Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win 7 Home Security 2012 - Unregistered Version & AVG Resident Shield Alert


  • Please log in to reply
10 replies to this topic

#1 miszsunshinee

miszsunshinee

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 18 December 2011 - 02:11 AM

Hello,

Today my computer encountered a virus called Win 7 Home Security 2012 - Unregistered Version. It kept on spamming with a window telling me that my computer is infected and I should run the scan. Being so frustrated, I went on a clean computer and looked up solutions from this forum to fix the virus because it wouldn't let me access the internet from firefox. Here is an image of what popped up from the virus: "http://imageshack.us/photo/my-images/690/virus3k.png/"I found the website "http://www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2012" and followed all the instructions.

- For the RKill scan, my results were:
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 12/17/2011 at 23:00:01.
Operating System: Windows 7 Professional


Processes terminated by Rkill or while it was running:

C:\Users\Mary\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Mary\AppData\Local\owm.exe


Rkill completed on 12/17/2011 at 23:00:16.




- I also scanned my computer with MalwareBytes and it didn't find anything, but here are the results:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8391

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

12/17/2011 11:56:19 PM
mbam-log-2011-12-17 (23-56-19).txt

Scan type: Full scan (C:\|Q:\|)
Objects scanned: 349261
Time elapsed: 48 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



-- After following these instructions, I went to "http://www.bleepingcomputer.com/tutorials/detect-vulnerable-programs-with-secunia-psi/"

Here are my results:
http://imageshack.us/photo/my-images/195/virus5.png/
http://imageshack.us/photo/my-images/854/virus6b.png/

Is there anyway that I can double check to make sure that I don't have the Win 7 Home Security 2012 - Unregistered Version virus anymore?






In addition to the Win 7 Home Security 2012 - Unregistered Version virus, I keep on getting pop ups from AVG Resident Shield Alert? Here are some images:
http://imageshack.us/photo/my-images/266/virus1.png/
http://imageshack.us/photo/my-images/26/virus2d.png/
http://imageshack.us/photo/my-images/809/virus4.png/

Why did these windows from AVG keep on popping up? Is this another virus? After following the instructions from both of the previous links I posted above, the AVG Resident Shield Alert seem to stopped and so did the Win 7 Home Security 2012 - Unregistered Version virus. Any help would be appreciated, thanks!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:33 PM

Posted 18 December 2011 - 10:14 AM

What surprises me is that


http://imageshack.us/photo/my-images/26/virus2d.png/

Malwarebytes should have detected this msimg32.dll infection as rootkit.0Access.

In your case mbam scan looks clean.Run a full scan in safemode and see if it detects msimg32.dll

Thanks

Edited by narenxp, 18 December 2011 - 10:14 AM.


#3 miszsunshinee

miszsunshinee
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 18 December 2011 - 11:14 PM

How do I go into safe mode?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:33 PM

Posted 19 December 2011 - 09:08 AM

Press F8 on bootup

You should receive advanced boot up options like this

Posted Image


Enter safemode now

#5 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:33 PM

Posted 21 December 2011 - 12:56 AM

Please download and run TDSSKiller and if it tells you to fix anything PLEASE DO NOT FIX ANYTHING. Open the log file located in C:\ with TDSS as the first characters and paste the results.

It could be a new variant that is currently undetected by Malwarebytes.

Please do the following:

SUPERAntiSpyware:

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are unchecked (leave all others checked):
    • Ignore files larger then 4mb
    • Ignore non-executable files

    Now Perform the scan with SUPERAntiSpyware as follows:
    • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes" and reboot normally.
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.[list]
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

SAS Portable
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.

I would also like to mention, that your post is very detailed and makes it easier for us to assist you.

#6 miszsunshinee

miszsunshinee
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 21 December 2011 - 12:00 PM

I couldn't find the results in the C:\TDSS folder but here are the results under report:

