Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Wit's end


  • Please log in to reply
8 replies to this topic

#1 paulette1537

paulette1537

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:32 AM

Posted 19 September 2011 - 10:57 AM

My son's computer recently became infected with some sort of virus/malware. I ran a virus scan and it came back with WIN32:DNS changer. I removed it. It didn't work. I get redirected to web pages and i can only use the computer in safe mode. I'm QUITE technologically challenged so please bear with me if I sound like a pre schooler. We have Windows Vista, IE 7. I can't get the maching to boot up to the desk top at all. It starts then shuts repeatedly shuts itself off. I've loaded and unloaded numerous virus scans. I scanned it with ESET and it came up with 17 infections but before I could remove them..it shut itself off. I've been working on this for 3 days now. I'm pulling my hair out.

BC AdBot (Login to Remove)

 


#2 paulette1537

paulette1537
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:32 AM

Posted 19 September 2011 - 02:49 PM

Hey and thank you!! I ran MBAM prior to hearing from you. The short scan came back with the results, so I removed them then did a full scan and came back with nothing. I thought that fixed it, but nope. I've pasted all three logs here.


Internet Explorer 7.0.6001.18000

9/19/2011 10:27:14 AM
mbam-log-2011-09-19 (10-27-14).txt

Scan type: Quick scan
Objects scanned: 168938
Time elapsed: 5 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D95C7240-0282-4C01-93F5-673BCA03DA86} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)







Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7748

Windows 6.0.6001 Service Pack 1 (Safe Mode)
Internet Explorer 7.0.6001.18000

9/19/2011 11:16:10 AM
mbam-log-2011-09-19 (11-16-10).txt

Scan type: Full scan (C:\|)
Objects scanned: 306355
Time elapsed: 48 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)












RAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/19/2011 at 03:03 PM

Application Version : 5.0.1118

Core Rules Database Version : 7707
Trace Rules Database Version: 5519

Scan type : Complete Scan
Total Scan Time : 00:55:44

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 1 (Build 6.00.6001)
UAC Off - Administrator

Memory items scanned : 373
Memory threats detected : 0
Registry items scanned : 38098
Registry threats detected : 0
File items scanned : 47093
File threats detected : 374

