Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect... help!


  • This topic is locked This topic is locked
12 replies to this topic

#1 reneenee

reneenee

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 18 June 2011 - 11:10 AM

I noticed that Google will send me to ad sites when I click search results last night. I immediately ran a scan on AVG and on Ad-Aware. Both of them found and removed Trojans and claim to have cleaned them, but the problem persists.

AVG: "C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\ekpdnjjeeacfglckjomfoalpgdjepnih\contentscript.js";"Trojan horse JS/XULCache.A";"Moved to Virus Vault"

I got this just now in a pop-up from AVG:
"c:\WINDOWS\system32\pifmgr32.exe";"Trojan horse SHeurcki3.CFHU";
"c:\WINDOWS\system32\l2gpstore32.exe";"Trojan horse SHeur3.CFHU";
I clicked to move them to the vault.

I don't have the Ad-Aware log anymore.

I also ran TDSSKiller and it only found a suspicious "locked file."

A friend of mine told me that I need to use ComboFix to get rid of the issue but I don't want to mess up my computer.

I have never had any viruses or spyware on my computer so I'm not sure what else I should include here or how to get to the logs I've seen people post.

Help?
Thank you!

BC AdBot (Login to Remove)

 


#2 J.R. Sanford

J.R. Sanford

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portland, OR (St. Johns)
  • Local time:06:44 AM

Posted 18 June 2011 - 12:59 PM

I noticed that Google will send me to ad sites when I click search results last night. I immediately ran a scan on AVG and on Ad-Aware. Both of them found and removed Trojans and claim to have cleaned them, but the problem persists.

AVG: "C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\ekpdnjjeeacfglckjomfoalpgdjepnih\contentscript.js";"Trojan horse JS/XULCache.A";"Moved to Virus Vault"

I got this just now in a pop-up from AVG:
"c:\WINDOWS\system32\pifmgr32.exe";"Trojan horse SHeurcki3.CFHU";
"c:\WINDOWS\system32\l2gpstore32.exe";"Trojan horse SHeur3.CFHU";
I clicked to move them to the vault.

I don't have the Ad-Aware log anymore.

I also ran TDSSKiller and it only found a suspicious "locked file."

A friend of mine told me that I need to use ComboFix to get rid of the issue but I don't want to mess up my computer.

I have never had any viruses or spyware on my computer so I'm not sure what else I should include here or how to get to the logs I've seen people post.

Help?
Thank you!


Hey, ComboFix repaired my problem. It kept reporting that AVG was STILL on my computer even AFTER uninstalling AVG with the AVG uninstaller. I just clicked through the warnings and now all is good with Google links.

J.R.
Cast aside your limitations;
And you shall be boundless.

#3 rigel

rigel

    FD-BC


  • Members
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:09:44 AM

Posted 18 June 2011 - 01:13 PM

Please DO NOT RUN COMBOFIX...

Combofix is available for those getting assistance by experts in the HijackThis Logs and Malware Removal forum.

Why for only those members?

It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert", NOT for general public or personal use. As such, no one should be using Combofix unless instructed to do so by a Malware Removal Expert who can interpret the logs. Please read Combofix's Disclaimer.

Thanks,
rigel
BC Moderator

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith


#4 reneenee

reneenee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 19 June 2011 - 01:17 PM

Rigel,

I was posting on here to perhaps get assistance from the people that you're talking about. I have read about the dangers of ComboFix but also that it seems to be the only thing that will kill this infection I have on my computer. I want to get rid of the virus by any means necessary but I'd like to do it under the supervision of somebody who is well-versed in these matters, so I posted on this board. I need to know what to do next. I ran a Malware Bytes scan and saved the log. I can post that if necessary.

Thanks,
Renee

#5 reneenee

reneenee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 21 June 2011 - 09:54 AM