10:35:30.0352 4972 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
10:35:30.0992 4972 ============================================================
10:35:30.0992 4972 Current date / time: 2011/12/21 10:35:30.0992
10:35:30.0992 4972 SystemInfo:
10:35:30.0992 4972
10:35:30.0993 4972 OS Version: 6.1.7601 ServicePack: 1.0
10:35:30.0993 4972 Product type: Workstation
10:35:30.0993 4972 ComputerName: MARY-VAIO
10:35:30.0993 4972 UserName: Mary
10:35:30.0993 4972 Windows directory: C:\Windows
10:35:30.0993 4972 System windows directory: C:\Windows
10:35:30.0993 4972 Running under WOW64
10:35:30.0993 4972 Processor architecture: Intel x64
10:35:30.0993 4972 Number of processors: 4
10:35:30.0993 4972 Page size: 0x1000
10:35:30.0993 4972 Boot type: Normal boot
10:35:30.0993 4972 ============================================================
10:35:31.0522 4972 Initialize success
10:35:34.0652 5032 ============================================================
10:35:34.0652 5032 Scan started
10:35:34.0652 5032 Mode: Manual;
10:35:34.0652 5032 ============================================================
10:35:35.0288 5032 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:35:35.0294 5032 1394ohci - ok
10:35:35.0416 5032 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:35:35.0423 5032 ACPI - ok
10:35:35.0533 5032 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:35:35.0535 5032 AcpiPmi - ok
10:35:35.0636 5032 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
10:35:35.0646 5032 adp94xx - ok
10:35:35.0744 5032 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
10:35:35.0751 5032 adpahci - ok
10:35:35.0829 5032 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
10:35:35.0834 5032 adpu320 - ok
10:35:36.0001 5032 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
10:35:36.0010 5032 AFD - ok
10:35:36.0126 5032 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:35:36.0130 5032 agp440 - ok
10:35:36.0244 5032 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:35:36.0247 5032 aliide - ok
10:35:36.0353 5032 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:35:36.0356 5032 amdide - ok
10:35:36.0453 5032 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
10:35:36.0457 5032 AmdK8 - ok
10:35:36.0550 5032 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
10:35:36.0553 5032 AmdPPM - ok
10:35:36.0657 5032 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:35:36.0661 5032 amdsata - ok
10:35:36.0752 5032 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
10:35:36.0757 5032 amdsbs - ok
10:35:36.0853 5032 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:35:36.0855 5032 amdxata - ok
10:35:36.0964 5032 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\drivers\Apfiltr.sys
10:35:36.0969 5032 ApfiltrService - ok
10:35:37.0075 5032 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:35:37.0079 5032 AppID - ok
10:35:37.0215 5032 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
10:35:37.0219 5032 arc - ok
10:35:37.0303 5032 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
10:35:37.0307 5032 arcsas - ok
10:35:37.0385 5032 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
10:35:37.0388 5032 ArcSoftKsUFilter - ok
10:35:37.0513 5032 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:35:37.0516 5032 AsyncMac - ok
10:35:37.0627 5032 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:35:37.0629 5032 atapi - ok
10:35:37.0766 5032 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
10:35:37.0823 5032 athr - ok
10:35:38.0090 5032 atikmdag (f3a362b683b6158cc47d7e8e58b7ddc9) C:\Windows\system32\DRIVERS\atikmdag.sys
10:35:38.0316 5032 atikmdag - ok
10:35:38.0444 5032 AVGIDSDriver (e6671e90d38c88764412e07c9d9b3d63) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
10:35:38.0447 5032 AVGIDSDriver - ok
10:35:38.0546 5032 AVGIDSEH (1553b388e0f0462c25ad8f30c3c29e83) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
10:35:38.0549 5032 AVGIDSEH - ok
10:35:38.0639 5032 AVGIDSFilter (dca426a66739e75f51a72160dfb945ad) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
10:35:38.0642 5032 AVGIDSFilter - ok
10:35:38.0735 5032 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys
10:35:38.0740 5032 Avgldx64 - ok
10:35:38.0831 5032 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys
10:35:38.0833 5032 Avgmfx64 - ok
10:35:38.0945 5032 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys
10:35:38.0947 5032 Avgrkx64 - ok
10:35:39.0033 5032 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\Windows\system32\DRIVERS\avgtdia.sys
10:35:39.0038 5032 Avgtdia - ok
10:35:39.0149 5032 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
10:35:39.0160 5032 b06bdrv - ok
10:35:39.0263 5032 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:35:39.0269 5032 b57nd60a - ok
10:35:39.0387 5032 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:35:39.0390 5032 Beep - ok
10:35:39.0480 5032 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
10:35:39.0483 5032 blbdrive - ok
10:35:39.0617 5032 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:35:39.0621 5032 bowser - ok
10:35:39.0720 5032 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
10:35:39.0724 5032 BrFiltLo - ok
10:35:39.0823 5032 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
10:35:39.0826 5032 BrFiltUp - ok