Adware.Tracking Cookie
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@247realmedia[2].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@a1.interclick[1].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@ad.wsod[2].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@ad.yieldmanager[2].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@adinterax[1].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@adknowledge[1].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@ads.bleepingcomputer[1].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@advertise[1].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@bizzclick[1].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@collective-media[1].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@content.yieldmanager[1].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@eset.122.2o7[1].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@interclick[2].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@invitemedia[2].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@kontera[1].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@legolas-media[2].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@liveperson[1].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@liveperson[3].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@liveperson[4].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@mm.chitika[1].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@sales.liveperson[1].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@solvemedia[2].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@www.find-fast-answers[1].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@www.googleadservices[1].txt
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@yieldmanager[1].txt
2mdn.net [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
3d-adult-world.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
9sexgames.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
bannerfarm.ace.advertising.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
bc.youporn.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
cdn-www.pornhub.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
cdn1.static.pornhub.phncdn.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
cdn4.specificclick.net [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
cdn5.specificclick.net [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
content.yieldmanager.edgesuite.net [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
core.insightexpressai.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
crackle.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
googleads.g.doubleclick.net [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
i.adultswim.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
ia.media-imdb.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
interclick.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
media.heavy.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
media.ign.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
media.mtvnservices.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
media.podaddies.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
media.resulthost.org [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
media.scanscout.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
media.tattomedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
media1.break.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
memecounter.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
naiadsystems.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
objects.tremormedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
secure-us.imrworldwide.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
sexhotgames.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
static.2mdn.net [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
udn.specificclick.net [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
vag.bleepbleepgames.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
video.redorbit.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
vitamine.networldmedia.net [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
www.adultswim.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
www.cartoonpornz.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
www.hentaimedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
www.naiadsystems.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
www.pornhub.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
www.porntube.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
wwwstatic.megaporn.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WW43SGL2 ]
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@ADS.VENTIVMEDIA[2].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@AD.VUIADS[1].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@AD.VUIADS[3].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@AD.WSOD[1].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@ADS.PUBMATIC[2].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@ADS.TRAFFICJUNKY[2].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@ADSERVER2.EXGFNETWORK[2].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@ADTECHUS[1].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@ADULT-SEX-GAMES[1].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@ADXPOSE[1].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@CARTOONPORNGUIDE[2].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@CLICK.JVE[2].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@COLLECTIVE-MEDIA[2].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@DC.TREMORMEDIA[2].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@MEDIABRANDSWW[1].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@INTERMUNDOMEDIA[2].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@INVITEMEDIA[2].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@LUCIDMEDIA[1].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@MEDIA6DEGREES[2].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@POINTROLL[2].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@PORNHUB[1].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@SERVER.CPMSTAR[2].TXT
C:\USERS\OWNER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OWNER@WWW.GOOGLEADSERVICES[1].TXT
ad.insightexpressai.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UBW82Z6T ]
cdn.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UBW82Z6T ]
convoad.technoratimedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UBW82Z6T ]
convoad.technoratimedia.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UBW82Z6T ]
crackle.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UBW82Z6T ]
media.mtvnservices.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UBW82Z6T ]
media1.break.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UBW82Z6T ]
objects.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UBW82Z6T ]
s0.2mdn.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UBW82Z6T ]
secure-us.imrworldwide.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UBW82Z6T ]
sftrack.searchforce.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UBW82Z6T ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CONTENT.YIELDMANAGER[3].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@A1.INTERCLICK[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD.360YIELD[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD.DOUBLECLICK[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD.YIELDMANAGER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADFORM[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADINTERAX[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADJUGGLER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADLEGEND[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADMARKETPLACE[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.FINANCIALCONTENT[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.ADK2[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.ADVANCEDMN[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.ASK[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.BIGHEALTHTREE[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.BLOGTALKRADIO[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.BRIDGETRACK[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.CPXCENTER[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.E-PLANNING[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.GAMERSMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.INTERGI[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.LYCOS[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.LZJL[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.NETWORLDMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.POINTROLL[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.PUBMATIC[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.PURELEADS[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.REACT2MEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.SHORTTAIL[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.SWIDIGITAL[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.UNDERTONE[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADSERVER.ADTECHUS[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADSERVING.EZANGA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADSERVING.FLAGCPC[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADSERVING.LOCALPAGES[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECHUS[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTRACK.VOICESTAR[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISE[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPANSION[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ANRTX.TACODA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APARTMENTFINDER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AR.ATWOLA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AT.ATWOLA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AZJMP[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BEACON.DMSINSIGHTS[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZRATE[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BRANDSPOTMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BRIDGE2.ADMARKETPLACE[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BS.SERVING-SYS[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BUSINESSFIND[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@C.GIGCOUNT[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CANVASDISCOUNT[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CDN.JEMAMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CHIMERAADVERTISING[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CITYGRIDMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICK.ICETRAFFIC[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICK.SCOUR[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICK.XMLMONETIZE[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKBANK[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKS.OE0ADS[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKS.THESPECIALSEARCH[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKTHROUGH.KANOODLE[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLIENTS.POINTROLL[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CN.CLICKABLE[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@COBBENERGY.122.2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@COLLECTIVE-MEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CONTENT.YIELDMANAGER[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@COUNTER.HITSLINK[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@COUNTER.RELMAXTOP[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@COUNTER.SURFCOUNTERS[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CRACKLE[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@DC.TREMORMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@DISCOUNTLOW[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@DEALTIME[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@DIGITALENTERTAINMENT.122.2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@DISCOUNTOFFICEITEMS[