TSSkiler log
2011/06/18 11:45:11.0203 2104 TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15
2011/06/18 11:45:11.0718 2104 ================================================================================
2011/06/18 11:45:11.0718 2104 SystemInfo:
2011/06/18 11:45:11.0718 2104
2011/06/18 11:45:11.0718 2104 OS Version: 5.1.2600 ServicePack: 3.0
2011/06/18 11:45:11.0718 2104 Product type: Workstation
2011/06/18 11:45:11.0718 2104 ComputerName: RENEETRON
2011/06/18 11:45:11.0718 2104 UserName: renee brown
2011/06/18 11:45:11.0718 2104 Windows directory: C:\WINDOWS
2011/06/18 11:45:11.0718 2104 System windows directory: C:\WINDOWS
2011/06/18 11:45:11.0718 2104 Processor architecture: Intel x86
2011/06/18 11:45:11.0718 2104 Number of processors: 2
2011/06/18 11:45:11.0718 2104 Page size: 0x1000
2011/06/18 11:45:11.0718 2104 Boot type: Normal boot
2011/06/18 11:45:11.0718 2104 ================================================================================
2011/06/18 11:45:18.0593 2104 Initialize success
2011/06/18 11:45:22.0921 1268 ================================================================================
2011/06/18 11:45:22.0921 1268 Scan started
2011/06/18 11:45:22.0921 1268 Mode: Manual;
2011/06/18 11:45:22.0921 1268 ================================================================================
2011/06/18 11:45:27.0359 1268 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/06/18 11:45:27.0609 1268 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/06/18 11:45:27.0703 1268 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/06/18 11:45:27.0984 1268 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/06/18 11:45:28.0109 1268 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/06/18 11:45:28.0390 1268 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/06/18 11:45:28.0531 1268 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/06/18 11:45:28.0765 1268 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/06/18 11:45:28.0828 1268 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/06/18 11:45:28.0921 1268 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/06/18 11:45:29.0171 1268 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/06/18 11:45:29.0265 1268 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/06/18 11:45:29.0328 1268 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/06/18 11:45:29.0656 1268 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
2011/06/18 11:45:29.0937 1268 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/06/18 11:45:30.0046 1268 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/06/18 11:45:30.0406 1268 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/06/18 11:45:30.0515 1268 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/06/18 11:45:30.0796 1268 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/06/18 11:45:30.0921 1268 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/06/18 11:45:31.0046 1268 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/06/18 11:45:31.0343 1268 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/06/18 11:45:31.0656 1268 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/06/18 11:45:31.0828 1268 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\System32\Drivers\avgldx86.sys
2011/06/18 11:45:32.0093 1268 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\System32\Drivers\avgmfx86.sys
2011/06/18 11:45:32.0171 1268 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\WINDOWS\System32\Drivers\avgtdix.sys
2011/06/18 11:45:32.0390 1268 BCM43XX (37f385a93c620cbe0f89c17e45f697a1) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/06/18 11:45:32.0796 1268 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/06/18 11:45:32.0937 1268 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/06/18 11:45:33.0000 1268 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/06/18 11:45:33.0078 1268 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/06/18 11:45:33.0500 1268 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/06/18 11:45:34.0000 1268 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/06/18 11:45:34.0109 1268 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/06/18 11:45:34.0156 1268 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/06/18 11:45:34.0531 1268 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/06/18 11:45:34.0640 1268 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/06/18 11:45:34.0921 1268 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/06/18 11:45:35.0093 1268 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/06/18 11:45:35.0171 1268 CtClsFlt (b27d15c551a6678137c6b751b160756d) C:\WINDOWS\system32\DRIVERS\CtClsFlt.sys
2011/06/18 11:45:35.0500 1268 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/06/18 11:45:35.0562 1268 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/06/18 11:45:35.0718 1268 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/06/18 11:45:36.0000 1268 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/06/18 11:45:36.0312 1268 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/06/18 11:45:36.0375 1268 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/06/18 11:45:36.0687 1268 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/06/18 11:45:36.0812 1268 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/06/18 11:45:36.0890 1268 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/06/18 11:45:37.0125 1268 EMSC (a6da3468ffafbdce403ef2973ff03865) C:\WINDOWS\system32\DRIVERS\EMSC.SYS
2011/06/18 11:45:38.0203 1268 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/06/18 11:45:38.0343 1268 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/06/18 11:45:38.0437 1268 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/06/18 11:45:38.0703 1268 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/06/18 11:45:38.0812 1268 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/06/18 11:45:39.0125 1268 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/06/18 11:45:39.0250 1268 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/06/18 11:45:39.0578 1268 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/06/18 11:45:39.0703 1268 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/06/18 11:45:40.0046 1268 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/06/18 11:45:40.0203 1268 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/06/18 11:45:40.0281 1268 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/06/18 11:45:40.0546 1268 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/06/18 11:45:40.0625 1268 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/06/18 11:45:40.0718 1268 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/06/18 11:45:41.0015 1268 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/06/18 11:45:41.0421 1268 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/06/18 11:45:41.0937 1268 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/06/18 11:45:42.0109 1268 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/06/18 11:45:42.0609 1268 IntcAzAudAddService (cb1113029fae50c685198eabd9885161) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/06/18 11:45:43.0156 1268 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/06/18 11:45:43.0281 1268 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/06/18 11:45:43.0875 1268 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/06/18 11:45:44.0046 1268 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/06/18 11:45:44.0109 1268 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/06/18 11:45:44.0218 1268 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/06/18 11:45:44.0515 1268 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/06/18 11:45:44.0609 1268 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/06/18 11:45:45.0265 1268 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/06/18 11:45:45.0875 1268 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/06/18 11:45:46.0421 1268 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/06/18 11:45:47.0265 1268 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/06/18 11:45:47.0640 1268 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/06/18 11:45:48.0093 1268 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\WINDOWS\system32\DRIVERS\Lbd.sys
2011/06/18 11:45:48.0859 1268 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/06/18 11:45:49.0515 1268 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/06/18 11:45:50.0640 1268 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