10:35:39.0929 5032 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:35:39.0936 5032 Brserid - ok
10:35:40.0044 5032 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:35:40.0047 5032 BrSerWdm - ok
10:35:40.0158 5032 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:35:40.0161 5032 BrUsbMdm - ok
10:35:40.0252 5032 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:35:40.0255 5032 BrUsbSer - ok
10:35:40.0349 5032 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
10:35:40.0352 5032 BthEnum - ok
10:35:40.0448 5032 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
10:35:40.0451 5032 BTHMODEM - ok
10:35:40.0563 5032 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
10:35:40.0567 5032 BthPan - ok
10:35:40.0675 5032 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
10:35:40.0685 5032 BTHPORT - ok
10:35:40.0804 5032 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
10:35:40.0807 5032 BTHUSB - ok
10:35:40.0905 5032 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
10:35:40.0909 5032 btusbflt - ok
10:35:41.0023 5032 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
10:35:41.0027 5032 btwaudio - ok
10:35:41.0120 5032 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
10:35:41.0126 5032 btwavdt - ok
10:35:41.0232 5032 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
10:35:41.0235 5032 btwl2cap - ok
10:35:41.0324 5032 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\drivers\btwrchid.sys
10:35:41.0327 5032 btwrchid - ok
10:35:41.0407 5032 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:35:41.0411 5032 cdfs - ok
10:35:41.0512 5032 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
10:35:41.0516 5032 cdrom - ok
10:35:41.0614 5032 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
10:35:41.0617 5032 circlass - ok
10:35:41.0716 5032 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:35:41.0724 5032 CLFS - ok
10:35:41.0866 5032 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
10:35:41.0868 5032 CmBatt - ok
10:35:41.0955 5032 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:35:41.0958 5032 cmdide - ok
10:35:42.0068 5032 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
10:35:42.0077 5032 CNG - ok
10:35:42.0179 5032 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
10:35:42.0181 5032 Compbatt - ok
10:35:42.0283 5032 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:35:42.0286 5032 CompositeBus - ok
10:35:42.0375 5032 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
10:35:42.0378 5032 crcdisk - ok
10:35:42.0527 5032 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
10:35:42.0537 5032 CSC - ok
10:35:42.0716 5032 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:35:42.0720 5032 DfsC - ok
10:35:42.0807 5032 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:35:42.0810 5032 discache - ok
10:35:42.0903 5032 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
10:35:42.0906 5032 Disk - ok
10:35:43.0014 5032 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:35:43.0016 5032 drmkaud - ok
10:35:43.0124 5032 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:35:43.0134 5032 DXGKrnl - ok
10:35:43.0233 5032 EagleX64 - ok
10:35:43.0393 5032 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
10:35:43.0496 5032 ebdrv - ok
10:35:43.0633 5032 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
10:35:43.0642 5032 elxstor - ok
10:35:43.0740 5032 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:35:43.0751 5032 ErrDev - ok
10:35:43.0877 5032 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:35:43.0883 5032 exfat - ok
10:35:43.0971 5032 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:35:43.0976 5032 fastfat - ok
10:35:44.0089 5032 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
10:35:44.0093 5032 fdc - ok
10:35:44.0172 5032 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:35:44.0176 5032 FileInfo - ok
10:35:44.0256 5032 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:35:44.0259 5032 Filetrace - ok
10:35:44.0347 5032 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
10:35:44.0350 5032 flpydisk - ok
10:35:44.0457 5032 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:35:44.0463 5032 FltMgr - ok
10:35:44.0556 5032 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:35:44.0560 5032 FsDepends - ok
10:35:44.0637 5032 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:35:44.0640 5032 Fs_Rec - ok
10:35:44.0757 5032 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:35:44.0762 5032 fvevol - ok
10:35:44.0851 5032 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
10:35:44.0854 5032 gagp30kx - ok
10:35:44.0948 5032 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:35:44.0951 5032 GEARAspiWDM - ok
10:35:45.0091 5032 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:35:45.0094 5032 hcw85cir - ok
10:35:45.0205 5032 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:35:45.0213 5032 HdAudAddService - ok
10:35:45.0324 5032 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:35:45.0337 5032 HDAudBus - ok
10:35:45.0420 5032 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
10:35:45.0422 5032 HECIx64 - ok
10:35:45.0510 5032 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
10:35:45.0514 5032 HidBatt - ok
10:35:45.0623 5032 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