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@DOUBLECLICK[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@EAS.APM.EMEDIATE[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ECLICKZ[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@EDUCATIONCOM.112.2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@EHG-APOLLOINTERACTIVE.HITBOX[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@EHG-WSS.HITBOX[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ELITECREDITOPTIONS[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ENTREPRENEUR[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ERO-ADVERTISING[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@EXOCLICK[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@EYEWONDER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FASTCLICK[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FEMALEORGASMBLACKBOOK[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FIDELITY.ROTATOR.HADJ7.ADJUGGLER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FIND.10TOPSEARCHES[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FIND.KEYWORDBLOCKS[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FINDOLOGY[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FIRSTCHOICE.112.2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FLATWATERMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FUSETV.112.2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@GETCLICKY[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@GOTACHA.ROTATOR.HADJ7.ADJUGGLER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@HITBOX[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@HPI.ROTATOR.HADJ7.ADJUGGLER[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@HYPERTRACKER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@IHIRE.122.2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@IN.GETCLICKY[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INDIECLICK[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INSIGHTEXPRESSAI[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@KITARAMEDIA.122.2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INTERCHANGECORPORATION.122.2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INTERCLICK[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INTERMUNDOMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INVITEMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@KONTERA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LEGOLAS-MEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LFSTMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LINK.MERCENT[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LINKSYNERGY[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LIVEPERSON[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LIVEPERSON[3].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIA.ADFRONTIERS[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LUCIDMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MADETHECUT.112.2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIA2.LEGACY[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIA6DEGREES[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIABRANDSWW[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIAPLEX[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIAQUANTICS[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIATRAFFIC[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIATRAFFIC[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MICKLEMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MIVA.CINOMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MM.CHITIKA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MOVIETICKETSCOM.122.2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MTVN.112.2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MYROITRACKING[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@NETWORK.REALMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@NETWORLDMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@NEXTAG[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P143T1S2324376.KRONOS.BRAVENETMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@OPTIMIZE.INDIECLICK[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@OVERTURE[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P142T1S1070277.KRONOS.BRAVENETMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P142T1S471395.KRONOS.BRAVENETMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@PARTNERS.TRAFFICZ[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P179T1S2328994.KRONOS.BRAVENETMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P216T1S4838190.KRONOS.BRAVENETMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P216T1S6006852.KRONOS.BRAVENETMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P221T1S5374784.KRONOS.BRAVENETMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P304T1S5339929.KRONOS.BRAVENETMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P306T1S2806409.KRONOS.BRAVENETMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P306T1S4690233.KRONOS.BRAVENETMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P353T1S6241215.KRONOS.BRAVENETMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P373T1S2853432.KRONOS.BRAVENETMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P441T1S5341955.KRONOS.BRAVENETMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P441T1S5918700.KRONOS.BRAVENETMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@PARADE.122.2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@PMAMEDIA.SITESCOUT[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@PBTEEN[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@PEABODYPODIATRY.CLICKFORWARD[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@PHG.HITBOX[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@R1-ADS.ACE.ADVERTISING[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@POINTROLL[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@PRO-MARKET[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@QUESTIONMARKET[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ROIA.HUTCHMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@REALMEDIANETWORK[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@REALMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@REVSCI[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ROTATOR.ADJUGGLER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ROTATOR.HADJ7.ADJUGGLER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@RU4[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@S1.TREKMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@S2.TREKMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SALES.LIVEPERSON[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.CLICKSARE[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.321FINDIT[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.AMAZECLICK[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.BOLTFIND[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.CLICKBOWL[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.CLICKCHEER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.CLICKSCLICK[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.CLICKSFIND[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.CLICKSTHE[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.CLICKSTHIS[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.CLICKWHALE[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.FINDSMY[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.FINDXML[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.GREAT-DEAL-FIND[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.HIPPOFIND[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.ORFIND[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.SEEKFINDS[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEARCH.TOSEEKING[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SERVER.CPMSTAR[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SERVING-SYS[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SHEFINDS[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SMARTADSERVER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SOLVEMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SPECIFICCLICK[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@STATIC.GETCLICKY[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@STAT.DEALTIME[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@STAT.EASYDATE[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@STAT.ONESTAT[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@STATCOUNTER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SYLVANLEARNING.112.2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@STATS.ILIVID[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@STATS2.OFFICITE[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@STATSE.WEBTRENDSLIVE[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TACODA.AT.ATWOLA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TACODA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@THECLICKCHECK[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRACKING.WATERFRONTMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TOTALBEAUTY.112.2O7[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRACK.ADFORM[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRACKING.CALLMEASUREMENT[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRACKING.SMARTCLICKSYSTEM[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRACKSTATSNOW[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRADATRACKER[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRAFFIC.PROD.COBALTGROUP[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRAFFICENGINE[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRAFFICHOLDER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRAFFICMP[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRAVELADVERTISING[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TREKMEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRIBALFUSION[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@UIADSERVER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@URLWEB4--REALTRACKER--COM.REACHLOCAL[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@VIACOM.ADBUREAU[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@VIDASCO.ROTATOR.HADJ7.ADJUGGLER[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@VIDSbleeper[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@VIEWABLEMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@VITAMINE.NETWORLDMEDIA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WEB-TRAFFIC-ANALYSIS[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WSTAT.WIBIYA[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.APARTMENTFINDER[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.BURSTBEACON[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.BURSTNET[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.CANVASDISCOUNT[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.CRACKLE[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.CRACKLE[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.FIND-FAST-ANSWERS[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.FINDSEARCHENGINERESULTS[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.FINDSTUFFFORME[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.FREE-COUNTER[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.GOOGLEADSERVICES[3].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.GOOGLEADSERVICES[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.GOOGLEADSERVICES[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.MATRIX-MEDIA[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.MEDIAQUANTICS[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.MEDIATRAFFIC[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.PENNYFINDER[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.SHEFINDS[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.TENNISEXPRESS[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.TRACKLEAD[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.VIDSbleeper[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.VISIT-TRACKER[2].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.XY7TRACK[1].TXT
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@XML.CLICK9[2].TXT

