Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Think I have redirect bug


  • This topic is locked This topic is locked
10 replies to this topic

#1 scriba_golfer

scriba_golfer

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 22 June 2012 - 08:47 PM

I primarily use Google in IE 9 but also use Firefox and are experiencing redirects frequently when clicking on a link. I have attempted to update the host driver and still have the same problem. Any suggestions would be helpful. As I am typing this I am running a full scan on Malwarebytes and so far it has detected one objected.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,902 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:45 AM

Posted 22 June 2012 - 09:19 PM

Hello, I moved this from Windows 7 to Am I Infected/

Post that MBAM log then do these .

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.




Next run Superantisypware (SAS):

Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
  • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
  • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
  • Click the Scan your computer... button.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#3 scriba_golfer

scriba_golfer
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 26 June 2012 - 03:17 PM

Sorry been a few days since I was on computer last. I had thought the redirect issue had gone away but it hasn't.
Another issue - not sure if it is related: I get Ads everywhere now. Even in Facebook in teh middle of newsfeeds. Virtually all of them have "Adchoices" in one of the corners. Rather annoying they are.

Here is the Malwarebyte log:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.16.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Choate :: CHOATEMAINPC [administrator]

6/22/2012 9:26:01 PM
mbam-log-2012-06-22 (21-26-01).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 420762
Time elapsed: 49 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCR\bho_project.bho_object (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\bho_project.bho_object.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Choate\AppData\Local\Temp\DM\Installer_for_Format-Factory_042156\ExecIwantThis.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

#4 scriba_golfer

scriba_golfer
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 26 June 2012 - 03:24 PM

MiniToolBox by Farbar Version: 25-06-2012
Ran by Choate (administrator) on 26-06-2012 at 16:20:58
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ChoateMainPC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 84-2B-2B-B7-33-27
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7d02:b3c0:5468:6ef1%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, June 26, 2012 8:49:22 AM
Lease Expires . . . . . . . . . . : Wednesday, June 27, 2012 8:49:22 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 243542827
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-86-CB-DD-84-2B-2B-B7-33-27
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{006F8882-6904-43A7-B01C-BA5859DD5783}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4004:801::1007
74.125.228.98
74.125.228.99
74.125.228.100
74.125.228.101
74.125.228.102
74.125.228.103
74.125.228.104
74.125.228.105
74.125.228.110
74.125.228.96
74.125.228.97


Pinging google.com [74.125.228.99] with 32 bytes of data:
Reply from 74.125.228.99: bytes=32 time=31ms TTL=51
Reply from 74.125.228.99: bytes=32 time=31ms TTL=51

Ping statistics for 74.125.228.99:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 31ms, Maximum = 31ms, Average = 31ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=95ms TTL=52
Reply from 72.30.38.140: bytes=32 time=181ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 95ms, Maximum = 181ms, Average = 138ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...84 2b 2b b7 33 27 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 276
192.168.1.3 255.255.255.255 On-link 192.168.1.3 276
192.168.1.255 255.255.255.255 On-link 192.168.1.3 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::7d02:b3c0:5468:6ef1/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/26/2012 04:09:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (06/26/2012 03:04:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (06/26/2012 00:25:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (06/26/2012 11:54:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (06/26/2012 10:56:01 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16446, time stamp: 0x4fb57c8f
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0xdfc
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/26/2012 10:55:59 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16446, time stamp: 0x4fb57c8f
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x0007c7de
Faulting process id: 0xdfc
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/26/2012 09:21:51 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (06/26/2012 09:13:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (06/26/2012 08:51:26 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (06/25/2012 09:37:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (06/26/2012 08:50:11 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (06/26/2012 08:49:51 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (06/26/2012 08:49:29 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (06/26/2012 08:49:28 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (06/26/2012 08:49:28 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (06/25/2012 09:07:29 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%858

Error: (06/25/2012 08:57:21 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (06/25/2012 08:57:00 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (06/25/2012 08:56:22 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (06/25/2012 08:56:22 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Apple Application Support (Version: 1.5.0)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.13.1.0)
Bonjour (Version: 2.0.4.0)
BufferChm (Version: 130.0.331.000)
C4400 (Version: 130.0.365.000)
Citrix online plug-in - web (Version: 12.1.44.1)
Citrix online plug-in (DV) (Version: 12.1.44.1)
Citrix online plug-in (HDX) (Version: 12.1.44.1)
Citrix online plug-in (USB) (Version: 12.1.44.1)
Citrix online plug-in (Web) (Version: 12.1.44.1)
Copy (Version: 130.0.428.000)
Coupon Printer for Windows (Version: 5.0.0.1)
Dell DataSafe Local Backup - Support Software
Dell DataSafe Local Backup (Version: 9.4.48)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
EZ Vinyl/Tape Converter 4.1 by MixMeister
Family Tree Maker 6.0
FormatFactory 2.50 (Version: 2.50)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.111)
GoToAssist 8.0.0.514
GPBaseService2 (Version: 130.0.371.000)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2104)
Internet Explorer (Version: 8)
iTunes (Version: 10.2.1.1)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 21 (64-bit) (Version: 6.0.210)
Java™ 6 Update 30 (Version: 6.0.300)
Junk Mail filter update (Version: 14.0.8089.726)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Money 2004 (Version: 12.0.50)
Microsoft Money 2004 System Pack (Version: 12.0.80)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Search Enhancement Pack (Version: 1.2.123.0)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 3.0.40624.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Multimedia Card Reader (Version: 1.6.915.87)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Octoshape add-in for Adobe Flash Player
PS_AIO_03_C4400_Software_Min (Version: 130.0.365.000)
QuickBooks (Version: 21.0.4011.904)
QuickBooks Pro 2011 (Version: 21.0.4011.904)
QuickTime (Version: 7.69.80.9)
Realtek High Definition Audio Driver (Version: 6.0.1.6043)
Roxio Burn (Version: 1.01)
Scan (Version: 140.0.80.000)
Shopping InContext (Version: 3.3)
Skype Toolbars (Version: 5.0.4137)
Skype™ 5.5 (Version: 5.5.124)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.469.000)
swMSM (Version: 12.0.0.1)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
Unity Web Player (Version: )
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
VideoFileDownload (Version: 1.0)
WebReg (Version: 130.0.132.017)
WildTangent Games (Version: 1.0.0.71)
WildTangent Games App (Dell Games) (Version: 4.0.5.14)
WildTangent Games App (Version: 4.0.4.15)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)

========================= Memory info: ===================================

Percentage of memory in use: 34%
Total physical RAM: 5943.12 MB
Available physical RAM: 3912.93 MB
Total Pagefile: 11884.43 MB
Available Pagefile: 9829.39 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.42 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:687.15 GB) (Free:592.48 GB) NTFS

========================= Users: ========================================

User accounts for \\CHOATEMAINPC

Administrator Choate Guest


**** End of log ****

#5 scriba_golfer

scriba_golfer
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 26 June 2012 - 03:29 PM

NO REBOOT COMPLETED.