2011/06/18 11:45:52.0046 1268 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/06/18 11:45:52.0921 1268 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/06/18 11:45:53.0828 1268 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/06/18 11:45:55.0312 1268 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/06/18 11:45:56.0296 1268 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/06/18 11:45:57.0281 1268 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/06/18 11:45:58.0531 1268 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/06/18 11:45:59.0171 1268 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/06/18 11:45:59.0921 1268 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/06/18 11:46:00.0687 1268 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/06/18 11:46:01.0468 1268 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/06/18 11:46:01.0953 1268 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/06/18 11:46:02.0625 1268 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/06/18 11:46:03.0296 1268 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/06/18 11:46:03.0859 1268 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/06/18 11:46:04.0296 1268 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/06/18 11:46:04.0421 1268 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/06/18 11:46:04.0671 1268 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/06/18 11:46:04.0843 1268 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/06/18 11:46:05.0421 1268 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/06/18 11:46:05.0765 1268 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/06/18 11:46:06.0156 1268 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/06/18 11:46:06.0656 1268 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/06/18 11:46:06.0812 1268 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/06/18 11:46:07.0218 1268 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/06/18 11:46:07.0281 1268 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/06/18 11:46:07.0359 1268 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/06/18 11:46:07.0453 1268 OA012Afx (aff089842ba83be89e51d7ea0aa09e53) C:\WINDOWS\system32\Drivers\OA012Afx.sys
2011/06/18 11:46:07.0781 1268 OA012Ufd (2cf21d5f8f1b74bb1922135ac2b12ddb) C:\WINDOWS\system32\DRIVERS\OA012Ufd.sys
2011/06/18 11:46:07.0953 1268 OA012Vid (71346423b584daa06ea26e0bd2cb67c2) C:\WINDOWS\system32\DRIVERS\OA012Vid.sys
2011/06/18 11:46:08.0250 1268 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2011/06/18 11:46:08.0328 1268 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/06/18 11:46:08.0406 1268 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/06/18 11:46:08.0484 1268 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/06/18 11:46:08.0625 1268 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/06/18 11:46:08.0859 1268 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/06/18 11:46:09.0171 1268 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/06/18 11:46:09.0453 1268 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/06/18 11:46:09.0640 1268 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/06/18 11:46:09.0703 1268 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/06/18 11:46:09.0750 1268 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/06/18 11:46:10.0015 1268 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/06/18 11:46:10.0093 1268 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/06/18 11:46:10.0156 1268 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/06/18 11:46:10.0453 1268 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/06/18 11:46:10.0546 1268 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/06/18 11:46:10.0875 1268 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/06/18 11:46:10.0984 1268 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/06/18 11:46:11.0093 1268 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/06/18 11:46:11.0390 1268 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/06/18 11:46:11.0421 1268 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/06/18 11:46:11.0500 1268 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/06/18 11:46:11.0593 1268 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/06/18 11:46:11.0796 1268 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/06/18 11:46:12.0609 1268 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/06/18 11:46:12.0703 1268 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/06/18 11:46:12.0937 1268 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
2011/06/18 11:46:13.0140 1268 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
2011/06/18 11:46:13.0359 1268 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/06/18 11:46:13.0593 1268 RSUSBSTOR (7ffa9821b1c5e0e0667e0a2685cfb89f) C:\WINDOWS\system32\Drivers\RtsUStor.sys
2011/06/18 11:46:13.0812 1268 RTLE8023xp (6e7470477d08f6e47e91016d6a1c5a5f) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/06/18 11:46:14.0031 1268 SBKUPNT (729248b54aff21e740054acebfdbcb1c) C:\WINDOWS\system32\Drivers\SBKUPNT.SYS
2011/06/18 11:46:14.0578 1268 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/06/18 11:46:14.0734 1268 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/06/18 11:46:15.0078 1268 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/06/18 11:46:15.0250 1268 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/06/18 11:46:15.0359 1268 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/06/18 11:46:15.0640 1268 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/06/18 11:46:15.0750 1268 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/06/18 11:46:16.0140 1268 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
2011/06/18 11:46:16.0515 1268 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/06/18 11:46:16.0546 1268 sptd - detected LockedFile.Multi.Generic (1)
2011/06/18 11:46:16.0812 1268 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/06/18 11:46:16.0984 1268 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/06/18 11:46:17.0265 1268 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/06/18 11:46:17.0359 1268 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/06/18 11:46:17.0406 1268 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/06/18 11:46:17.0500 1268 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/06/18 11:46:17.0734 1268 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/06/18 11:46:17.0781 1268 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/06/18 11:46:17.0828 1268 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/06/18 11:46:17.0921 1268 SynTP (a10d781153bb23036b474ffedb448266) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/06/18 11:46:18.0046 1268 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/06/18 11:46:18.0390 1268 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/06/18 11:46:18.0578 1268 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/06/18 11:46:18.0718 1268 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/06/18 11:46:18.0921 1268 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/06/18 11:46:19.0109 1268 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/06/18 11:46:19.0359 1268 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/06/18 11:46:19.0500 1268 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/06/18 11:46:19.0843 1268 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/06/18 11:46:20.0234 1268 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/06/18 11:46:20.0593 1268 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/06/18 11:46:21.0250 1268 usbehci (4bac8df07f1d8434fc640e677a62204e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/06/18 11:46:21.0343 1268 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/06/18 11:46:21.0468 1268 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/06/18 11:46:21.0859 1268 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/06/18 11:46:22.0328 1268 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/06/18 11:46:22.0578 1268 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/06/18 11:46:22.0656 1268 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/06/18 11:46:22.0734 1268 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/06/18 11:46:23.0046 1268 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/06/18 11:46:23.0125 1268 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/06/18 11:46:23.0250 1268 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/06/18 11:46:23.0640 1268 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
2011/06/18 11:46:24.0093 1268 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/06/18 11:46:24.0421 1268 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/06/18 11:46:24.0671 1268 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2011/06/18 11:46:25.0046 1268 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/06/18 11:46:25.0125 1268 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/06/18 11:46:25.0406 1268 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/06/18 11:46:25.0656 1268 MBR (0x1B8) (7b53936afa31aa818ddee1f13c3004e3) \Device\Harddisk0\DR0
2011/06/18 11:46:25.0687 1268 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR4