#3 paulette1537

paulette1537
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:32 AM

Posted 19 September 2011 - 07:18 PM

Ok, it would only lety me run an express scan. It found something..a backdoor tss?? I HOPE I'm pasting the log correctly. I'm going to restart the computer now and see if it will work.


=============================================================================
Dr.Web Scanner for Windows v6.00.11 (6.00.11.07112)
© Doctor Web, Ltd., 1992-2011
Log generated on: 2011-09-19, 19:41:05 [OWNER-PC][owner]
Command line: "C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\148e2_xp.exe" /lng /ini:setup_xp.ini /fast
Operating system: Windows Vista Premium x86 (Build 6001), Service Pack 1
=============================================================================
DwShield started
Engine version: 5.00 (5.00.2.03300)
Engine API version: 2.02
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\5ff11d31 - 4221 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\44884e50 - 1 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\318190b2 - 28798 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\3543abe2 - 25938 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\6bdebc03 - 24658 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\65675081 - 16264 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\2202cb8b - 21563 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\3d41628a - 28282 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\67823aa9 - 23517 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\0780b4fe - 20563 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\5085332c - 29147 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\3ee28c87 - 20771 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\5a884827 - 41547 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\32202cb1 - 35434 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\e658581f - 41517 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\b54cb481 - 25512 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\41e6c7f3 - 28999 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\a7ba92eb - 36564 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\2bcc5b28 - 30676 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\be39520a - 25157 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\78f2cc14 - 21479 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\9f1f24b0 - 23541 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\c0ef35e2 - 24447 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\ea789747 - 21471 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\5259bceb - 17824 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\ac22cad9 - 18737 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\b07d92d6 - 8998 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\3580fdd9 - 9352 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\ec6d05ef - 4901 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\f2a2cd34 - 7472 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\dc460381 - 13720 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\a0cb9d55 - 12944 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\18c2464f - 17300 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\7abf1f05 - 17443 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\5dbac93f - 18483 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\9e6592f8 - 14834 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\42f8ca80 - 14185 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\393a1964 - 13370 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\4a8ec4fe - 7482 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\8f996223 - 11624 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\64b6fa6f - 10523 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\7c35498f - 10122 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\52024804 - 10453 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\67632563 - 10778 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\73dcc187 - 9822 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\fb08cd80 - 14045 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\1ad8d182 - 7028 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\94a1f899 - 8674 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\832920f4 - 8626 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\1866f150 - 8231 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\0cf82a5a - 10397 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\30de732d - 11234 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\f8864bf5 - 10356 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\8ceb94c2 - 11383 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\91491f3c - 8957 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\f267d0e8 - 11015 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\f98d8f07 - 11168 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\8690f0bd - 7798 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\04f9ae7e - 7873 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\da67c8c8 - 6904 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\14371965 - 6503 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\c0cc2994 - 9823 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\527f41ce - 7572 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\92d72284 - 6996 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\95dd12d9 - 16360 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\7a7e9ea5 - 29168 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\6fabf7ee - 34202 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\bc00cb3a - 28292 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\bc5c69a8 - 27164 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\f1d58d4b - 25131 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\b6368d14 - 31464 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\fc1fb520 - 18281 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\d27f465e - 18009 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\8e22c387 - 24685 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\e0ad6d16 - 13651 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\e35f5382 - 16025 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\33f928cf - 15644 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\1610fcb5 - 23265 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\1f38c172 - 23135 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\09963012 - 20510 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\624e93a3 - 25475 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\37913f9c - 16298 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\bc504e7d - 19357 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\b016289b - 18381 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\37dd6aaf - 19562 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\f0642766 - 27102 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\af3babe5 - 21223 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\6e7e2c25 - 24847 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\bc41f37d - 23251 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\45dfef0c - 14982 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\55f26e67 - 16778 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\cd4b32ed - 18725 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\24a2a5ed - 18429 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\43806509 - 6220 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\48b9737f - 142240 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\1a72878b - 66726 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\e0959405 - 24512 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\00cf6d80 - 82762 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\8c0acedd - 508543 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\7f114838 - 455 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\a39203da - 1683 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\8cf9258f - 1843 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\4a938b25 - 1694 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\a5b17492 - 1578 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\fcb3e167 - 1959 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\cf72e595 - 2033 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\7366972c - 1812 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\0f08b473 - 1738 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\0c63c719 - 1885 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\2685c964 - 2091 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\8a261801 - 1569 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\97210522 - 1834 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\7d512e80 - 56 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\c40a2d31 - 2796 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\94c31790 - 2015 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\133ef09c - 2208 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\1072831c - 2483 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\18c8ac75 - 1603 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\f7dfa1bb - 1919 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\0c27152c - 1819 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\e2050b31 - 2229 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\7a266b28 - 1833 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\0b35a7b5 - 1614 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\928d50c4 - 2297 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\f1720be3 - 2110 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\773e7932 - 2007 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\7f743adc - 2370 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\b66fe4b8 - 2241 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\ce65a33b - 2596 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\7056d356 - 2024 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\8cdf856b - 1609 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\02dec8af - 1471 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\aae89f3f - 1445 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\429ae6b0 - 1895 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\86a49570 - 2312 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\838b5a15 - 3006 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\29ea5e74 - 2146 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\b3485d42 - 1714 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\c4be3f4f - 2095 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\0150725d - 2715 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\46f83db4 - 2545 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\ae4f31fd - 2801 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\357e7448 - 6197 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\4ce8b1b2 - 28348 virus records
Total virus records: 2614109
[Self-checking] C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\148e2_xp.exe
Key file: C:\Users\owner\AppData\Local\Temp\5493A644-120A44FC-AA38C698-160BDBC4\setup.key