6:25:19.0742 4324 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
16:25:19.0960 4324 ============================================================
16:25:19.0960 4324 Current date / time: 2012/06/26 16:25:19.0960
16:25:19.0960 4324 SystemInfo:
16:25:19.0960 4324
16:25:19.0960 4324 OS Version: 6.1.7601 ServicePack: 1.0
16:25:19.0960 4324 Product type: Workstation
16:25:19.0960 4324 ComputerName: CHOATEMAINPC
16:25:19.0960 4324 UserName: Choate
16:25:19.0960 4324 Windows directory: C:\Windows
16:25:19.0960 4324 System windows directory: C:\Windows
16:25:19.0960 4324 Running under WOW64
16:25:19.0960 4324 Processor architecture: Intel x64
16:25:19.0960 4324 Number of processors: 4
16:25:19.0960 4324 Page size: 0x1000
16:25:19.0960 4324 Boot type: Normal boot
16:25:19.0960 4324 ============================================================
16:25:20.0896 4324 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:25:20.0928 4324 ============================================================
16:25:20.0928 4324 \Device\Harddisk0\DR0:
16:25:20.0928 4324 MBR partitions:
16:25:20.0928 4324 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x16E3000
16:25:20.0928 4324 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x16F7000, BlocksNum 0x55E4E800
16:25:20.0928 4324 ============================================================
16:25:20.0974 4324 C: <-> \Device\Harddisk0\DR0\Partition1
16:25:20.0974 4324 ============================================================
16:25:20.0974 4324 Initialize success
16:25:20.0974 4324 ============================================================
16:26:08.0133 0644 ============================================================
16:26:08.0133 0644 Scan started
16:26:08.0133 0644 Mode: Manual; TDLFS;
16:26:08.0133 0644 ============================================================
16:26:10.0567 0644 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:26:10.0582 0644 1394ohci - ok
16:26:10.0614 0644 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:26:10.0614 0644 ACPI - ok
16:26:10.0629 0644 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:26:10.0629 0644 AcpiPmi - ok
16:26:10.0723 0644 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:26:10.0738 0644 AdobeARMservice - ok
16:26:10.0816 0644 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:26:10.0816 0644 AdobeFlashPlayerUpdateSvc - ok
16:26:10.0848 0644 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:26:10.0863 0644 adp94xx - ok
16:26:10.0879 0644 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:26:10.0879 0644 adpahci - ok
16:26:10.0879 0644 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:26:10.0894 0644 adpu320 - ok
16:26:10.0910 0644 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:26:10.0910 0644 AeLookupSvc - ok
16:26:10.0941 0644 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:26:10.0957 0644 AFD - ok
16:26:11.0004 0644 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:26:11.0004 0644 agp440 - ok
16:26:11.0019 0644 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:26:11.0019 0644 ALG - ok
16:26:11.0035 0644 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:26:11.0050 0644 aliide - ok
16:26:11.0050 0644 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:26:11.0050 0644 amdide - ok
16:26:11.0082 0644 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:26:11.0082 0644 AmdK8 - ok
16:26:11.0097 0644 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:26:11.0097 0644 AmdPPM - ok
16:26:11.0113 0644 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:26:11.0113 0644 amdsata - ok
16:26:11.0144 0644 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:26:11.0144 0644 amdsbs - ok
16:26:11.0144 0644 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:26:11.0160 0644 amdxata - ok
16:26:11.0191 0644 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:26:11.0191 0644 AppID - ok
16:26:11.0206 0644 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:26:11.0206 0644 AppIDSvc - ok
16:26:11.0238 0644 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:26:11.0238 0644 Appinfo - ok
16:26:11.0394 0644 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:26:11.0425 0644 Apple Mobile Device - ok
16:26:11.0456 0644 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:26:11.0456 0644 arc - ok
16:26:11.0472 0644 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:26:11.0472 0644 arcsas - ok
16:26:11.0503 0644 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:26:11.0503 0644 AsyncMac - ok
16:26:11.0534 0644 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:26:11.0534 0644 atapi - ok
16:26:11.0581 0644 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:26:11.0596 0644 AudioEndpointBuilder - ok
16:26:11.0612 0644 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:26:11.0612 0644 AudioSrv - ok
16:26:11.0628 0644 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:26:11.0643 0644 AxInstSV - ok
16:26:11.0674 0644 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:26:11.0690 0644 b06bdrv - ok
16:26:11.0706 0644 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:26:11.0706 0644 b57nd60a - ok
16:26:11.0737 0644 bartwygu - ok
16:26:11.0752 0644 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:26:11.0752 0644 BDESVC - ok
16:26:11.0752 0644 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:26:11.0752 0644 Beep - ok
16:26:11.0799 0644 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:26:11.0799 0644 BITS - ok
16:26:11.0830 0644 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:26:11.0830 0644 blbdrive - ok
16:26:11.0877 0644 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
16:26:11.0893 0644 Bonjour Service - ok
16:26:11.0924 0644 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:26:11.0924 0644 bowser - ok
16:26:11.0924 0644 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:26:11.0924 0644 BrFiltLo - ok
16:26:11.0940 0644 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:26:11.0940 0644 BrFiltUp - ok
16:26:11.0971 0644 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:26:11.0971 0644 Browser - ok
16:26:12.0002 0644 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:26:12.0002 0644 Brserid - ok
16:26:12.0018 0644 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:26:12.0018 0644 BrSerWdm - ok
16:26:12.0018 0644 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:26:12.0018 0644 BrUsbMdm - ok
16:26:12.0018 0644 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:26:12.0018 0644 BrUsbSer - ok
16:26:12.0018 0644 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:26:12.0033 0644 BTHMODEM - ok
16:26:12.0049 0644 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:26:12.0049 0644 bthserv - ok
16:26:12.0049 0644 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:26:12.0049 0644 cdfs - ok
16:26:12.0096 0644 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:26:12.0096 0644 cdrom - ok
16:26:12.0127 0644 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:26:12.0127 0644 CertPropSvc - ok
16:26:12.0127 0644 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:26:12.0127 0644 circlass - ok
16:26:12.0158 0644 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:26:12.0158 0644 CLFS - ok
16:26:12.0205 0644 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:26:12.0205 0644 clr_optimization_v2.0.50727_32 - ok
16:26:12.0236 0644 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:26:12.0236 0644 clr_optimization_v2.0.50727_64 - ok
16:26:12.0298 0644 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:26:12.0314 0644 clr_optimization_v4.0.30319_32 - ok
16:26:12.0330 0644 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:26:12.0330 0644 clr_optimization_v4.0.30319_64 - ok
16:26:12.0345 0644 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:26:12.0345 0644 CmBatt - ok
16:26:12.0376 0644 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:26:12.0376 0644 cmdide - ok
16:26:12.0423 0644 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:26:12.0423 0644 CNG - ok
16:26:12.0439 0644 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:26:12.0439 0644 Compbatt - ok
16:26:12.0470 0644 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:26:12.0470 0644 CompositeBus - ok
16:26:12.0470 0644 COMSysApp - ok
16:26:12.0486 0644 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:26:12.0486 0644 crcdisk - ok
16:26:12.0532 0644 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:26:12.0532 0644 CryptSvc - ok
16:26:12.0595 0644 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
16:26:12.0595 0644 ctxusbm - ok
16:26:12.0626 0644 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:26:12.0642 0644 DcomLaunch - ok
16:26:12.0657 0644 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:26:12.0657 0644 defragsvc - ok
16:26:12.0688 0644 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:26:12.0704 0644 DfsC - ok
16:26:12.0720 0644 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:26:12.0720 0644 Dhcp - ok