2011/06/18 11:46:25.0843 1268 ================================================================================
2011/06/18 11:46:25.0843 1268 Scan finished
2011/06/18 11:46:25.0843 1268 ================================================================================
2011/06/18 11:46:25.0890 2140 Detected object count: 1
2011/06/18 11:46:25.0890 2140 Actual detected object count: 1
2011/06/18 11:46:44.0171 2140 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/06/18 11:47:23.0203 2252 ================================================================================
2011/06/18 11:47:23.0203 2252 Scan started
2011/06/18 11:47:23.0203 2252 Mode: Manual;
2011/06/18 11:47:23.0203 2252 ================================================================================
2011/06/18 11:47:23.0937 2252 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/06/18 11:47:24.0000 2252 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/06/18 11:47:24.0031 2252 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/06/18 11:47:24.0125 2252 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/06/18 11:47:24.0203 2252 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/06/18 11:47:24.0453 2252 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/06/18 11:47:24.0515 2252 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/06/18 11:47:24.0546 2252 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/06/18 11:47:24.0609 2252 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/06/18 11:47:24.0656 2252 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/06/18 11:47:24.0718 2252 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/06/18 11:47:24.0812 2252 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/06/18 11:47:25.0046 2252 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/06/18 11:47:25.0156 2252 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
2011/06/18 11:47:25.0437 2252 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/06/18 11:47:25.0500 2252 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/06/18 11:47:25.0578 2252 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/06/18 11:47:25.0640 2252 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/06/18 11:47:25.0671 2252 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/06/18 11:47:25.0781 2252 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/06/18 11:47:25.0843 2252 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/06/18 11:47:25.0921 2252 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/06/18 11:47:26.0000 2252 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/06/18 11:47:26.0312 2252 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\System32\Drivers\avgldx86.sys
2011/06/18 11:47:26.0406 2252 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\System32\Drivers\avgmfx86.sys
2011/06/18 11:47:26.0484 2252 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\WINDOWS\System32\Drivers\avgtdix.sys
2011/06/18 11:47:26.0625 2252 BCM43XX (37f385a93c620cbe0f89c17e45f697a1) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/06/18 11:47:26.0921 2252 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/06/18 11:47:27.0046 2252 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/06/18 11:47:27.0078 2252 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/06/18 11:47:27.0156 2252 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/06/18 11:47:27.0390 2252 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/06/18 11:47:27.0468 2252 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/06/18 11:47:27.0515 2252 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/06/18 11:47:27.0562 2252 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/06/18 11:47:27.0984 2252 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/06/18 11:47:28.0234 2252 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/06/18 11:47:28.0296 2252 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/06/18 11:47:28.0375 2252 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/06/18 11:47:28.0484 2252 CtClsFlt (b27d15c551a6678137c6b751b160756d) C:\WINDOWS\system32\DRIVERS\CtClsFlt.sys
2011/06/18 11:47:28.0515 2252 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/06/18 11:47:28.0562 2252 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/06/18 11:47:28.0687 2252 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/06/18 11:47:28.0968 2252 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/06/18 11:47:29.0218 2252 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/06/18 11:47:29.0250 2252 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/06/18 11:47:29.0359 2252 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/06/18 11:47:29.0468 2252 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/06/18 11:47:29.0718 2252 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/06/18 11:47:29.0796 2252 EMSC (a6da3468ffafbdce403ef2973ff03865) C:\WINDOWS\system32\DRIVERS\EMSC.SYS
2011/06/18 11:47:29.0921 2252 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/06/18 11:47:30.0015 2252 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/06/18 11:47:30.0078 2252 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/06/18 11:47:30.0328 2252 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/06/18 11:47:30.0375 2252 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/06/18 11:47:30.0421 2252 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/06/18 11:47:30.0484 2252 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/06/18 11:47:30.0562 2252 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/06/18 11:47:30.0796 2252 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/06/18 11:47:30.0906 2252 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/06/18 11:47:31.0015 2252 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/06/18 11:47:31.0078 2252 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/06/18 11:47:31.0156 2252 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/06/18 11:47:31.0421 2252 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/06/18 11:47:31.0468 2252 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/06/18 11:47:31.0531 2252 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/06/18 11:47:31.0890 2252 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/06/18 11:47:32.0328 2252 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/06/18 11:47:32.0437 2252 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/06/18 11:47:32.0750 2252 IntcAzAudAddService (cb1113029fae50c685198eabd9885161) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/06/18 11:47:33.0109 2252 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/06/18 11:47:33.0203 2252 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/06/18 11:47:33.0265 2252 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/06/18 11:47:33.0312 2252 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/06/18 11:47:33.0562 2252 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/06/18 11:47:33.0640 2252 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/06/18 11:47:33.0718 2252 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/06/18 11:47:34.0015 2252 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/06/18 11:47:34.0140 2252 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/06/18 11:47:34.0250 2252 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/06/18 11:47:34.0500 2252 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/06/18 11:47:34.0625 2252 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/06/18 11:47:34.0734 2252 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/06/18 11:47:34.0890 2252 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\WINDOWS\system32\DRIVERS\Lbd.sys
2011/06/18 11:47:35.0250 2252 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/06/18 11:47:35.0312 2252 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/06/18 11:47:35.0453 2252 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