License key number: 0013622856
Registered to: An unauthorized User
License key activates on: 2011-03-10
License key expires on: 2012-03-11
=============================================================================
Dr.Web Scanner for Windows v6.00.11 (6.00.11.07112)
© Doctor Web, Ltd., 1992-2011
Log generated on: 2011-09-19, 20:10:50 [OWNER-PC][owner]
Command line: "C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\148e2_xp.exe" /lng /ini:setup_xp.ini /fast
Operating system: Windows Vista Premium x86 (Build 6001), Service Pack 1
=============================================================================
DwShield started
Engine version: 5.00 (5.00.2.03300)
Engine API version: 2.02
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\5ff11d31 - 4221 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\44884e50 - 1 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\318190b2 - 28798 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\3543abe2 - 25938 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\6bdebc03 - 24658 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\65675081 - 16264 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\2202cb8b - 21563 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\3d41628a - 28282 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\67823aa9 - 23517 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\0780b4fe - 20563 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\5085332c - 29147 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\3ee28c87 - 20771 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\5a884827 - 41547 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\32202cb1 - 35434 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\e658581f - 41517 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\b54cb481 - 25512 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\41e6c7f3 - 28999 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\a7ba92eb - 36564 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\2bcc5b28 - 30676 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\be39520a - 25157 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\78f2cc14 - 21479 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\9f1f24b0 - 23541 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\c0ef35e2 - 24447 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\ea789747 - 21471 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\5259bceb - 17824 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\ac22cad9 - 18737 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\b07d92d6 - 8998 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\3580fdd9 - 9352 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\ec6d05ef - 4901 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\f2a2cd34 - 7472 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\dc460381 - 13720 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\a0cb9d55 - 12944 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\18c2464f - 17300 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\7abf1f05 - 17443 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\5dbac93f - 18483 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\9e6592f8 - 14834 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\42f8ca80 - 14185 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\393a1964 - 13370 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\4a8ec4fe - 7482 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\8f996223 - 11624 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\64b6fa6f - 10523 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\7c35498f - 10122 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\52024804 - 10453 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\67632563 - 10778 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\73dcc187 - 9822 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\fb08cd80 - 14045 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\1ad8d182 - 7028 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\94a1f899 - 8674 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\832920f4 - 8626 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\1866f150 - 8231 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\0cf82a5a - 10397 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\30de732d - 11234 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\f8864bf5 - 10356 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\8ceb94c2 - 11383 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\91491f3c - 8957 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\f267d0e8 - 11015 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\f98d8f07 - 11168 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\8690f0bd - 7798 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\04f9ae7e - 7873 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\da67c8c8 - 6904 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\14371965 - 6503 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\c0cc2994 - 9823 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\527f41ce - 7572 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\92d72284 - 6996 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\95dd12d9 - 16360 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\7a7e9ea5 - 29168 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\6fabf7ee - 34202 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\bc00cb3a - 28292 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\bc5c69a8 - 27164 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\f1d58d4b - 25131 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\b6368d14 - 31464 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\fc1fb520 - 18281 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\d27f465e - 18009 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\8e22c387 - 24685 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\e0ad6d16 - 13651 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\e35f5382 - 16025 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\33f928cf - 15644 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\1610fcb5 - 23265 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\1f38c172 - 23135 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\09963012 - 20510 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\624e93a3 - 25475 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\37913f9c - 16298 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\bc504e7d - 19357 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\b016289b - 18381 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\37dd6aaf - 19562 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\f0642766 - 27102 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\af3babe5 - 21223 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\6e7e2c25 - 24847 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\bc41f37d - 23251 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\45dfef0c - 14982 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\55f26e67 - 16778 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\cd4b32ed - 18725 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\24a2a5ed - 18429 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\43806509 - 6220 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\48b9737f - 142240 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\1a72878b - 66726 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\e0959405 - 24512 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\00cf6d80 - 82762 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\8c0acedd - 508543 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\7f114838 - 455 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\a39203da - 1683 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\8cf9258f - 1843 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\4a938b25 - 1694 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\a5b17492 - 1578 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\fcb3e167 - 1959 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\cf72e595 - 2033 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\7366972c - 1812 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\0f08b473 - 1738 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\0c63c719 - 1885 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\2685c964 - 2091 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\8a261801 - 1569 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\97210522 - 1834 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\7d512e80 - 56 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\c40a2d31 - 2796 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\94c31790 - 2015 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\133ef09c - 2208 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\1072831c - 2483 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\18c8ac75 - 1603 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\f7dfa1bb - 1919 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\0c27152c - 1819 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\e2050b31 - 2229 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\7a266b28 - 1833 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\0b35a7b5 - 1614 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\928d50c4 - 2297 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\f1720be3 - 2110 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\773e7932 - 2007 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\7f743adc - 2370 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\b66fe4b8 - 2241 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\ce65a33b - 2596 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\7056d356 - 2024 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\8cdf856b - 1609 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\02dec8af - 1471 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\aae89f3f - 1445 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\429ae6b0 - 1895 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\86a49570 - 2312 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\838b5a15 - 3006 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\29ea5e74 - 2146 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\b3485d42 - 1714 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\c4be3f4f - 2095 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\0150725d - 2715 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\46f83db4 - 2545 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\ae4f31fd - 2801 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\357e7448 - 6197 virus records
[Virus database] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\4ce8b1b2 - 28348 virus records
Total virus records: 2614109
[Self-checking] C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\148e2_xp.exe
Key file: C:\Users\owner\AppData\Local\Temp\FD99B110-BC4A4FD6-3CF3AA62-D0CBD445\setup.key
License key number: 0013622856
Registered to: An unauthorized User
License key activates on: 2011-03-10
License key expires on: 2012-03-11
[Memory scanning] No viruses found