16:26:12.0735 0644 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:26:12.0735 0644 discache - ok
16:26:12.0751 0644 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:26:12.0751 0644 Disk - ok
16:26:12.0782 0644 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:26:12.0782 0644 Dnscache - ok
16:26:12.0829 0644 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
16:26:12.0829 0644 DockLoginService - ok
16:26:12.0876 0644 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:26:12.0876 0644 dot3svc - ok
16:26:12.0907 0644 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:26:12.0907 0644 Dot4 - ok
16:26:12.0954 0644 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
16:26:12.0954 0644 Dot4Print - ok
16:26:12.0954 0644 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:26:12.0969 0644 dot4usb - ok
16:26:12.0985 0644 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:26:12.0985 0644 DPS - ok
16:26:13.0000 0644 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:26:13.0000 0644 drmkaud - ok
16:26:13.0047 0644 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:26:13.0063 0644 DXGKrnl - ok
16:26:13.0094 0644 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:26:13.0094 0644 EapHost - ok
16:26:13.0203 0644 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:26:13.0281 0644 ebdrv - ok
16:26:13.0359 0644 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:26:13.0359 0644 EFS - ok
16:26:13.0406 0644 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:26:13.0422 0644 ehRecvr - ok
16:26:13.0437 0644 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:26:13.0437 0644 ehSched - ok
16:26:13.0484 0644 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:26:13.0484 0644 elxstor - ok
16:26:13.0515 0644 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:26:13.0515 0644 ErrDev - ok
16:26:13.0546 0644 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:26:13.0546 0644 EventSystem - ok
16:26:13.0578 0644 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:26:13.0578 0644 exfat - ok
16:26:13.0624 0644 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:26:13.0624 0644 fastfat - ok
16:26:13.0687 0644 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:26:13.0687 0644 Fax - ok
16:26:13.0702 0644 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:26:13.0702 0644 fdc - ok
16:26:13.0718 0644 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:26:13.0718 0644 fdPHost - ok
16:26:13.0734 0644 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:26:13.0734 0644 FDResPub - ok
16:26:13.0749 0644 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:26:13.0749 0644 FileInfo - ok
16:26:13.0765 0644 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:26:13.0765 0644 Filetrace - ok
16:26:13.0765 0644 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:26:13.0765 0644 flpydisk - ok
16:26:13.0780 0644 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:26:13.0780 0644 FltMgr - ok
16:26:13.0843 0644 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:26:13.0874 0644 FontCache - ok
16:26:13.0921 0644 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:26:13.0921 0644 FontCache3.0.0.0 - ok
16:26:13.0952 0644 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:26:13.0952 0644 FsDepends - ok
16:26:13.0983 0644 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:26:13.0983 0644 Fs_Rec - ok
16:26:13.0999 0644 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:26:13.0999 0644 fvevol - ok
16:26:14.0014 0644 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:26:14.0014 0644 gagp30kx - ok
16:26:14.0124 0644 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:26:14.0124 0644 GamesAppService - ok
16:26:14.0155 0644 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:26:14.0155 0644 GEARAspiWDM - ok
16:26:14.0186 0644 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
16:26:14.0186 0644 GoToAssist - ok
16:26:14.0248 0644 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:26:14.0248 0644 gpsvc - ok
16:26:14.0295 0644 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:26:14.0295 0644 gupdate - ok
16:26:14.0311 0644 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:26:14.0311 0644 gupdatem - ok
16:26:14.0326 0644 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:26:14.0326 0644 hcw85cir - ok
16:26:14.0373 0644 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:26:14.0373 0644 HDAudBus - ok
16:26:14.0389 0644 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
16:26:14.0389 0644 HECIx64 - ok
16:26:14.0404 0644 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:26:14.0404 0644 HidBatt - ok
16:26:14.0420 0644 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:26:14.0420 0644 HidBth - ok
16:26:14.0420 0644 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:26:14.0436 0644 HidIr - ok
16:26:14.0467 0644 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:26:14.0467 0644 hidserv - ok
16:26:14.0482 0644 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:26:14.0482 0644 HidUsb - ok
16:26:14.0514 0644 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:26:14.0514 0644 hkmsvc - ok
16:26:14.0545 0644 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:26:14.0545 0644 HomeGroupListener - ok
16:26:14.0592 0644 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:26:14.0592 0644 HomeGroupProvider - ok
16:26:14.0685 0644 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:26:14.0701 0644 hpqcxs08 - ok
16:26:14.0732 0644 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:26:14.0732 0644 hpqddsvc - ok
16:26:14.0732 0644 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:26:14.0732 0644 HpSAMD - ok
16:26:14.0794 0644 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:26:14.0810 0644 HTTP - ok
16:26:14.0841 0644 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:26:14.0841 0644 hwpolicy - ok
16:26:14.0872 0644 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:26:14.0872 0644 i8042prt - ok
16:26:14.0904 0644 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:26:14.0904 0644 iaStorV - ok
16:26:14.0982 0644 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:26:14.0997 0644 idsvc - ok
16:26:15.0278 0644 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:26:15.0450 0644 igfx - ok
16:26:15.0543 0644 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:26:15.0543 0644 iirsp - ok
16:26:15.0574 0644 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:26:15.0590 0644 IKEEXT - ok
16:26:15.0606 0644 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
16:26:15.0606 0644 Impcd - ok
16:26:15.0699 0644 IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\Windows\system32\drivers\RTKVHD64.sys
16:26:15.0715 0644 IntcAzAudAddService - ok
16:26:15.0762 0644 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
16:26:15.0777 0644 IntcDAud - ok
16:26:15.0793 0644 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:26:15.0793 0644 intelide - ok
16:26:15.0808 0644 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:26:15.0808 0644 intelppm - ok
16:26:15.0840 0644 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:26:15.0840 0644 IPBusEnum - ok
16:26:15.0871 0644 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:26:15.0871 0644 IpFilterDriver - ok
16:26:15.0902 0644 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:26:15.0902 0644 IPMIDRV - ok
16:26:15.0902 0644 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:26:15.0918 0644 IPNAT - ok
16:26:15.0996 0644 iPod Service (f8e8676d1b6b2cc12df9aa6b1a43d929) C:\Program Files\iPod\bin\iPodService.exe
16:26:16.0011 0644 iPod Service - ok
16:26:16.0042 0644 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:26:16.0042 0644 IRENUM - ok
16:26:16.0058 0644 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:26:16.0058 0644 isapnp - ok
16:26:16.0089 0644 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:26:16.0089 0644 iScsiPrt - ok
16:26:16.0120 0644 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
16:26:16.0120 0644 k57nd60a - ok
16:26:16.0136 0644 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:26:16.0136 0644 kbdclass - ok
16:26:16.0167 0644 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:26:16.0167 0644 kbdhid - ok
16:26:16.0198 0644 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:26:16.0198 0644 KeyIso - ok
16:26:16.0214 0644 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:26:16.0214 0644 KSecDD - ok
16:26:16.0230 0644 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:26:16.0230 0644 KSecPkg - ok
16:26:16.0230 0644 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:26:16.0230 0644 ksthunk - ok
16:26:16.0261 0644 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:26:16.0261 0644 KtmRm - ok
16:26:16.0292 0644 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:26:16.0292 0644 LanmanServer - ok
16:26:16.0323 0644 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:26:16.0323 0644 LanmanWorkstation - ok