10:35:45.0627 5032 HidBth - ok
10:35:45.0717 5032 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
10:35:45.0721 5032 HidIr - ok
10:35:45.0839 5032 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
10:35:45.0850 5032 HidUsb - ok
10:35:45.0956 5032 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:35:45.0960 5032 HpSAMD - ok
10:35:46.0044 5032 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:35:46.0061 5032 HTTP - ok
10:35:46.0165 5032 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:35:46.0167 5032 hwpolicy - ok
10:35:46.0279 5032 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
10:35:46.0283 5032 i8042prt - ok
10:35:46.0378 5032 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
10:35:46.0383 5032 iaStor - ok
10:35:46.0500 5032 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:35:46.0508 5032 iaStorV - ok
10:35:46.0774 5032 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys
10:35:47.0002 5032 igfx - ok
10:35:47.0096 5032 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
10:35:47.0099 5032 iirsp - ok
10:35:47.0217 5032 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys
10:35:47.0227 5032 Impcd - ok
10:35:47.0371 5032 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys
10:35:47.0404 5032 IntcAzAudAddService - ok
10:35:47.0512 5032 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys
10:35:47.0528 5032 IntcDAud - ok
10:35:47.0629 5032 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:35:47.0632 5032 intelide - ok
10:35:47.0668 5032 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
10:35:47.0670 5032 intelppm - ok
10:35:47.0759 5032 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:35:47.0763 5032 IpFilterDriver - ok
10:35:47.0804 5032 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:35:47.0808 5032 IPMIDRV - ok
10:35:47.0910 5032 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:35:47.0915 5032 IPNAT - ok
10:35:48.0019 5032 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:35:48.0022 5032 IRENUM - ok
10:35:48.0129 5032 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:35:48.0132 5032 isapnp - ok
10:35:48.0163 5032 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:35:48.0169 5032 iScsiPrt - ok
10:35:48.0282 5032 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
10:35:48.0285 5032 kbdclass - ok
10:35:48.0340 5032 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
10:35:48.0343 5032 kbdhid - ok
10:35:48.0449 5032 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
10:35:48.0453 5032 KSecDD - ok
10:35:48.0498 5032 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
10:35:48.0502 5032 KSecPkg - ok
10:35:48.0590 5032 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:35:48.0593 5032 ksthunk - ok
10:35:48.0719 5032 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:35:48.0722 5032 lltdio - ok
10:35:48.0834 5032 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
10:35:48.0838 5032 LSI_FC - ok
10:35:48.0939 5032 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
10:35:48.0943 5032 LSI_SAS - ok
10:35:49.0049 5032 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
10:35:49.0053 5032 LSI_SAS2 - ok
10:35:49.0145 5032 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
10:35:49.0150 5032 LSI_SCSI - ok
10:35:49.0245 5032 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:35:49.0249 5032 luafv - ok
10:35:49.0355 5032 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
10:35:49.0358 5032 megasas - ok
10:35:49.0447 5032 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
10:35:49.0453 5032 MegaSR - ok
10:35:49.0556 5032 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:35:49.0559 5032 Modem - ok
10:35:49.0644 5032 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:35:49.0647 5032 monitor - ok
10:35:49.0754 5032 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
10:35:49.0756 5032 mouclass - ok
10:35:49.0865 5032 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:35:49.0868 5032 mouhid - ok
10:35:49.0976 5032 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:35:49.0980 5032 mountmgr - ok
10:35:50.0021 5032 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:35:50.0027 5032 mpio - ok
10:35:50.0114 5032 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:35:50.0117 5032 mpsdrv - ok
10:35:50.0218 5032 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:35:50.0222 5032 MRxDAV - ok
10:35:50.0259 5032 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:35:50.0263 5032 mrxsmb - ok
10:35:50.0357 5032 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:35:50.0375 5032 mrxsmb10 - ok
10:35:50.0464 5032 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:35:50.0468 5032 mrxsmb20 - ok
10:35:50.0571 5032 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:35:50.0574 5032 msahci - ok
10:35:50.0621 5032 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:35:50.0626 5032 msdsm - ok
10:35:50.0720 5032 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:35:50.0723 5032 Msfs - ok
10:35:50.0804 5032 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:35:50.0807 5032 mshidkmdf - ok
10:35:50.0848 5032 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:35:50.0850 5032 msisadrv - ok
10:35:50.0940 5032 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:35:50.0942 5032 MSKSSRV - ok