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Scanned: 0
Infected: 0
Modifications: 0
Suspicious: 0
Adware: 0
Dialers: 0
Jokes: 0
Riskware: 0
Hacktools: 0
Cured: 0
Deleted: 0
Renamed: 0
Moved: 0
Ignored: 0
Scan speed: 0 Kb/s
Scan time: 0:00:00
-----------------------------------------------------------------------------

#4 paulette1537

paulette1537
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:32 AM

Posted 19 September 2011 - 08:00 PM

Nope..it still restarts itself! I'm going insane.. :crazy:

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:32 AM

Posted 19 September 2011 - 09:59 PM

Hello, I will be taking this topic from here.

Is ESET your Antivirus?
Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?



Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.5.22.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, [color="#8B0000"]Post new scan log
and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 paulette1537

paulette1537
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:32 AM

Posted 20 September 2011 - 12:46 PM

This morning I ran the dr. web cure it again. It found a backdoor something or other and cured it. The computer FINALLY started normally. As of now I haven't been redirected. Should I still take the above steps or wait to see if it's fixed? As for your questions

This morning I ran the dr. web cure it again. It found a backdoor something or other and cured it. The computer FINALLY started normally. As of now I haven't been redirected. Should I still take the above steps or wait to see if it's fixed? As for your questions

This morning I ran the dr. web cure it again. It found a backdoor something or other and cured it. The computer FINALLY started normally. As of now I haven't been redirected. Should I still take the above steps or wait to see if it's fixed? As for your questions

This morning I ran the dr. web cure it again. It found a backdoor something or other and cured it. The computer FINALLY started normally. As of now I haven't been redirected. Should I still take the above steps or wait to see if it's fixed? As for your questions

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:32 AM

Posted 20 September 2011 - 12:55 PM

To be sure its gone run the TDSSkiller and MBAM and post the logs.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 paulette1537

paulette1537
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:32 AM

Posted 20 September 2011 - 04:02 PM

OMG I apologize for my reply posting so many times earlier..not sure how that happened.