16:26:16.0354 0644 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:26:16.0354 0644 lltdio - ok
16:26:16.0386 0644 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:26:16.0386 0644 lltdsvc - ok
16:26:16.0401 0644 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:26:16.0401 0644 lmhosts - ok
16:26:16.0417 0644 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:26:16.0432 0644 LSI_FC - ok
16:26:16.0432 0644 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:26:16.0432 0644 LSI_SAS - ok
16:26:16.0432 0644 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:26:16.0432 0644 LSI_SAS2 - ok
16:26:16.0479 0644 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:26:16.0479 0644 LSI_SCSI - ok
16:26:16.0495 0644 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:26:16.0495 0644 luafv - ok
16:26:16.0526 0644 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:26:16.0526 0644 Mcx2Svc - ok
16:26:16.0542 0644 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:26:16.0542 0644 megasas - ok
16:26:16.0573 0644 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:26:16.0588 0644 MegaSR - ok
16:26:16.0604 0644 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:26:16.0620 0644 MMCSS - ok
16:26:16.0620 0644 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:26:16.0620 0644 Modem - ok
16:26:16.0635 0644 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:26:16.0635 0644 monitor - ok
16:26:16.0666 0644 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:26:16.0666 0644 mouclass - ok
16:26:16.0682 0644 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:26:16.0682 0644 mouhid - ok
16:26:16.0698 0644 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:26:16.0698 0644 mountmgr - ok
16:26:16.0744 0644 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
16:26:16.0744 0644 MpFilter - ok
16:26:16.0760 0644 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:26:16.0760 0644 mpio - ok
16:26:16.0776 0644 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
16:26:16.0791 0644 MpNWMon - ok
16:26:16.0791 0644 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:26:16.0791 0644 mpsdrv - ok
16:26:16.0822 0644 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:26:16.0822 0644 MRxDAV - ok
16:26:16.0869 0644 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:26:16.0869 0644 mrxsmb - ok
16:26:16.0900 0644 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:26:16.0916 0644 mrxsmb10 - ok
16:26:16.0932 0644 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:26:16.0932 0644 mrxsmb20 - ok
16:26:16.0947 0644 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:26:16.0947 0644 msahci - ok
16:26:17.0025 0644 MSCamSvc (a592a054d78750b4d73abaa4c94decdf) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
16:26:17.0025 0644 MSCamSvc - ok
16:26:17.0025 0644 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:26:17.0041 0644 msdsm - ok
16:26:17.0056 0644 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:26:17.0056 0644 MSDTC - ok
16:26:17.0072 0644 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:26:17.0072 0644 Msfs - ok
16:26:17.0088 0644 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:26:17.0088 0644 mshidkmdf - ok
16:26:17.0103 0644 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:26:17.0103 0644 msisadrv - ok
16:26:17.0134 0644 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:26:17.0134 0644 MSiSCSI - ok
16:26:17.0134 0644 msiserver - ok
16:26:17.0150 0644 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:26:17.0166 0644 MSKSSRV - ok
16:26:17.0228 0644 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
16:26:17.0228 0644 MsMpSvc - ok
16:26:17.0228 0644 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:26:17.0244 0644 MSPCLOCK - ok
16:26:17.0244 0644 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:26:17.0244 0644 MSPQM - ok
16:26:17.0275 0644 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:26:17.0290 0644 MsRPC - ok
16:26:17.0306 0644 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:26:17.0306 0644 mssmbios - ok
16:26:17.0337 0644 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:26:17.0337 0644 MSTEE - ok
16:26:17.0337 0644 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:26:17.0353 0644 MTConfig - ok
16:26:17.0353 0644 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:26:17.0353 0644 Mup - ok
16:26:17.0400 0644 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:26:17.0415 0644 napagent - ok
16:26:17.0462 0644 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:26:17.0462 0644 NativeWifiP - ok
16:26:17.0509 0644 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:26:17.0509 0644 NDIS - ok
16:26:17.0524 0644 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:26:17.0524 0644 NdisCap - ok
16:26:17.0540 0644 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:26:17.0556 0644 NdisTapi - ok
16:26:17.0587 0644 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:26:17.0587 0644 Ndisuio - ok
16:26:17.0618 0644 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:26:17.0618 0644 NdisWan - ok
16:26:17.0649 0644 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:26:17.0649 0644 NDProxy - ok
16:26:17.0696 0644 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
16:26:17.0696 0644 Net Driver HPZ12 - ok
16:26:17.0712 0644 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:26:17.0712 0644 NetBIOS - ok
16:26:17.0727 0644 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:26:17.0727 0644 NetBT - ok
16:26:17.0758 0644 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:26:17.0758 0644 Netlogon - ok
16:26:17.0805 0644 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:26:17.0805 0644 Netman - ok
16:26:17.0836 0644 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:26:17.0836 0644 netprofm - ok
16:26:17.0868 0644 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:26:17.0868 0644 NetTcpPortSharing - ok
16:26:17.0883 0644 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:26:17.0883 0644 nfrd960 - ok
16:26:17.0930 0644 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:26:17.0930 0644 NisDrv - ok
16:26:17.0992 0644 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
16:26:17.0992 0644 NisSrv - ok
16:26:18.0024 0644 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:26:18.0024 0644 NlaSvc - ok
16:26:18.0039 0644 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:26:18.0039 0644 Npfs - ok
16:26:18.0055 0644 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:26:18.0055 0644 nsi - ok
16:26:18.0055 0644 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:26:18.0055 0644 nsiproxy - ok
16:26:18.0133 0644 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:26:18.0164 0644 Ntfs - ok
16:26:18.0211 0644 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:26:18.0226 0644 Null - ok
16:26:18.0258 0644 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:26:18.0258 0644 nvraid - ok
16:26:18.0289 0644 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:26:18.0289 0644 nvstor - ok
16:26:18.0304 0644 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:26:18.0304 0644 nv_agp - ok
16:26:18.0382 0644 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:26:18.0398 0644 odserv - ok
16:26:18.0414 0644 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:26:18.0414 0644 ohci1394 - ok
16:26:18.0429 0644 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:26:18.0445 0644 ose - ok
16:26:18.0476 0644 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:26:18.0476 0644 p2pimsvc - ok
16:26:18.0523 0644 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:26:18.0523 0644 p2psvc - ok
16:26:18.0538 0644 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:26:18.0538 0644 Parport - ok
16:26:18.0570 0644 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:26:18.0570 0644 partmgr - ok
16:26:18.0585 0644 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:26:18.0585 0644 PcaSvc - ok
16:26:18.0601 0644 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:26:18.0601 0644 pci - ok
16:26:18.0601 0644 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:26:18.0601 0644 pciide - ok
16:26:18.0616 0644 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:26:18.0632 0644 pcmcia - ok
16:26:18.0648 0644 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:26:18.0648 0644 pcw - ok
16:26:18.0663 0644 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:26:18.0663 0644 PEAUTH - ok
16:26:18.0741 0644 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:26:18.0741 0644 PerfHost - ok
16:26:18.0804 0644 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:26:18.0835 0644 pla - ok
16:26:18.0897 0644 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:26:18.0897 0644 PlugPlay - ok
16:26:18.0960 0644 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
16:26:18.0960 0644 Pml Driver HPZ12 - ok