2011/06/18 11:47:35.0718 2252 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/06/18 11:47:35.0765 2252 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/06/18 11:47:35.0859 2252 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/06/18 11:47:35.0937 2252 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/06/18 11:47:36.0203 2252 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/06/18 11:47:36.0296 2252 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/06/18 11:47:36.0578 2252 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/06/18 11:47:36.0656 2252 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/06/18 11:47:36.0718 2252 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/06/18 11:47:36.0781 2252 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/06/18 11:47:36.0890 2252 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/06/18 11:47:37.0125 2252 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/06/18 11:47:37.0218 2252 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/06/18 11:47:37.0296 2252 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/06/18 11:47:37.0453 2252 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/06/18 11:47:37.0671 2252 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/06/18 11:47:37.0984 2252 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/06/18 11:47:38.0187 2252 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/06/18 11:47:38.0390 2252 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/06/18 11:47:38.0546 2252 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/06/18 11:47:38.0593 2252 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/06/18 11:47:38.0640 2252 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/06/18 11:47:38.0953 2252 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/06/18 11:47:39.0156 2252 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/06/18 11:47:39.0343 2252 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/06/18 11:47:39.0468 2252 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/06/18 11:47:39.0500 2252 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/06/18 11:47:39.0593 2252 OA012Afx (aff089842ba83be89e51d7ea0aa09e53) C:\WINDOWS\system32\Drivers\OA012Afx.sys
2011/06/18 11:47:39.0671 2252 OA012Ufd (2cf21d5f8f1b74bb1922135ac2b12ddb) C:\WINDOWS\system32\DRIVERS\OA012Ufd.sys
2011/06/18 11:47:39.0828 2252 OA012Vid (71346423b584daa06ea26e0bd2cb67c2) C:\WINDOWS\system32\DRIVERS\OA012Vid.sys
2011/06/18 11:47:40.0078 2252 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2011/06/18 11:47:40.0156 2252 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/06/18 11:47:40.0203 2252 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/06/18 11:47:40.0281 2252 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/06/18 11:47:40.0375 2252 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/06/18 11:47:40.0546 2252 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/06/18 11:47:40.0812 2252 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/06/18 11:47:41.0015 2252 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/06/18 11:47:41.0203 2252 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/06/18 11:47:41.0265 2252 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/06/18 11:47:41.0312 2252 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/06/18 11:47:41.0390 2252 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/06/18 11:47:41.0437 2252 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/06/18 11:47:41.0625 2252 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/06/18 11:47:41.0734 2252 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/06/18 11:47:41.0781 2252 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/06/18 11:47:41.0953 2252 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/06/18 11:47:42.0062 2252 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/06/18 11:47:42.0140 2252 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/06/18 11:47:42.0234 2252 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/06/18 11:47:42.0453 2252 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/06/18 11:47:42.0546 2252 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/06/18 11:47:42.0593 2252 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/06/18 11:47:42.0687 2252 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/06/18 11:47:42.0906 2252 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/06/18 11:47:43.0046 2252 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/06/18 11:47:43.0140 2252 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
2011/06/18 11:47:43.0375 2252 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
2011/06/18 11:47:43.0468 2252 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/06/18 11:47:43.0593 2252 RSUSBSTOR (7ffa9821b1c5e0e0667e0a2685cfb89f) C:\WINDOWS\system32\Drivers\RtsUStor.sys
2011/06/18 11:47:43.0812 2252 RTLE8023xp (6e7470477d08f6e47e91016d6a1c5a5f) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/06/18 11:47:43.0953 2252 SBKUPNT (729248b54aff21e740054acebfdbcb1c) C:\WINDOWS\system32\Drivers\SBKUPNT.SYS
2011/06/18 11:47:44.0109 2252 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/06/18 11:47:44.0343 2252 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/06/18 11:47:44.0500 2252 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/06/18 11:47:44.0625 2252 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/06/18 11:47:44.0734 2252 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/06/18 11:47:44.0828 2252 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/06/18 11:47:45.0062 2252 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/06/18 11:47:45.0250 2252 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
2011/06/18 11:47:45.0250 2252 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/06/18 11:47:45.0281 2252 sptd - detected LockedFile.Multi.Generic (1)
2011/06/18 11:47:45.0484 2252 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/06/18 11:47:45.0578 2252 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/06/18 11:47:45.0703 2252 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/06/18 11:47:45.0906 2252 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/06/18 11:47:46.0015 2252 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/06/18 11:47:46.0109 2252 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/06/18 11:47:46.0312 2252 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/06/18 11:47:46.0375 2252 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/06/18 11:47:46.0421 2252 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/06/18 11:47:46.0515 2252 SynTP (a10d781153bb23036b474ffedb448266) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/06/18 11:47:46.0593 2252 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/06/18 11:47:46.0843 2252 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/06/18 11:47:46.0937 2252 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/06/18 11:47:46.0984 2252 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/06/18 11:47:47.0062 2252 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/06/18 11:47:47.0328 2252 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/06/18 11:47:47.0437 2252 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/06/18 11:47:47.0546 2252 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/06/18 11:47:47.0781 2252 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/06/18 11:47:48.0187 2252 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/06/18 11:47:48.0531 2252 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/06/18 11:47:48.0609 2252 usbehci (4bac8df07f1d8434fc640e677a62204e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/06/18 11:47:48.0656 2252 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/06/18 11:47:48.0734 2252 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/06/18 11:47:48.0937 2252 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/06/18 11:47:49.0140 2252 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/06/18 11:47:49.0500 2252 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/06/18 11:47:49.0625 2252 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/06/18 11:47:49.0796 2252 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/06/18 11:47:50.0015 2252 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/06/18 11:47:50.0265 2252 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/06/18 11:47:50.0640 2252 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/06/18 11:47:50.0750 2252 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
2011/06/18 11:47:50.0875 2252 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/06/18 11:47:51.0250 2252 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/06/18 11:47:51.0500 2252 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2011/06/18 11:47:51.0718 2252 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/06/18 11:47:51.0859 2252 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/06/18 11:47:51.0937 2252 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/06/18 11:47:52.0187 2252 MBR (0x1B8) (7b53936afa31aa818ddee1f13c3004e3) \Device\Harddisk0\DR0
2011/06/18 11:47:52.0218 2252 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR4
2011/06/18 11:47:52.0421 2252 ================================================================================
2011/06/18 11:47:52.0421 2252 Scan finished
2011/06/18 11:47:52.0421 2252 ================================================================================
2011/06/18 11:47:52.0468 4464 Detected object count: 1
2011/06/18 11:47:52.0468 4464 Actual detected object count: 1
2011/06/18 11:48:56.0015 4464 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/06/18 11:49:00.0578 3432 Deinitialize success