10:35:51.0030 5032 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:35:51.0033 5032 MSPCLOCK - ok
10:35:51.0119 5032 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:35:51.0121 5032 MSPQM - ok
10:35:51.0161 5032 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:35:51.0169 5032 MsRPC - ok
10:35:51.0271 5032 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:35:51.0274 5032 mssmbios - ok
10:35:51.0398 5032 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:35:51.0400 5032 MSTEE - ok
10:35:51.0429 5032 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
10:35:51.0432 5032 MTConfig - ok
10:35:51.0504 5032 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:35:51.0506 5032 Mup - ok
10:35:51.0644 5032 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:35:51.0651 5032 NativeWifiP - ok
10:35:51.0787 5032 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:35:51.0829 5032 NDIS - ok
10:35:51.0934 5032 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:35:51.0937 5032 NdisCap - ok
10:35:52.0034 5032 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:35:52.0037 5032 NdisTapi - ok
10:35:52.0145 5032 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:35:52.0149 5032 Ndisuio - ok
10:35:52.0205 5032 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:35:52.0210 5032 NdisWan - ok
10:35:52.0307 5032 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:35:52.0311 5032 NDProxy - ok
10:35:52.0359 5032 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:35:52.0362 5032 NetBIOS - ok
10:35:52.0459 5032 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:35:52.0465 5032 NetBT - ok
10:35:52.0749 5032 NETw5s64 (39ede676d17f37af4573c2b33ec28aca) C:\Windows\system32\DRIVERS\NETw5s64.sys
10:35:52.0942 5032 NETw5s64 - ok
10:35:53.0053 5032 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
10:35:53.0056 5032 nfrd960 - ok
10:35:53.0100 5032 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:35:53.0103 5032 Npfs - ok
10:35:53.0190 5032 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:35:53.0192 5032 nsiproxy - ok
10:35:53.0266 5032 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:35:53.0323 5032 Ntfs - ok
10:35:53.0433 5032 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:35:53.0436 5032 Null - ok
10:35:53.0535 5032 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:35:53.0539 5032 nvraid - ok
10:35:53.0582 5032 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:35:53.0588 5032 nvstor - ok
10:35:53.0619 5032 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:35:53.0623 5032 nv_agp - ok
10:35:53.0661 5032 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:35:53.0666 5032 ohci1394 - ok
10:35:53.0824 5032 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
10:35:53.0828 5032 Parport - ok
10:35:53.0862 5032 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
10:35:53.0865 5032 partmgr - ok
10:35:53.0955 5032 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:35:53.0960 5032 pci - ok
10:35:54.0008 5032 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:35:54.0011 5032 pciide - ok
10:35:54.0057 5032 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
10:35:54.0062 5032 pcmcia - ok
10:35:54.0146 5032 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:35:54.0148 5032 pcw - ok
10:35:54.0177 5032 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:35:54.0188 5032 PEAUTH - ok
10:35:54.0422 5032 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:35:54.0426 5032 PptpMiniport - ok
10:35:54.0505 5032 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
10:35:54.0509 5032 Processor - ok
10:35:54.0623 5032 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:35:54.0626 5032 Psched - ok
10:35:54.0725 5032 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
10:35:54.0727 5032 PSI - ok
10:35:54.0809 5032 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
10:35:54.0811 5032 PxHlpa64 - ok
10:35:54.0952 5032 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
10:35:55.0009 5032 ql2300 - ok
10:35:55.0120 5032 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
10:35:55.0124 5032 ql40xx - ok
10:35:55.0160 5032 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:35:55.0163 5032 QWAVEdrv - ok
10:35:55.0255 5032 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:35:55.0257 5032 RasAcd - ok
10:35:55.0360 5032 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:35:55.0364 5032 RasAgileVpn - ok
10:35:55.0479 5032 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:35:55.0483 5032 Rasl2tp - ok
10:35:55.0645 5032 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:35:55.0649 5032 RasPppoe - ok
10:35:55.0731 5032 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:35:55.0735 5032 RasSstp - ok
10:35:55.0830 5032 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:35:55.0837 5032 rdbss - ok
10:35:55.0869 5032 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
10:35:55.0871 5032 rdpbus - ok
10:35:55.0901 5032 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:35:55.0903 5032 RDPCDD - ok
10:35:55.0996 5032 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
10:35:56.0001 5032 RDPDR - ok
10:35:56.0095 5032 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:35:56.0097 5032 RDPENCDD - ok