16:26:18.0975 0644 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:26:18.0975 0644 PNRPAutoReg - ok
16:26:18.0991 0644 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:26:18.0991 0644 PNRPsvc - ok
16:26:19.0022 0644 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:26:19.0022 0644 PolicyAgent - ok
16:26:19.0053 0644 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:26:19.0053 0644 Power - ok
16:26:19.0100 0644 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:26:19.0100 0644 PptpMiniport - ok
16:26:19.0116 0644 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:26:19.0131 0644 Processor - ok
16:26:19.0162 0644 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:26:19.0162 0644 ProfSvc - ok
16:26:19.0194 0644 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:26:19.0194 0644 ProtectedStorage - ok
16:26:19.0240 0644 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:26:19.0240 0644 Psched - ok
16:26:19.0272 0644 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:26:19.0272 0644 PxHlpa64 - ok
16:26:19.0381 0644 QBCFMonitorService (27e26a7dbc17860630ce5065019c348f) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
16:26:19.0396 0644 QBCFMonitorService - ok
16:26:19.0443 0644 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
16:26:19.0443 0644 QBFCService - ok
16:26:19.0521 0644 QBVSS (78afb70dbe365bd6140e6740792ac3ea) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
16:26:19.0584 0644 QBVSS - ok
16:26:19.0693 0644 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:26:19.0724 0644 ql2300 - ok
16:26:19.0771 0644 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:26:19.0771 0644 ql40xx - ok
16:26:19.0818 0644 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:26:19.0818 0644 QWAVE - ok
16:26:19.0833 0644 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:26:19.0833 0644 QWAVEdrv - ok
16:26:19.0849 0644 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:26:19.0849 0644 RasAcd - ok
16:26:19.0864 0644 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:26:19.0864 0644 RasAgileVpn - ok
16:26:19.0880 0644 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:26:19.0896 0644 RasAuto - ok
16:26:19.0911 0644 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:26:19.0911 0644 Rasl2tp - ok
16:26:19.0958 0644 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:26:19.0958 0644 RasMan - ok
16:26:19.0974 0644 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:26:19.0974 0644 RasPppoe - ok
16:26:19.0989 0644 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:26:19.0989 0644 RasSstp - ok
16:26:20.0036 0644 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:26:20.0036 0644 rdbss - ok
16:26:20.0052 0644 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:26:20.0052 0644 rdpbus - ok
16:26:20.0067 0644 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:26:20.0067 0644 RDPCDD - ok
16:26:20.0083 0644 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:26:20.0083 0644 RDPENCDD - ok
16:26:20.0098 0644 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:26:20.0098 0644 RDPREFMP - ok
16:26:20.0130 0644 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:26:20.0145 0644 RDPWD - ok
16:26:20.0192 0644 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:26:20.0192 0644 rdyboost - ok
16:26:20.0208 0644 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:26:20.0208 0644 RemoteAccess - ok
16:26:20.0223 0644 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:26:20.0223 0644 RemoteRegistry - ok
16:26:20.0239 0644 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:26:20.0239 0644 RpcEptMapper - ok
16:26:20.0270 0644 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:26:20.0270 0644 RpcLocator - ok
16:26:20.0286 0644 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:26:20.0301 0644 RpcSs - ok
16:26:20.0301 0644 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:26:20.0301 0644 rspndr - ok
16:26:20.0332 0644 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:26:20.0332 0644 SamSs - ok
16:26:20.0348 0644 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:26:20.0348 0644 sbp2port - ok
16:26:20.0379 0644 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:26:20.0379 0644 SCardSvr - ok
16:26:20.0410 0644 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:26:20.0410 0644 scfilter - ok
16:26:20.0457 0644 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:26:20.0488 0644 Schedule - ok
16:26:20.0520 0644 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:26:20.0520 0644 SCPolicySvc - ok
16:26:20.0551 0644 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:26:20.0551 0644 SDRSVC - ok
16:26:20.0613 0644 SeaPort (d358e077a0a05d9b12da22d137ee8464) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
16:26:20.0629 0644 SeaPort - ok
16:26:20.0660 0644 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:26:20.0660 0644 secdrv - ok
16:26:20.0676 0644 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:26:20.0691 0644 seclogon - ok
16:26:20.0707 0644 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:26:20.0707 0644 SENS - ok
16:26:20.0722 0644 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:26:20.0722 0644 SensrSvc - ok
16:26:20.0722 0644 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:26:20.0738 0644 Serenum - ok
16:26:20.0754 0644 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:26:20.0754 0644 Serial - ok
16:26:20.0769 0644 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:26:20.0769 0644 sermouse - ok
16:26:20.0800 0644 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:26:20.0816 0644 SessionEnv - ok
16:26:20.0832 0644 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:26:20.0832 0644 sffdisk - ok
16:26:20.0832 0644 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:26:20.0832 0644 sffp_mmc - ok
16:26:20.0832 0644 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:26:20.0832 0644 sffp_sd - ok
16:26:20.0847 0644 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:26:20.0847 0644 sfloppy - ok
16:26:20.0925 0644 SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
16:26:20.0941 0644 SftService - ok
16:26:20.0988 0644 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:26:20.0988 0644 SharedAccess - ok
16:26:21.0019 0644 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:26:21.0019 0644 ShellHWDetection - ok
16:26:21.0034 0644 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:26:21.0034 0644 SiSRaid2 - ok
16:26:21.0034 0644 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:26:21.0034 0644 SiSRaid4 - ok
16:26:21.0050 0644 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:26:21.0050 0644 Smb - ok
16:26:21.0066 0644 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:26:21.0066 0644 SNMPTRAP - ok
16:26:21.0081 0644 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:26:21.0081 0644 spldr - ok
16:26:21.0097 0644 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:26:21.0097 0644 Spooler - ok
16:26:21.0206 0644 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:26:21.0284 0644 sppsvc - ok
16:26:21.0331 0644 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:26:21.0331 0644 sppuinotify - ok
16:26:21.0378 0644 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:26:21.0393 0644 srv - ok
16:26:21.0409 0644 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:26:21.0409 0644 srv2 - ok
16:26:21.0424 0644 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:26:21.0424 0644 srvnet - ok
16:26:21.0440 0644 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:26:21.0456 0644 SSDPSRV - ok
16:26:21.0456 0644 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:26:21.0471 0644 SstpSvc - ok
16:26:21.0487 0644 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:26:21.0502 0644 stexstor - ok
16:26:21.0643 0644 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:26:21.0658 0644 stisvc - ok
16:26:21.0674 0644 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:26:21.0674 0644 swenum - ok
16:26:21.0705 0644 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:26:21.0721 0644 swprv - ok
16:26:21.0799 0644 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:26:21.0814 0644 SysMain - ok
16:26:21.0877 0644 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:26:21.0892 0644 TabletInputService - ok
16:26:21.0908 0644 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:26:21.0908 0644 TapiSrv - ok
16:26:21.0924 0644 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:26:21.0924 0644 TBS - ok
16:26:22.0017 0644 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:26:22.0048 0644 Tcpip - ok
16:26:22.0142 0644 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:26:22.0158 0644 TCPIP6 - ok
16:26:22.0204 0644 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:26:22.0204 0644 tcpipreg - ok
16:26:22.0220 0644 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:26:22.0220 0644 TDPIPE - ok
16:26:22.0236 0644 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:26:22.0236 0644 TDTCP - ok