MBAM log
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6894

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

6/19/2011 6:04:14 AM
mbam-log-2011-06-19 (06-04-14).txt

Scan type: Quick scan
Objects scanned: 165098
Time elapsed: 22 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 8

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\localservice\application data\02000000d45a30921270c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000d45a30921270o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000d45a30921270p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000d45a30921270s.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000d45a30921270c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000d45a30921270o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000d45a30921270p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000d45a30921270s.manifest (Malware.Trace) -> Quarantined and deleted successfully.

AVG scan
"Object name";"C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\ekpdnjjeeacfglckjomfoalpgdjepnih\contentscript.js"
"Detection name";"Trojan horse JS/XULCache.A"
"Object type";"file"
"SDK Type";"Core"
"Result";"Moved to Virus Vault"
"Action history";"Moved to Virus vault"

Ad-Aware scan 6/18/11
Cookies - Privacy Object Quantity: 14, TAI 3, Action Removed 14
Win32.Toolbar.Zugo - Misc Quantity:1, TAI 3, Action Quarantined
Win32.TrojanClicker. VBiframe - Malware Quantity: 1, TAI 10, Action Quarantined






That is all the scans I ran. None of those "removals" or "quarantines" work.
My computer is running slow and hot as warm molasses. Still redirecting. I have no idea how to fix it. Please help :(

#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:44 PM

Posted 21 June 2011 - 01:41 PM

Can you perform a Complete Scan with Mbam, and the following tools as well:

SUPERAntiSpyware:

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen and exit the program.
  • Do not run a scan just yet.
Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Scan with SUPERAntiSpyware as follows:
  • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.

Instructions:

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.



#7 reneenee

reneenee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 22 June 2011 - 10:56 PM

superantispyware
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/22/2011 at 02:43 PM

Application Version : 4.54.1000

Core Rules Database Version : 7301
Trace Rules Database Version: 5113

Scan type : Complete Scan
Total Scan Time : 06:27:45

Memory items scanned : 240
Memory threats detected : 0
Registry items scanned : 6777
Registry threats detected : 10
File items scanned : 92959
File threats detected : 396