2011/09/20 16:03:12.0712 4056 TDSS rootkit removing tool 2.5.23.0 Sep 20 2011 08:53:10
2011/09/20 16:03:13.0242 4056 ================================================================================
2011/09/20 16:03:13.0242 4056 SystemInfo:
2011/09/20 16:03:13.0242 4056
2011/09/20 16:03:13.0242 4056 OS Version: 6.0.6002 ServicePack: 2.0
2011/09/20 16:03:13.0242 4056 Product type: Workstation
2011/09/20 16:03:13.0242 4056 ComputerName: OWNER-PC
2011/09/20 16:03:13.0242 4056 UserName: owner
2011/09/20 16:03:13.0242 4056 Windows directory: C:\Windows
2011/09/20 16:03:13.0242 4056 System windows directory: C:\Windows
2011/09/20 16:03:13.0242 4056 Processor architecture: Intel x86
2011/09/20 16:03:13.0242 4056 Number of processors: 2
2011/09/20 16:03:13.0242 4056 Page size: 0x1000
2011/09/20 16:03:13.0242 4056 Boot type: Normal boot
2011/09/20 16:03:13.0242 4056 ================================================================================
2011/09/20 16:03:14.0443 4056 Initialize success
2011/09/20 16:03:17.0189 2076 ================================================================================
2011/09/20 16:03:17.0189 2076 Scan started
2011/09/20 16:03:17.0189 2076 Mode: Manual;
2011/09/20 16:03:17.0189 2076 ================================================================================
2011/09/20 16:03:18.0140 2076 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/09/20 16:03:18.0265 2076 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/09/20 16:03:18.0312 2076 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/09/20 16:03:18.0406 2076 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/09/20 16:03:18.0452 2076 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/09/20 16:03:18.0577 2076 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
2011/09/20 16:03:18.0640 2076 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/09/20 16:03:18.0733 2076 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/09/20 16:03:18.0780 2076 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/09/20 16:03:18.0858 2076 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/09/20 16:03:18.0952 2076 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/09/20 16:03:18.0998 2076 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/09/20 16:03:19.0123 2076 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/09/20 16:03:19.0154 2076 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/09/20 16:03:19.0279 2076 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\Windows\system32\drivers\aswFsBlk.sys
2011/09/20 16:03:19.0342 2076 aswMonFlt (4804753a4ec7d67cc22d226bffd1c1e3) C:\Windows\system32\drivers\aswMonFlt.sys
2011/09/20 16:03:19.0466 2076 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\Windows\system32\drivers\aswRdr.sys
2011/09/20 16:03:19.0513 2076 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\Windows\system32\drivers\aswSnx.sys
2011/09/20 16:03:19.0622 2076 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\Windows\system32\drivers\aswSP.sys
2011/09/20 16:03:19.0747 2076 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\Windows\system32\drivers\aswTdi.sys
2011/09/20 16:03:19.0794 2076 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/20 16:03:19.0903 2076 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/09/20 16:03:19.0997 2076 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/09/20 16:03:20.0184 2076 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/20 16:03:20.0278 2076 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/09/20 16:03:20.0324 2076 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/09/20 16:03:20.0434 2076 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/09/20 16:03:20.0480 2076 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/09/20 16:03:20.0512 2076 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/09/20 16:03:20.0590 2076 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/09/20 16:03:20.0636 2076 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/09/20 16:03:20.0699 2076 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/20 16:03:20.0824 2076 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/20 16:03:20.0870 2076 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/09/20 16:03:20.0933 2076 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/09/20 16:03:21.0026 2076 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/09/20 16:03:21.0089 2076 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/09/20 16:03:21.0120 2076 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/09/20 16:03:21.0167 2076 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/09/20 16:03:21.0276 2076 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
2011/09/20 16:03:21.0432 2076 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/09/20 16:03:21.0572 2076 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/09/20 16:03:21.0619 2076 DXGKrnl (fb85f7f69e9b109820409243f578cc4d) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/20 16:03:21.0728 2076 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/09/20 16:03:21.0791 2076 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/09/20 16:03:22.0009 2076 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/09/20 16:03:22.0118 2076 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/09/20 16:03:22.0212 2076 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/09/20 16:03:22.0259 2076 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/20 16:03:22.0384 2076 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/09/20 16:03:22.0430 2076 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/09/20 16:03:22.0477 2076 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/20 16:03:22.0571 2076 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/09/20 16:03:22.0618 2076 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/20 16:03:22.0664 2076 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/09/20 16:03:22.0805 2076 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/09/20 16:03:22.0883 2076 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/20 16:03:22.0976 2076 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/09/20 16:03:23.0023 2076 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/09/20 16:03:23.0101 2076 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/20 16:03:23.0179 2076 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/09/20 16:03:23.0257 2076 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/09/20 16:03:23.0335 2076 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/09/20 16:03:23.0413 2076 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/20 16:03:23.0507 2076 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/09/20 16:03:23.0569 2076 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/09/20 16:03:23.0663 2076 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Acer\Empowering Technology\eRecovery\int15.sys
2011/09/20 16:03:23.0819 2076 IntcAzAudAddService (75334eceef6f39eec569f2f445254eda) C:\Windows\system32\drivers\RTKVHDA.sys
2011/09/20 16:03:23.0912 2076 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/09/20 16:03:23.0959 2076 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/20 16:03:24.0115 2076 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/20 16:03:24.0193 2076 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/09/20 16:03:24.0302 2076 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/09/20 16:03:24.0349 2076 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/09/20 16:03:24.0443 2076 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/09/20 16:03:24.0505 2076 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/20 16:03:24.0614 2076 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/09/20 16:03:24.0646 2076 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/09/20 16:03:24.0755 2076 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/20 16:03:24.0802 2076 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/20 16:03:24.0864 2076 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/20 16:03:25.0020 2076 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/20 16:03:25.0098 2076 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/09/20 16:03:25.0176 2076 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/09/20 16:03:25.0223 2076 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/09/20 16:03:25.0270 2076 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/09/20 16:03:25.0488 2076 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/09/20 16:03:25.0582 2076 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/09/20 16:03:25.0644 2076 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/20 16:03:25.0691 2076 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/20 16:03:25.0753 2076 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/20 16:03:25.0878 2076 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/09/20 16:03:25.0956 2076 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/09/20 16:03:26.0018 2076 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/20 16:03:26.0112 2076 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/09/20 16:03:26.0206 2076 MREMP50 (80b2ec735495823ae5771a5f603e73bd) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
2011/09/20 16:03:26.0252 2076 MRESP50 (37d7c22f7e26da90e2d2d260e5d27846) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
2011/09/20 16:03:26.0393 2076 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/09/20 16:03:26.0455 2076 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/20 16:03:26.0564 2076 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/20 16:03:26.0596 2076 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/20 16:03:26.0642 2076 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/09/20 16:03:26.0736 2076 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/09/20 16:03:26.0814 2076 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/09/20 16:03:26.0923 2076 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/09/20 16:03:27.0001 2076 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/20 16:03:27.0032 2076 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/20 16:03:27.0142 2076 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/09/20 16:03:27.0188 2076 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/09/20 16:03:27.0298 2076 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/20 16:03:27.0329 2076 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/09/20 16:03:27.0438 2076 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/09/20 16:03:27.0516 2076 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/20 16:03:27.0641 2076 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/09/20 16:03:27.0766 2076 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/20 16:03:27.0812 2076 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/20 16:03:27.0875 2076 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/20 16:03:27.0953 2076 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/09/20 16:03:28.0015 2076 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/20 16:03:28.0109 2076 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/20 16:03:28.0218 2076 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/09/20 16:03:28.0296 2076 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/09/20 16:03:28.0390 2076 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/20 16:03:28.0499 2076 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/09/20 16:03:28.0608 2076 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2011/09/20 16:03:28.0655 2076 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/09/20 16:03:28.0670 2076 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/09/20 16:03:28.0717 2076 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/09/20 16:03:28.0904 2076 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/09/20 16:03:28.0967 2076 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/09/20 16:03:29.0154 2076 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/20 16:03:29.0310 2076 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