16:26:22.0267 0644 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:26:22.0282 0644 tdx - ok
16:26:22.0298 0644 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:26:22.0298 0644 TermDD - ok
16:26:22.0329 0644 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:26:22.0329 0644 TermService - ok
16:26:22.0345 0644 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:26:22.0345 0644 Themes - ok
16:26:22.0376 0644 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:26:22.0376 0644 THREADORDER - ok
16:26:22.0392 0644 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:26:22.0392 0644 TrkWks - ok
16:26:22.0423 0644 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:26:22.0423 0644 TrustedInstaller - ok
16:26:22.0438 0644 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:26:22.0438 0644 tssecsrv - ok
16:26:22.0470 0644 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:26:22.0470 0644 TsUsbFlt - ok
16:26:22.0516 0644 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:26:22.0516 0644 tunnel - ok
16:26:22.0532 0644 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:26:22.0532 0644 uagp35 - ok
16:26:22.0563 0644 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:26:22.0563 0644 udfs - ok
16:26:22.0579 0644 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:26:22.0579 0644 UI0Detect - ok
16:26:22.0610 0644 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:26:22.0610 0644 uliagpkx - ok
16:26:22.0641 0644 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:26:22.0641 0644 umbus - ok
16:26:22.0657 0644 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:26:22.0657 0644 UmPass - ok
16:26:22.0672 0644 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:26:22.0672 0644 upnphost - ok
16:26:22.0704 0644 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
16:26:22.0704 0644 usbaudio - ok
16:26:22.0719 0644 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:26:22.0719 0644 usbccgp - ok
16:26:22.0735 0644 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:26:22.0735 0644 usbcir - ok
16:26:22.0750 0644 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:26:22.0750 0644 usbehci - ok
16:26:22.0766 0644 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:26:22.0766 0644 usbhub - ok
16:26:22.0782 0644 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:26:22.0797 0644 usbohci - ok
16:26:22.0797 0644 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:26:22.0797 0644 usbprint - ok
16:26:22.0828 0644 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:26:22.0844 0644 usbscan - ok
16:26:22.0844 0644 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:26:22.0844 0644 USBSTOR - ok
16:26:22.0844 0644 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:26:22.0860 0644 usbuhci - ok
16:26:22.0860 0644 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:26:22.0875 0644 UxSms - ok
16:26:22.0906 0644 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:26:22.0906 0644 VaultSvc - ok
16:26:22.0922 0644 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:26:22.0922 0644 vdrvroot - ok
16:26:22.0953 0644 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:26:22.0969 0644 vds - ok
16:26:22.0984 0644 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:26:22.0984 0644 vga - ok
16:26:23.0000 0644 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:26:23.0000 0644 VgaSave - ok
16:26:23.0016 0644 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:26:23.0016 0644 vhdmp - ok
16:26:23.0031 0644 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:26:23.0031 0644 viaide - ok
16:26:23.0062 0644 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:26:23.0062 0644 volmgr - ok
16:26:23.0094 0644 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:26:23.0094 0644 volmgrx - ok
16:26:23.0109 0644 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:26:23.0125 0644 volsnap - ok
16:26:23.0125 0644 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:26:23.0140 0644 vsmraid - ok
16:26:23.0203 0644 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:26:23.0234 0644 VSS - ok
16:26:23.0296 0644 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
16:26:23.0296 0644 vwifibus - ok
16:26:23.0390 0644 VX3000 (c366ae91d2cc2c1c25380061d235c36b) C:\Windows\system32\DRIVERS\VX3000.sys
16:26:23.0421 0644 VX3000 - ok
16:26:23.0484 0644 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:26:23.0484 0644 W32Time - ok
16:26:23.0499 0644 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:26:23.0499 0644 WacomPen - ok
16:26:23.0530 0644 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:26:23.0530 0644 WANARP - ok
16:26:23.0546 0644 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:26:23.0546 0644 Wanarpv6 - ok
16:26:23.0608 0644 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:26:23.0640 0644 WatAdminSvc - ok
16:26:23.0702 0644 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:26:23.0733 0644 wbengine - ok
16:26:23.0796 0644 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:26:23.0811 0644 WbioSrvc - ok
16:26:23.0858 0644 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:26:23.0858 0644 wcncsvc - ok
16:26:23.0874 0644 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:26:23.0874 0644 WcsPlugInService - ok
16:26:23.0889 0644 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:26:23.0889 0644 Wd - ok
16:26:23.0920 0644 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:26:23.0920 0644 Wdf01000 - ok
16:26:23.0936 0644 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:26:23.0936 0644 WdiServiceHost - ok
16:26:23.0936 0644 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:26:23.0936 0644 WdiSystemHost - ok
16:26:23.0967 0644 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:26:23.0983 0644 WebClient - ok
16:26:23.0998 0644 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:26:23.0998 0644 Wecsvc - ok
16:26:24.0014 0644 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:26:24.0014 0644 wercplsupport - ok
16:26:24.0061 0644 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:26:24.0061 0644 WerSvc - ok
16:26:24.0092 0644 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:26:24.0092 0644 WfpLwf - ok
16:26:24.0123 0644 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
16:26:24.0123 0644 WimFltr - ok
16:26:24.0139 0644 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:26:24.0139 0644 WIMMount - ok
16:26:24.0139 0644 WinHttpAutoProxySvc - ok
16:26:24.0201 0644 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:26:24.0217 0644 Winmgmt - ok
16:26:24.0295 0644 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:26:24.0326 0644 WinRM - ok
16:26:24.0420 0644 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:26:24.0420 0644 WinUsb - ok
16:26:24.0451 0644 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:26:24.0466 0644 Wlansvc - ok
16:26:24.0482 0644 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:26:24.0482 0644 WmiAcpi - ok
16:26:24.0513 0644 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:26:24.0513 0644 wmiApSrv - ok
16:26:24.0544 0644 WMPNetworkSvc - ok
16:26:24.0560 0644 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:26:24.0560 0644 WPCSvc - ok
16:26:24.0576 0644 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:26:24.0591 0644 WPDBusEnum - ok
16:26:24.0607 0644 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:26:24.0607 0644 ws2ifsl - ok
16:26:24.0607 0644 WSearch - ok
16:26:24.0716 0644 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:26:24.0763 0644 wuauserv - ok
16:26:24.0825 0644 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:26:24.0825 0644 WudfPf - ok
16:26:24.0856 0644 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:26:24.0856 0644 WUDFRd - ok
16:26:24.0888 0644 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:26:24.0903 0644 wudfsvc - ok
16:26:24.0919 0644 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:26:24.0919 0644 WwanSvc - ok
16:26:24.0950 0644 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
16:26:25.0387 0644 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:26:25.0387 0644 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:26:25.0387 0644 Boot (0x1200) (a0fef1f91b6cb298107f827107b44b08) \Device\Harddisk0\DR0\Partition0
16:26:25.0402 0644 \Device\Harddisk0\DR0\Partition0 - ok
16:26:25.0418 0644 Boot (0x1200) (d6b4331288d4144a3ccc9c186018a48e) \Device\Harddisk0\DR0\Partition1
16:26:25.0418 0644 \Device\Harddisk0\DR0\Partition1 - ok
16:26:25.0418 0644 ============================================================
16:26:25.0418 0644 Scan finished
16:26:25.0418 0644 ============================================================
16:26:25.0434 3060 Detected object count: 1
16:26:25.0434 3060 Actual detected object count: 1
16:27:34.0651 3060 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:27:34.0651 3060 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#6 scriba_golfer