10:35:56.0129 5032 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:35:56.0131 5032 RDPREFMP - ok
10:35:56.0184 5032 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
10:35:56.0190 5032 RDPWD - ok
10:35:56.0308 5032 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:35:56.0313 5032 rdyboost - ok
10:35:56.0423 5032 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
10:35:56.0428 5032 RFCOMM - ok
10:35:56.0511 5032 rfjtvdgq - ok
10:35:56.0542 5032 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
10:35:56.0544 5032 rimspci - ok
10:35:56.0617 5032 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
10:35:56.0619 5032 risdsnpe - ok
10:35:56.0742 5032 RsFx0103 (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys
10:35:56.0749 5032 RsFx0103 - ok
10:35:56.0856 5032 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:35:56.0859 5032 rspndr - ok
10:35:56.0955 5032 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
10:35:56.0966 5032 s3cap - ok
10:35:57.0018 5032 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:35:57.0022 5032 sbp2port - ok
10:35:57.0056 5032 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:35:57.0059 5032 scfilter - ok
10:35:57.0113 5032 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
10:35:57.0126 5032 sdbus - ok
10:35:57.0173 5032 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:35:57.0176 5032 secdrv - ok
10:35:57.0294 5032 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
10:35:57.0297 5032 Serenum - ok
10:35:57.0385 5032 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
10:35:57.0389 5032 Serial - ok
10:35:57.0501 5032 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
10:35:57.0513 5032 sermouse - ok
10:35:57.0646 5032 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
10:35:57.0656 5032 SFEP - ok
10:35:57.0739 5032 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:35:57.0742 5032 sffdisk - ok
10:35:57.0763 5032 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:35:57.0766 5032 sffp_mmc - ok
10:35:57.0782 5032 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:35:57.0793 5032 sffp_sd - ok
10:35:57.0857 5032 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
10:35:57.0860 5032 sfloppy - ok
10:35:57.0972 5032 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
10:35:57.0981 5032 Sftfs - ok
10:35:58.0045 5032 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:35:58.0050 5032 Sftplay - ok
10:35:58.0067 5032 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:35:58.0069 5032 Sftredir - ok
10:35:58.0101 5032 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
10:35:58.0104 5032 Sftvol - ok
10:35:58.0221 5032 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
10:35:58.0225 5032 SiSRaid2 - ok
10:35:58.0263 5032 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
10:35:58.0266 5032 SiSRaid4 - ok
10:35:58.0388 5032 SmartDefragDriver (94ce7845af6a2065b829e0126cd56236) C:\Windows\system32\Drivers\SmartDefragDriver.sys
10:35:58.0390 5032 SmartDefragDriver - ok
10:35:58.0434 5032 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:35:58.0438 5032 Smb - ok
10:35:58.0551 5032 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:35:58.0553 5032 spldr - ok
10:35:58.0705 5032 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:35:58.0714 5032 srv - ok
10:35:58.0753 5032 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:35:58.0761 5032 srv2 - ok
10:35:58.0790 5032 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:35:58.0796 5032 srvnet - ok
10:35:58.0846 5032 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
10:35:58.0849 5032 stexstor - ok
10:35:58.0950 5032 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
10:35:58.0952 5032 storflt - ok
10:35:59.0065 5032 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
10:35:59.0068 5032 storvsc - ok
10:35:59.0094 5032 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:35:59.0096 5032 swenum - ok
10:35:59.0269 5032 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
10:35:59.0288 5032 Tcpip - ok
10:35:59.0469 5032 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
10:35:59.0486 5032 TCPIP6 - ok
10:35:59.0587 5032 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:35:59.0590 5032 tcpipreg - ok
10:35:59.0623 5032 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:35:59.0625 5032 TDPIPE - ok
10:35:59.0667 5032 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
10:35:59.0670 5032 TDTCP - ok
10:35:59.0767 5032 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:35:59.0771 5032 tdx - ok
10:35:59.0829 5032 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:35:59.0831 5032 TermDD - ok
10:35:59.0951 5032 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:35:59.0954 5032 tssecsrv - ok
10:36:00.0063 5032 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:36:00.0066 5032 TsUsbFlt - ok
10:36:00.0184 5032 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:36:00.0189 5032 tunnel - ok
10:36:00.0227 5032 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
10:36:00.0231 5032 uagp35 - ok
10:36:00.0333 5032 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:36:00.0339 5032 udfs - ok
10:36:00.0410 5032 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:36:00.0414 5032 uliagpkx - ok
10:36:00.0535 5032 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
10:36:00.0538 5032 umbus - ok