2011/09/20 16:03:29.0341 2076 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/09/20 16:03:29.0388 2076 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
2011/09/20 16:03:29.0544 2076 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/09/20 16:03:29.0591 2076 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2011/09/20 16:03:29.0700 2076 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/09/20 16:03:29.0840 2076 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/09/20 16:03:30.0043 2076 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/20 16:03:30.0074 2076 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/09/20 16:03:30.0168 2076 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/20 16:03:30.0262 2076 PSDFilter (e801d5cc24e1cf18fa87d24d7074b876) C:\Windows\system32\DRIVERS\psdfilter.sys
2011/09/20 16:03:30.0308 2076 PSDNServ (24b5e3429f7f0e779fc2e6e36a0a5f73) C:\Windows\system32\drivers\PSDNServ.sys
2011/09/20 16:03:30.0355 2076 psdvdisk (01cbfd08c0e8a6106bb26fcda297154e) C:\Windows\system32\drivers\psdvdisk.sys
2011/09/20 16:03:30.0464 2076 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/09/20 16:03:30.0542 2076 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/09/20 16:03:30.0636 2076 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/20 16:03:30.0683 2076 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/20 16:03:30.0792 2076 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/20 16:03:30.0839 2076 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/20 16:03:30.0948 2076 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/20 16:03:30.0995 2076 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/20 16:03:31.0057 2076 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/20 16:03:31.0135 2076 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/09/20 16:03:31.0182 2076 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/20 16:03:31.0260 2076 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/09/20 16:03:31.0369 2076 RMCAST (eec7ee5675294b03e88aa868540007c1) C:\Windows\system32\DRIVERS\RMCAST.sys
2011/09/20 16:03:31.0447 2076 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/20 16:03:31.0556 2076 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/09/20 16:03:31.0588 2076 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/09/20 16:03:31.0697 2076 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/09/20 16:03:31.0759 2076 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/09/20 16:03:31.0822 2076 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/09/20 16:03:31.0931 2076 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/09/20 16:03:31.0978 2076 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/09/20 16:03:32.0102 2076 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/09/20 16:03:32.0134 2076 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/20 16:03:32.0165 2076 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/20 16:03:32.0446 2076 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/09/20 16:03:32.0508 2076 SiS6350 (4fbd2c53c1e04f8e35c96747984fde13) C:\Windows\system32\DRIVERS\SISGRKMD.sys
2011/09/20 16:03:32.0586 2076 SISAGP (df1af7f5f1ec7800b3ac398acc06c754) C:\Windows\system32\DRIVERS\SISAGPX.sys
2011/09/20 16:03:32.0617 2076 SiSGbeLH (f3c4c6c4daf2212ac905475ed0f0fb1b) C:\Windows\system32\DRIVERS\SiSGB6.sys
2011/09/20 16:03:32.0695 2076 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/09/20 16:03:32.0773 2076 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/09/20 16:03:32.0836 2076 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/09/20 16:03:32.0914 2076 smserial (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys
2011/09/20 16:03:33.0054 2076 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/09/20 16:03:33.0163 2076 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/09/20 16:03:33.0272 2076 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/20 16:03:33.0319 2076 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/20 16:03:33.0428 2076 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/20 16:03:33.0491 2076 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/09/20 16:03:33.0553 2076 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/09/20 16:03:33.0647 2076 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/09/20 16:03:33.0772 2076 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/09/20 16:03:33.0865 2076 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/20 16:03:33.0928 2076 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/20 16:03:33.0959 2076 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/09/20 16:03:34.0052 2076 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/09/20 16:03:34.0099 2076 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/20 16:03:34.0146 2076 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/20 16:03:34.0302 2076 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/20 16:03:34.0364 2076 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/09/20 16:03:34.0411 2076 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/20 16:03:34.0489 2076 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\DRIVERS\uagp35.sys
2011/09/20 16:03:34.0536 2076 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/20 16:03:34.0598 2076 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/20 16:03:34.0754 2076 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/09/20 16:03:34.0832 2076 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/09/20 16:03:34.0864 2076 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/09/20 16:03:34.0957 2076 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/20 16:03:35.0051 2076 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/20 16:03:35.0129 2076 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/09/20 16:03:35.0222 2076 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/20 16:03:35.0316 2076 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/20 16:03:35.0378 2076 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
2011/09/20 16:03:35.0410 2076 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/20 16:03:35.0488 2076 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/09/20 16:03:35.0566 2076 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/20 16:03:35.0659 2076 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/20 16:03:35.0737 2076 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/20 16:03:35.0768 2076 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/09/20 16:03:35.0846 2076 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/09/20 16:03:35.0909 2076 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/09/20 16:03:35.0940 2076 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/09/20 16:03:36.0018 2076 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/09/20 16:03:36.0096 2076 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/09/20 16:03:36.0143 2076 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/09/20 16:03:36.0221 2076 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/09/20 16:03:36.0299 2076 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/09/20 16:03:36.0377 2076 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/20 16:03:36.0408 2076 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/20 16:03:36.0486 2076 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/09/20 16:03:36.0595 2076 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/20 16:03:36.0782 2076 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/09/20 16:03:36.0907 2076 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/09/20 16:03:36.0970 2076 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/20 16:03:37.0094 2076 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/20 16:03:37.0157 2076 MBR (0x1B8) (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0
2011/09/20 16:03:37.0968 2076 Boot (0x1200) (65c53aef4eaa186df4f029a80a1e3a03) \Device\Harddisk0\DR0\Partition0
2011/09/20 16:03:37.0999 2076 Boot (0x1200) (efeb4820fd4de33d53d37af5c5644264) \Device\Harddisk0\DR0\Partition1
2011/09/20 16:03:38.0015 2076 ================================================================================
2011/09/20 16:03:38.0015 2076 Scan finished
2011/09/20 16:03:38.0015 2076 ================================================================================
2011/09/20 16:03:38.0030 1624 Detected object count: 0
2011/09/20 16:03:38.0030 1624 Actual detected object count: 0
2011/09/20 16:03:48.0030 3236 Deinitialize success





Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7748

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

9/20/2011 5:01:37 PM
mbam-log-2011-09-20 (17-01-37).txt

Scan type: Full scan (C:\|)
Objects scanned: 292281
Time elapsed: 54 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:32 AM

Posted 20 September 2011 - 08:50 PM

OK good, A note about the backdoor.
A backdoor Trojan can allow an attacker to
gain control of the system, log keystrokes, steal passwords, access personal
data, send malevolent outgoing traffic, and close the security warning
messages displayed by some anti-virus and security programs.

I would advise you to disconnect this PC from the Internet, and then go to
a known clean computer and change any passwords or security information held
on the infected computer. In particular, check whatever relates to online
banking financial transactions, shopping, credit cards, or sensitive
personal information. It is also wise to contact your financial institutions
to apprise them of your situation.


Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users