Adware.Tracking Cookie
C:\Documents and Settings\renee brown\Cookies\renee brown@adecn[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@cgi-bin[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@bs.serving-sys[1].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@adserver.adtechus[1].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@atdmt[1].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@pointroll[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@specificclick[1].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@doubleclick[1].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@r1-ads.ace.advertising[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@adinterax[1].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@ads.pointroll[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@advertising[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@at.atwola[1].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@apmebf[1].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@www.burstnet[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@adlegend[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@serving-sys[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@zedo[1].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@tacoda.at.atwola[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@ar.atwola[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@invitemedia[1].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@html[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@citi.bridgetrack[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@ad.yieldmanager[1].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@yieldmanager[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@mediaplex[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@adbrite[2].txt
C:\Documents and Settings\renee brown\Cookies\renee brown@atwola[1].txt
cdn.eyewonder.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
cdn.insights.gravity.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
cdn.uc.atwola.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
ia.media-imdb.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
macromedia.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
media.chrysler.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
media.cnetnetworks.com.au [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
media.mtvnservices.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
media.scanscout.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
media1.break.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
msnbcmedia.msn.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
objects.tremormedia.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
s0.2mdn.net [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
secure-us.imrworldwide.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
static.discoverymedia.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
www.clickondetroit.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
www.bleeptube.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
www.naiadsystems.com [ C:\Documents and Settings\renee brown\Application Data\Macromedia\Flash Player\#SharedObjects\C6Z3MQB3 ]
.2o7.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.doubleclick.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.mediaforge.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.eyewonder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.eyewonder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.dmtracker.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
segment-pixel.invitemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.lucidmedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.tribalfusion.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.mediabrandsww.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.r1-ads.ace.advertising.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
dc.tremormedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.apmebf.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.pro-market.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.247realmedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.adxpose.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.a.tribalfusion.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.yieldmanager.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
caloriecount.about.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.caloriecount.about.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.caloriecount.about.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
caloriecount.about.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.c.gigcount.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
ads.react2media.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
ads.react2media.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.eyewonder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.eyewonder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.nestleusa.122.2o7.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.liveperson.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.liveperson.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
d.mediaforge.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.www.burstnet.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.burstnet.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.burstnet.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.burstnet.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.hearstmagazines.112.2o7.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
accounts.youtube.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.yieldmanager.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ar.atwola.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.mm.chitika.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.kontera.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.legolas-media.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.legolas-media.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.burstbeacon.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.burstbeacon.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.cdn.eyewonder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.cdn.eyewonder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.usnews.122.2o7.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.cbsdigitalmedia.112.2o7.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
wstat.wibiya.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.adserver.adtechus.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.yadro.ru [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.indieclick.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
optimize.indieclick.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.edgeadx.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ad.yieldmanager.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ero-advertising.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
beacon.dmsinsights.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
beacon.dmsinsights.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ice.112.2o7.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.scrabblefinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.scrabblefinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.bleepthegifs.tumblr.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.bleepthegifs.tumblr.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
adserv.rotator.hadj7.adjuggler.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
adserv.rotator.hadj7.adjuggler.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.mediaforge.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
admarketmedia.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.clickfuse.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.avgtechnologies.112.2o7.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.find-quick-results.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.advertise.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.mediafire.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.mediafire.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.mediafire.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.mediafire.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.mediafire.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.mediafire.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.mediafire.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.teen.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.teen.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.teen.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.teen.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.atwola.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
ar.atwola.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ar.atwola.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.atwola.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
beacon.dmsinsights.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.kontera.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.solvemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.solvemedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
www.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.lexicalwordfinder.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
in.getclicky.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.alliancedata.122.2o7.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.liveperson.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.homestore.122.2o7.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
citi.bridgetrack.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
citi.bridgetrack.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
citi.bridgetrack.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
citi.bridgetrack.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
ad.media6degrees.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.3dclicktracker.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
cdn1.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
cdn1.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\renee brown\Application Data\Mozilla\Firefox\Profiles\xrkja6t9.default\cookies.sqlite ]
C:\Documents and Settings\renee brown\Cookies\renee brown@adserving[2].txt
.doubleclick.net [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificmedia.com [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.popcapgames.122.2o7.net [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atwola.com [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ar.atwola.com [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atwola.com [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atwola.com [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Documents and Settings\renee brown\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

Browser Hijacker.Tubby
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#NoModify
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#NoRepair
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayIcon
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayVersion
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#URLInfoAbout
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#Publisher
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#EstimatedSize




gmer
GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-06-22 23:49:59
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdePort0 Hitachi_HTS543216L9A300 rev.FB2OC4FC
Running: 5nmoz51h.exe; Driver: C:\DOCUME~1\RENEEB~1\LOCALS~1\Temp\ugryypow.sys


---- System - GMER 1.0.15 ----

SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF764D87E]
SSDT spaw.sys ZwEnumerateKey [0xF7422DA4]
SSDT spaw.sys ZwEnumerateValueKey [0xF7423132]
SSDT spaw.sys ZwOpenKey [0xF740A0C0]
SSDT spaw.sys ZwQueryKey [0xF742320A]
SSDT spaw.sys ZwQueryValueKey [0xF742308A]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF764DBFE]

INT 0x62 ? 86BD6BF8
INT 0x82 ? 86BD6BF8
INT 0x94 ? 869A5BF8
INT 0xA4 ? 869A5BF8

---- Kernel code sections - GMER 1.0.15 ----

? spaw.sys The system cannot find the file specified. !
.text USBPORT.SYS!DllUnload F63B28EC 5 Bytes JMP 869A51D8
.text a7r9b956.SYS F632F386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text a7r9b956.SYS F632F3AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a7r9b956.SYS F632F3C4 3 Bytes [00, 80, 02]
.text a7r9b956.SYS F632F3C9 1 Byte [30]
.text a7r9b956.SYS F632F3C9 11 Bytes [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
.text ...
init C:\WINDOWS\system32\Drivers\OA012Afx.sys entry point in "init" section [0xA9CD9D60]

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\SearchIndexer.exe[2512] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F740B042] spaw.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F740B13E] spaw.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F740B0C0] spaw.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F740B800] spaw.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F740B6D6] spaw.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F741AB90] spaw.sys
IAT \SystemRoot\System32\Drivers\a7r9b956.SYS[HAL.dll!KfAcquireSpinLock] 18C4830E
IAT \SystemRoot\System32\Drivers\a7r9b956.SYS[HAL.dll!READ_PORT_UCHAR] 1C959E88
IAT \SystemRoot\System32\Drivers\a7r9b956.SYS[HAL.dll!KeGetCurrentIrql] 9E880000
IAT \SystemRoot\System32\Drivers\a7r9b956.SYS[HAL.dll!KfRaiseIrql] 00001CB1
IAT \SystemRoot\System32\Drivers\a7r9b956.SYS[HAL.dll!KfLowerIrql] 0E798366
IAT \SystemRoot\System32\Drivers\a7r9b956.SYS[HAL.dll!HalGetInterruptVector] 74AAB000
IAT \SystemRoot\System32\Drivers\a7r9b956.SYS[HAL.dll!HalTranslateBusAddress] 8986C636
IAT \SystemRoot\System32\Drivers\a7r9b956.SYS[HAL.dll!KeStallExecutionProcessor] 1A00001C
IAT \SystemRoot\System32\Drivers\a7r9b956.SYS[HAL.dll!KfReleaseSpinLock] 1C8B86C6
IAT \SystemRoot\System32\Drivers\a7r9b956.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] C6020000
IAT \SystemRoot\System32\Drivers\a7r9b956.SYS[HAL.dll!READ_PORT_USHORT] 001C9686
IAT \SystemRoot\System32\Drivers\a7r9b956.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 86C60200
IAT \SystemRoot\System32\Drivers\a7r9b956.SYS[HAL.dll!WRITE_PORT_UCHAR] 00001CB2
IAT \SystemRoot\System32\Drivers\a7r9b956.SYS[WMILIB.SYS!WmiSystemControl] 8800001C
IAT \SystemRoot\System32\Drivers\a7r9b956.SYS[WMILIB.SYS!WmiCompleteRequest] 001CB99E