10:36:00.0576 5032 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
10:36:00.0579 5032 UmPass - ok
10:36:00.0698 5032 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
10:36:00.0718 5032 USBAAPL64 - ok
10:36:00.0826 5032 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
10:36:00.0840 5032 usbccgp - ok
10:36:00.0881 5032 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:36:00.0886 5032 usbcir - ok
10:36:00.0988 5032 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
10:36:00.0991 5032 usbehci - ok
10:36:01.0014 5032 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
10:36:01.0022 5032 usbhub - ok
10:36:01.0069 5032 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
10:36:01.0072 5032 usbohci - ok
10:36:01.0119 5032 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:36:01.0122 5032 usbprint - ok
10:36:01.0218 5032 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
10:36:01.0221 5032 usbscan - ok
10:36:01.0307 5032 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:36:01.0311 5032 USBSTOR - ok
10:36:01.0426 5032 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
10:36:01.0429 5032 usbuhci - ok
10:36:01.0545 5032 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
10:36:01.0550 5032 usbvideo - ok
10:36:01.0701 5032 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:36:01.0703 5032 vdrvroot - ok
10:36:01.0817 5032 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:36:01.0820 5032 vga - ok
10:36:01.0877 5032 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:36:01.0880 5032 VgaSave - ok
10:36:01.0976 5032 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:36:01.0981 5032 vhdmp - ok
10:36:02.0080 5032 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:36:02.0083 5032 viaide - ok
10:36:02.0186 5032 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
10:36:02.0190 5032 vmbus - ok
10:36:02.0284 5032 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
10:36:02.0295 5032 VMBusHID - ok
10:36:02.0397 5032 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:36:02.0400 5032 volmgr - ok
10:36:02.0478 5032 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:36:02.0485 5032 volmgrx - ok
10:36:02.0537 5032 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:36:02.0543 5032 volsnap - ok
10:36:02.0657 5032 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
10:36:02.0661 5032 vpcbus - ok
10:36:02.0767 5032 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
10:36:02.0771 5032 vpcnfltr - ok
10:36:02.0893 5032 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
10:36:02.0896 5032 vpcusb - ok
10:36:02.0987 5032 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
10:36:02.0992 5032 vpcvmm - ok
10:36:03.0114 5032 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
10:36:03.0119 5032 vsmraid - ok
10:36:03.0234 5032 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:36:03.0237 5032 vwifibus - ok
10:36:03.0331 5032 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:36:03.0335 5032 vwififlt - ok
10:36:03.0429 5032 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
10:36:03.0432 5032 vwifimp - ok
10:36:03.0525 5032 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
10:36:03.0529 5032 WacomPen - ok
10:36:03.0629 5032 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:36:03.0632 5032 WANARP - ok
10:36:03.0642 5032 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:36:03.0644 5032 Wanarpv6 - ok
10:36:03.0768 5032 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
10:36:03.0771 5032 Wd - ok
10:36:03.0873 5032 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:36:03.0889 5032 Wdf01000 - ok
10:36:04.0024 5032 wdkmd (7c2ef67b0a43c4deb7ef932ceda337d6) C:\Windows\system32\DRIVERS\WDKMD.sys
10:36:04.0037 5032 wdkmd - ok
10:36:04.0155 5032 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:36:04.0158 5032 WfpLwf - ok
10:36:04.0245 5032 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:36:04.0247 5032 WIMMount - ok
10:36:04.0404 5032 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
10:36:04.0416 5032 WinUsb - ok
10:36:04.0449 5032 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:36:04.0460 5032 WmiAcpi - ok
10:36:04.0520 5032 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:36:04.0524 5032 ws2ifsl - ok
10:36:04.0617 5032 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:36:04.0621 5032 WudfPf - ok
10:36:04.0660 5032 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:36:04.0665 5032 WUDFRd - ok
10:36:04.0777 5032 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
10:36:04.0785 5032 yukonw7 - ok
10:36:04.0846 5032 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:36:04.0866 5032 \Device\Harddisk0\DR0 - ok
10:36:04.0871 5032 Boot (0x1200) (d235e0634a8365d4604dc6619a130a02) \Device\Harddisk0\DR0\Partition0
10:36:04.0872 5032 \Device\Harddisk0\DR0\Partition0 - ok
10:36:04.0889 5032 Boot (0x1200) (4d21ad2554fbcd7567b4cd9cfd1c7684) \Device\Harddisk0\DR0\Partition1
10:36:04.0891 5032 \Device\Harddisk0\DR0\Partition1 - ok
10:36:04.0891 5032 ============================================================
10:36:04.0891 5032 Scan finished
10:36:04.0891 5032 ============================================================
10:36:04.0909 2536 Detected object count: 0
10:36:04.0909 2536 Actual detected object count: 0




