.
•Push (http://i424.photobucket.com/albums/pp322/digistar/esetFinish.png)
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt
-
C:\Program Files\FoxTabVideoConverter\VideoConverter.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined
C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\14.04.2012_13.02.25\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.KS trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\MSoft\VerCheck\VerCheck.exe a variant of MSIL/Adware.SanctionedMedia.A application cleaned by deleting - quarantined
-
That looks good. If there are no other issues, we can do some cleanup.
To uninstall ComboFix
- Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
- In the field, type in ComboFix /uninstall
(http://i424.photobucket.com/albums/pp322/digistar/Combofix_uninstall_image.jpg)
(Note: Make sure there's a space between the word ComboFix and the forward-slash.)
- Then, press Enter, or click OK.
- This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
**************************************************
Clean out your temporary internet files and temp files.
Download TFC by OldTimer (http://oldtimer.geekstogo.com/TFC.exe) to your desktop.
Double-click TFC.exe to run it.
Note: If you are running on Vista, right-click on the file and choose Run As Administrator
TFC will close all programs when run, so make sure you have saved all your work before you begin.
* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.
Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
****************************************************
Use the Secunia Software Inspector (http://secunia.com/software_inspector) to check for out of date software.
•Click Start Now
•Check the box next to Enable thorough system inspection.
•Click Start
•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------
Go to Microsoft Windows Update (http://windowsupdate.microsoft.com/) and get all critical updates.
----------
I suggest using WOT - Web of Trust (http://www.mywot.com/). WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.
SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html)- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer (http://www.bleepingcomputer.com/forums/tutorial49.html) from Spyware and Malware
* If you don't know what ActiveX controls are, see here (http://www.webopedia.com/TERM/A/ActiveX_control.html)
Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. (http://www.safer-networking.org/en/spybotsd/index.html) Guide: Use Spybot's Immunize Feature (http://www.bleepingcomputer.com/tutorials/tutorial43.html#immunize) to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ (http://www.safer-networking.org/en/faq/index.html)
Check out Keeping Yourself Safe On The Web (http://evilfantasy.wordpress.com/2008/05/20/keeping-yourself-safe-on-the-web/) for tips and free tools to help keep you safe in the future.
Also see Slow Computer? It may not be Malware (http://evilfantasy.wordpress.com/2008/05/24/slow-computer-it-may-not-be-malware/) for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!
-
Okay. I have completed everything. Computer runs so much better than before. Thanks for all of your help! Sincerely.
Now can I uninstall any of the programs you had me install throughout this cleanup process?
Also, would you suggest me incresing my RAM? I only have 2GB.
-
would you suggest me incresing my RAM? I only have 2GB.
Vista only requires 1 Gb so you should be good with 2.
Now can I uninstall any of the programs you had me install throughout this cleanup process?
Yes. You should consider keeping SAS and MBAM. Update them and run them on a regular basis.
You're welcome. I will lock this thread. If you need it re-opened, please send me a pm.