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9B02] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9B02] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9B02] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\MSVCRT.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\MSVCRT.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9B02] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9A75] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9B02] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9A75] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9A75] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9B02] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9A75] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9A75] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9B02] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9A75] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\AOL 9.5a\waol.exe[3112] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9B02] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9B02] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9B02] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9A75] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9B02] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9B02] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9A75] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9B02] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9A75] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] [6BFA99EE] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9A75] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] [6BFA9967] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[4580] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9B8F] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL Inc.)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 86BD51F8
Device \Driver\sptd \Device\2785226778 spaw.sys

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 wdf01000.sys (WDF Dynamic/Microsoft Corporation)

Device \Driver\usbehci \Device\USBPDO-0 869A3500
Device \Driver\usbuhci \Device\USBPDO-1 869A41F8
Device \Driver\usbuhci \Device\USBPDO-2 869A41F8
Device \Driver\usbuhci \Device\USBPDO-3 869A41F8
Device \Driver\usbuhci \Device\USBPDO-4 869A41F8

AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\Ftdisk \Device\HarddiskVolume1 86B681F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 86B681F8
Device \Driver\Cdrom \Device\CdRom0 867A81F8
Device \Driver\atapi \Device\Ide\IdePort0 [F7384B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F7384B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F7384B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Ftdisk \Device\HarddiskVolume3 86B681F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 8636C500
Device \Driver\NetBT \Device\NetbiosSmb 8636C500
Device \Driver\NetBT \Device\NetBT_Tcpip_{0B921FBF-5268-4C1D-9A4E-3166751BDEC8} 8636C500
Device \Driver\PCI_PNP3028 \Device\0000004d spaw.sys

AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\NetBT \Device\NetBT_Tcpip_{B742F1C5-F992-4843-806D-04CEA675BAEF} 8636C500

AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBFDO-0 869A41F8
Device \Driver\usbuhci \Device\USBFDO-1 869A41F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 86AC4500
Device \Driver\usbuhci \Device\USBFDO-2 869A41F8
Device 86AC4500
Device \Driver\usbuhci \Device\USBFDO-3 869A41F8
Device \Driver\usbehci \Device\USBFDO-4 869A3500
Device \Driver\Ftdisk \Device\FtControl 86B681F8
Device \Driver\a7r9b956 \Device\Scsi\a7r9b9561Port2Path0Target0Lun0 868FD1F8
Device \Driver\a7r9b956 \Device\Scsi\a7r9b9561 868FD1F8
Device 8631E500
Device A7E31297

AttachedDevice fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Cdfs \Cdfs 86335500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x38 0x0F 0x98 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xFF 0x97 0x5E 0xFF ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x0F 0x85 0xBF 0xAD ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xE1 0x55 0x13 0xF5 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x38 0x0F 0x98 0x02 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xFF 0x97 0x5E 0xFF ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x0F 0x85 0xBF 0xAD ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xE1 0x55 0x13 0xF5 ...

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 MBR read error
Disk \Device\Harddisk0\DR0 MBR BIOS signature not found 0

---- EOF - GMER 1.0.15 ----

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:44 PM

Posted 23 June 2011 - 05:05 AM

Where is the complete scan for Malwarebytes?

#9 reneenee

reneenee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 23 June 2011 - 08:58 AM

Got so concerned about the ones I had to download that I forgot to run the one I have already. I'm running it now and I'll post it ASAP. Thanks for your help so far!

#10 reneenee

reneenee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 23 June 2011 - 11:37 AM

MBAM complete
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6894

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

6/19/2011 6:04:14 AM
mbam-log-2011-06-19 (06-04-14).txt

Scan type: Quick scan
Objects scanned: 165098
Time elapsed: 22 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 8

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\localservice\application data\02000000d45a30921270c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000d45a30921270o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000d45a30921270p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000d45a30921270s.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000d45a30921270c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000d45a30921270o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000d45a30921270p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000d45a30921270s.manifest (Malware.Trace) -> Quarantined and deleted successfully.

#11 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:44 PM

Posted 23 June 2011 - 12:29 PM

Please follow the instructions in ==>This Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

#12 reneenee

reneenee
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 23 June 2011 - 05:46 PM

Posted !

http://www.bleepingcomputer.com/forums/topic405745.html

#13 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,743 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:08:44 AM

Posted 23 June 2011 - 09:39 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic405745.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

To avoid confusion, I am closing this topic. Good luck with your log.

~Blade
Forum Global Moderator

animinionsmalltext.gif
If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users