Here are the results for SuperAntiSpyware:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/21/2011 at 10:51 AM

Application Version : 5.0.1142

Core Rules Database Version : 8076
Trace Rules Database Version: 5888

Scan type : Quick Scan
Total Scan Time : 00:08:00

Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 588
Memory threats detected : 0
Registry items scanned : 60783
Registry threats detected : 0
File items scanned : 11912
File threats detected : 251

Adware.Tracking Cookie
C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Cookies\L7TARFGX.txt [ /invitemedia.com ]
C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Cookies\FCIEIW20.txt [ /ads.intergi.com ]
C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Cookies\4JWQVGDI.txt [ /media6degrees.com ]
ad.yieldmanager.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
C:\USERS\MARY\Cookies\L7TARFGX.txt [ Cookie:mary@invitemedia.com/ ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
C:\USERS\MARY\Cookies\4JWQVGDI.txt [ Cookie:mary@media6degrees.com/ ]
.www.burstnet.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
C:\USERS\MARY_2\AppData\Roaming\Microsoft\Windows\Cookies\mary_2@atdmt[1].txt [ Cookie:mary_2@atdmt.com/ ]
C:\USERS\MARY_2\AppData\Roaming\Microsoft\Windows\Cookies\mary_2@insightexpressai[2].txt [ Cookie:mary_2@insightexpressai.com/ ]
C:\USERS\MARY_2\AppData\Roaming\Microsoft\Windows\Cookies\mary_2@apmebf[1].txt [ Cookie:mary_2@apmebf.com/ ]
C:\USERS\MARY_2\AppData\Roaming\Microsoft\Windows\Cookies\mary_2@mediaplex[2].txt [ Cookie:mary_2@mediaplex.com/ ]
C:\USERS\MARY_2\AppData\Roaming\Microsoft\Windows\Cookies\mary_2@media6degrees[1].txt [ Cookie:mary_2@media6degrees.com/ ]
C:\USERS\MARY_2\Cookies\mary_2@atdmt[1].txt [ Cookie:mary_2@atdmt.com/ ]
C:\USERS\MARY_2\Cookies\mary_2@insightexpressai[2].txt [ Cookie:mary_2@insightexpressai.com/ ]
C:\USERS\MARY_2\Cookies\mary_2@apmebf[1].txt [ Cookie:mary_2@apmebf.com/ ]
C:\USERS\MARY_2\Cookies\mary_2@mediaplex[2].txt [ Cookie:mary_2@mediaplex.com/ ]
C:\USERS\MARY_2\Cookies\mary_2@media6degrees[1].txt [ Cookie:mary_2@media6degrees.com/ ]
.imrworldwide.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
s03.flagcounter.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
counters.gigya.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.warnerbros.112.2o7.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.condenast.112.2o7.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
account.sonyericsson.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
account.sonyericsson.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ads.saymedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.akamai.interclickproxy.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.viacom.adbureau.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.tracking.dsmmadvantage.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
stats.biglistbigsales.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.msnbc.112.2o7.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
network.realmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
tracking.dc-storm.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
tracking.dc-storm.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
www.pennyfinder.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
www.pennyfinder.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
pfatracking.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.artcitymedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
track.prd1.netshelter.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.avgtechnologies.112.2o7.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.track.webgains.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.mmstat.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
us.2.cqcounter.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.malakmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.eyeviewads.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
adup.rotator.hadj7.adjuggler.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.intermundomedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.intermundomedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.viacom.adbureau.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.viacom.adbureau.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.network.realmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.eyeviewads.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
www.burstbeacon.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.burstbeacon.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
www3.addfreestats.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.malakmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.microsoftwlsearchcrm.112.2o7.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.traveladvertising.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
gr.burstnet.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.traveladvertising.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.traveladvertising.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.myroitracking.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
network.realmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
a.visualrevenue.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.malakmedia.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
gr.burstnet.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
gr.burstnet.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
gr.burstnet.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
.kaspersky.122.2o7.net [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I4QL79V0.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-MSFake
C:\USERS\MARY\APPDATA\LOCAL\TEMP\KNA0.8793954547979704.EXE
C:\USERS\MARY\APPDATA\LOCAL\TEMP\YQMISUDKGZ
C:\USERS\MARY\APPDATA\LOCAL\TEMP\ZTO.DLL


How do I run GMER if I'm running on 64bit mode?

Thanks!


#7 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:33 PM

Posted 21 December 2011 - 12:16 PM

Run Gmer anyways and post the log.

#8 miszsunshinee

miszsunshinee
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 21 December 2011 - 02:23 PM

Here's my GMer log:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-12-21 13:22:47
Windows 6.1.7601 Service Pack 1
Running: ftqk01jv.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076a27b49
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076a27b49 (not active ControlSet)

---- EOF - GMER 1.0.15 ----

#9 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:33 PM

Posted 21 December 2011 - 02:30 PM

Lets see what a scan provided for free by ESET Online can provide, then post the resulting logs.

#10 miszsunshinee

miszsunshinee
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 21 December 2011 - 04:29 PM

Here's the ESET result:

C:\Users\Mary\Downloads\asc-setup.exe a variant of Win32/Adware.Toolbar.Dealio application deleted - quarantined
C:\Users\Mary\Downloads\defragsetup(1).exe a variant of Win32/Adware.Toolbar.Dealio application deleted - quarantined
C:\Users\Mary\Downloads\defragsetup.exe a variant of Win32/Adware.Toolbar.Dealio application deleted - quarantined
C:\Users\Mary\Downloads\gamebooster.exe a variant of Win32/Adware.Toolbar.Dealio application deleted - quarantined

#11 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:33 PM

Posted 27 December 2011 - 06:32 AM

Those issues are related to adaware, and not necessarily malware related.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users