scriba_golfer
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 26 June 2012 - 04:37 PM

UPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/26/2012 at 05:32 PM

Application Version : 5.5.1006

Core Rules Database Version : 8800
Trace Rules Database Version: 6612

Scan type : Complete Scan
Total Scan Time : 00:55:55

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 631
Memory threats detected : 0
Registry items scanned : 67342
Registry threats detected : 0
File items scanned : 85759
File threats detected : 269

Adware.Tracking Cookie
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\8DXDIGVT.txt [ /lucidmedia.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\FH5WOODZ.txt [ /interclick.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\K6HI8WJH.txt [ /media.adfrontiers.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\OHZG7YFA.txt [ /businessfinder.syracuse.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\PRFT4JJ1.txt [ /adform.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\JQCKZNIA.txt [ /insightexpressai.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\BLMG8B3C.txt [ /liveperson.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\MXA9FPO2.txt [ /fastclick.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\16GF5M2K.txt [ /casalemedia.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\4I7L4VYG.txt [ /a.iad.lpsnmedia.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\Q7UPUHMT.txt [ /pro-market.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\MEW2HYUO.txt [ /server.iad.liveperson.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\Z2P7H18P.txt [ /rptsweb.oswegocounty.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\WL9N0DUF.txt [ /adbrite.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\XTIMXXWE.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\M7AEMNH8.txt [ /serving-sys.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\0TSETDAG.txt [ /pointroll.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\0R2BTAQS.txt [ /adtech.de ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\V632FVVC.txt [ /at.atwola.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\2YFHB2E4.txt [ /www.qsstats.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\ITJPHCDU.txt [ /adfarm1.adition.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\EALCKARZ.txt [ /www.findyour-replacementwindows.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\N35IJO2V.txt [ /www.burstbeacon.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\537KQ0A0.txt [ /oswegocountytoday.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\CV51LOJZ.txt [ /pappasgroup.rotator.hadj7.adjuggler.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\2YR61QDV.txt [ /mmotraffic.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\KRKR9PO7.txt [ /stats.townnews.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\W6ETF5Y7.txt [ /fidelity.rotator.hadj7.adjuggler.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\RX9SOBGT.txt [ /www.qsstats.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\PSWVIFTX.txt [ /doubleclick.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\8AA9PUNI.txt [ /adnetwork.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\YHIXLCNS.txt [ /advertising.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\XH0C3WTE.txt [ /www.discountdance.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\PO1560A3.txt [ /adserver.adtechus.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\4XY8OUSS.txt [ /tracking.trafficcaptain.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\30QRP62X.txt [ /a1.interclick.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\MEZR8ZHH.txt [ /bs.serving-sys.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\0J4DK1C6.txt [ /www.discountmags.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\MS06P1DK.txt [ /valassis.112.2o7.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\XV74G5B0.txt [ /linksynergy.walmart.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\SETTO33R.txt [ /socialmedia.coupons.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\FVQS2DRD.txt [ /legolas-media.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\3129Q5NR.txt [ /findyour-replacementwindows.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\HID31UPZ.txt [ /ad.yieldmanager.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\G2DM055N.txt [ /accounts.google.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\12G075RA.txt [ /ads.pennlive.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\F51T48D2.txt [ /technorati.rotator.hadj7.adjuggler.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\Q75RGXDT.txt [ /ads.gamesbannernet.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\K18FYAAH.txt [ /ads.ad4game.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\4G88XG6G.txt [ /media6degrees.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\GVL6WTJK.txt [ /ads.saymedia.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\E78WTT3Q.txt [ /kanoodle.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\4824M93E.txt [ /ads.pubmatic.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\RI3IYFEA.txt [ /invitemedia.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\4J5OQ0TE.txt [ /ads.undertone.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\8DB0Y2LN.txt [ /imrworldwide.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\SDSUNFI0.txt [ /tribalfusion.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\I83EHDDA.txt [ /adxpose.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\H0U2836P.txt [ /www.burstnet.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\687PSG5N.txt [ /yadro.ru ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\AGQIIBBO.txt [ /revsci.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\236MQRMJ.txt [ /collective-media.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\RNCSDOQP.txt [ /tag.blutonicmedia.hiro.tv ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\39YKAHOY.txt [ /network.realmedia.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\9IJD88A6.txt [ /traveladvertising.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\O767W0H7.txt [ /2o7.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\7WOSGJWW.txt [ /discountdance.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\47HPRE10.txt [ /mediaplex.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\W2K7ODFZ.txt [ /specificclick.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\7N4HA0O2.txt [ /apmebf.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\1CAFHIEF.txt [ /atdmt.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\4Y8ZS7WY.txt [ /zedo.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\JK9OL0KK.txt [ /realmedia.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\E1V1KCGQ.txt [ /intermundomedia.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\9P07F67J.txt [ /yieldmanager.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\Z8N2Q7MY.txt [ /ads.nola.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\ABQ84CCI.txt [ /liveperson.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\6SWJFFSI.txt [ /adserver.valwa.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\GUBR10WW.txt [ /oswegocountyads.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\VK26H2ER.txt [ /burstnet.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\BV1KFNXP.txt [ /accounts.youtube.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\4PS5FEDE.txt [ /www.pathfinderbank.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\BC57O2WM.txt [ /myweather.112.2o7.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\KFUSP0LE.txt [ /mediaservices-d.openxenterprise.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\2SHNLC15.txt [ /tracking.affiliates.de ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\2GZDIHGE.txt [ /ads.webkinz.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\C93H9QMR.txt [ /1.sharkadnetwork.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\4JKIR93C.txt [ /burstbeacon.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\X14F3U1W.txt [ /clickfuse.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\KLIMQXQ6.txt [ /ads.nj.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\RO1JDHHN.txt [ /ads.discountdance.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\UEUCEZ1W.txt [ /ads.syracuse.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\V8OYS54G.txt [ /qksrv.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\YPQ9QFAC.txt [ /track.adform.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\IGXTKWKK.txt [ /click.findsearchengineresults.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\FYN8I22N.txt [ /ads.pointroll.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\8PD0Y4KB.txt [ /gmglobalgm.112.2o7.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\WGV46WNQ.txt [ /adlegend.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\N5CYHI43.txt [ /adserver.twitpic.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\GOY48OMH.txt [ /www.teennick.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\LT27PKM7.txt [ /ru4.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\FRZT5V1B.txt [ /ad.360yield.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\RXTDAMVL.txt [ /www.findeme.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\VVB4EXLC.txt [ /click.get-answers-fast.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\A76BPCAU.txt [ /northcountrylibraries.org ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\PBSY2KXL.txt [ /nextag.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\19WTUXLS.txt [ /lfstmedia.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\XW7S3ZSX.txt [ /trafficmp.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\R7RPQFB7.txt [ /server.cpmstar.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\IUTDZ7VG.txt [ /questionmarket.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\N954MIHD.txt [ /wwf.122.2o7.net ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\1EP9FAHZ.txt [ /teennick.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\I9IB2HDA.txt [ /ads.cnn.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\MYVYXI5F.txt [ /www.findyour-replacementwindows.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\OO2LFYRN.txt [ /discountmags.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\O281FZP8.txt [ /ads.al.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\5IB33COM.txt [ /ads.cleveland.com ]
C:\Users\Choate\AppData\Roaming\Microsoft\Windows\Cookies\5T1IU1HN.txt [ /t.pointroll.com ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\GB9C83GZ.txt [ Cookie:choate@www.9wsyr.com/mediacenter/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\XVWOS3E8.txt [ Cookie:choate@google.com/accounts/recovery/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\O8RSQAPQ.txt [ Cookie:choate@www.9wsyr.com/mostpopular/story/Cayuga-County-sex-offender-charged-with-sexually/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\PSSDW9U3.txt [ Cookie:choate@www.epicgameads.com/ads/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\KQ4R2WFY.txt [ Cookie:choate@support.google.com/accounts/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\268TFU42.txt [ Cookie:choate@www.9wsyr.com/mostpopular/story/Fab-Melo-answering-questions-about-academic/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\PZPOAW2X.txt [ Cookie:choate@religion.blogs.cnn.com/2012/05/15/my-take-what-the-bible-really-says-about-homosexuality/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\MZ2BWJ2Y.txt [ Cookie:choate@thechart.blogs.cnn.com/2012/04/24/sextuplets-born-to-houston-mom/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\I7374GJN.txt [ Cookie:choate@r.looksmart.com/og/pr=Psr;ro=1;rc=2;digest=be3216b6598df3a4d6a53d637f5dc510;kid=5f8148a09c4514e01915a80bd7bbc1a5;t=1340737515;v=8;data=QfkrQUuMJ7mT4eLGGR0f0skB2AMo-ufm-ur5E2LCvIdkrB3-qQvHUQo_jFD0YuqgUMvDX6HDBhn9LOrEe2tuj_NCGDtNnd6-tSiZ2RUaICrPaPB3lwgHJH8JZJhsNCBTMvpSOzyviMwnkbDJrYYtJMOP1Y72aa44oHjoQxqt2u3EidNjNbBYXA;uh=143x3472682638050498238;la=1180577;lm=1845226;ad=754790423;ag=764811574;kw=1562354864;qt=z%20lyrics;vr=5;lt=BM;ip=24.58.68.202;pt=;st=119.18.97.0.0.0.0;os=418.89.4.0.2.87.2.6;sy=keyword;my=ROC;geo=894417;vid=0;subid=107175-2691-27681;opi=bizz_main;lg=0;sqid=DD14D722-BFC1-11E1-AFE3-07F03A0DFABA;siid=DD268058-BFC1-11E1-8F4D-07F03A0DFABA;ii=4159.537b.4fea07eb.36d8;pn=;to=;tc=2;po=1;pc=2;pi=bizz_main_pre:ent;ts=;rm=;pfid=263328;rh=answerherefinders.in%7Chttp://infomash.org/100/11656/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\HG3DGSRQ.txt [ Cookie:choate@www.google.com/accounts ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\DRTKN3E5.txt [ Cookie:choate@delivery.ctasnet.com/adserver/www/delivery/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\UMVET99P.txt [ Cookie:choate@www.9wsyr.com/sports/content/su_sports/story/Fab-Melo-answering-questions-about-academic/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\choate@insight.youtube[2].txt [ Cookie:choate@insight.youtube.com/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\R31U01FE.txt [ Cookie:choate@www.9wsyr.com/news/local/story/Oswego-County-man-sentenced-to-60-years-in-prison/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\ONEQYEUX.txt [ Cookie:choate@accounts.youtube.com/accounts ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\4JMN2QF4.txt [ Cookie:choate@www.pathfinderbank.com/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\116Q17NU.txt [ Cookie:choate@rptsweb.oswegocounty.com/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\H0WAVD09.txt [ Cookie:choate@google.com/accounts/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\choate@www.google[3].txt [ Cookie:choate@www.google.com/support/accounts/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\ORMJGT2O.txt [ Cookie:choate@accounts.google.com/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\0WIEUQIY.txt [ Cookie:choate@www.9wsyr.com/news/local/story/F-M-girls-cross-country-comes-home-with-6th/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GWCC5WE5.txt [ Cookie:choate@google.com/support/accounts/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\CIDZ38P3.txt [ Cookie:choate@stats.paypal.com/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\56XIAAAG.txt [ Cookie:choate@discountdance.com/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\choate@countryreports[1].txt [ Cookie:choate@countryreports.org/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\9PB0JXWS.txt [ Cookie:choate@www.9wsyr.com/mediacenter/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\0E3FW12D.txt [ Cookie:choate@www.discountdance.com/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\KH020429.txt [ Cookie:choate@www.google.com/accounts ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\choate@tracking.realtor[1].txt [ Cookie:choate@tracking.realtor.com/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\0IW3E5IH.txt [ Cookie:choate@accounts.google.com/accounts/ ]
C:\USERS\CHOATE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PPOVB8MT.txt [ Cookie:choate@www.9wsyr.com/news/local/story/Oswego-County-auto-dealer-fraud-suspects-have/ ]
C:\USERS\CHOATE\Cookies\8DXDIGVT.txt [ Cookie:choate@lucidmedia.com/ ]
C:\USERS\CHOATE\Cookies\K6HI8WJH.txt [ Cookie:choate@media.adfrontiers.com/ ]
C:\USERS\CHOATE\Cookies\PRFT4JJ1.txt [ Cookie:choate@adform.net/ ]
C:\USERS\CHOATE\Cookies\GB9C83GZ.txt [ Cookie:choate@www.9wsyr.com/mediacenter/ ]
C:\USERS\CHOATE\Cookies\JQCKZNIA.txt [ Cookie:choate@insightexpressai.com/ ]
C:\USERS\CHOATE\Cookies\16GF5M2K.txt [ Cookie:choate@casalemedia.com/ ]
C:\USERS\CHOATE\Cookies\Q7UPUHMT.txt [ Cookie:choate@pro-market.net/ ]
C:\USERS\CHOATE\Cookies\Z2P7H18P.txt [ Cookie:choate@rptsweb.oswegocounty.com/ ]
C:\USERS\CHOATE\Cookies\WL9N0DUF.txt [ Cookie:choate@adbrite.com/ ]
C:\USERS\CHOATE\Cookies\XTIMXXWE.txt [ Cookie:choate@ad2.adfarm1.adition.com/ ]
C:\USERS\CHOATE\Cookies\M7AEMNH8.txt [ Cookie:choate@serving-sys.com/ ]
C:\USERS\CHOATE\Cookies\0TSETDAG.txt [ Cookie:choate@pointroll.com/ ]
C:\USERS\CHOATE\Cookies\V632FVVC.txt [ Cookie:choate@at.atwola.com/ ]
C:\USERS\CHOATE\Cookies\2YFHB2E4.txt [ Cookie:choate@www.qsstats.com/ ]
C:\USERS\CHOATE\Cookies\XVWOS3E8.txt [ Cookie:choate@google.com/accounts/recovery/ ]
C:\USERS\CHOATE\Cookies\EALCKARZ.txt [ Cookie:choate@www.findyour-replacementwindows.com/8x/ ]
C:\USERS\CHOATE\Cookies\CV51LOJZ.txt [ Cookie:choate@pappasgroup.rotator.hadj7.adjuggler.net/ ]
C:\USERS\CHOATE\Cookies\2YR61QDV.txt [ Cookie:choate@mmotraffic.com/ ]
C:\USERS\CHOATE\Cookies\KRKR9PO7.txt [ Cookie:choate@stats.townnews.com/palltimes.com/ ]
C:\USERS\CHOATE\Cookies\W6ETF5Y7.txt [ Cookie:choate@fidelity.rotator.hadj7.adjuggler.net/ ]
C:\USERS\CHOATE\Cookies\O8RSQAPQ.txt [ Cookie:choate@www.9wsyr.com/mostpopular/story/Cayuga-County-sex-offender-charged-with-sexually/ ]
C:\USERS\CHOATE\Cookies\8AA9PUNI.txt [ Cookie:choate@adnetwork.net/ ]
C:\USERS\CHOATE\Cookies\XH0C3WTE.txt [ Cookie:choate@www.discountdance.com/ ]
C:\USERS\CHOATE\Cookies\PO1560A3.txt [ Cookie:choate@adserver.adtechus.com/ ]
C:\USERS\CHOATE\Cookies\4XY8OUSS.txt [ Cookie:choate@tracking.trafficcaptain.com/ ]
C:\USERS\CHOATE\Cookies\MEZR8ZHH.txt [ Cookie:choate@bs.serving-sys.com/ ]
C:\USERS\CHOATE\Cookies\FVQS2DRD.txt [ Cookie:choate@legolas-media.com/ ]
C:\USERS\CHOATE\Cookies\3129Q5NR.txt [ Cookie:choate@findyour-replacementwindows.com/ ]
C:\USERS\CHOATE\Cookies\HID31UPZ.txt [ Cookie:choate@ad.yieldmanager.com/ ]
C:\USERS\CHOATE\Cookies\G2DM055N.txt [ Cookie:choate@accounts.google.com/ ]
C:\USERS\CHOATE\Cookies\PSSDW9U3.txt [ Cookie:choate@www.epicgameads.com/ads/ ]
C:\USERS\CHOATE\Cookies\KQ4R2WFY.txt [ Cookie:choate@support.google.com/accounts/ ]
C:\USERS\CHOATE\Cookies\Q75RGXDT.txt [ Cookie:choate@ads.gamesbannernet.com/ ]
C:\USERS\CHOATE\Cookies\GVL6WTJK.txt [ Cookie:choate@ads.saymedia.com/ ]
C:\USERS\CHOATE\Cookies\E78WTT3Q.txt [ Cookie:choate@kanoodle.com/ ]
C:\USERS\CHOATE\Cookies\268TFU42.txt [ Cookie:choate@www.9wsyr.com/mostpopular/story/Fab-Melo-answering-questions-about-academic/ ]
C:\USERS\CHOATE\Cookies\H0U2836P.txt [ Cookie:choate@www.burstnet.com/ ]
C:\USERS\CHOATE\Cookies\AGQIIBBO.txt [ Cookie:choate@revsci.net/ ]
C:\USERS\CHOATE\Cookies\RNCSDOQP.txt [ Cookie:choate@tag.blutonicmedia.hiro.tv/ ]
C:\USERS\CHOATE\Cookies\39YKAHOY.txt [ Cookie:choate@network.realmedia.com/ ]
C:\USERS\CHOATE\Cookies\9IJD88A6.txt [ Cookie:choate@traveladvertising.com/ ]
C:\USERS\CHOATE\Cookies\7WOSGJWW.txt [ Cookie:choate@discountdance.com/ ]
C:\USERS\CHOATE\Cookies\47HPRE10.txt [ Cookie:choate@mediaplex.com/ ]
C:\USERS\CHOATE\Cookies\W2K7ODFZ.txt [ Cookie:choate@specificclick.net/ ]
C:\USERS\CHOATE\Cookies\7N4HA0O2.txt [ Cookie:choate@apmebf.com/ ]
C:\USERS\CHOATE\Cookies\1CAFHIEF.txt [ Cookie:choate@atdmt.com/ ]
C:\USERS\CHOATE\Cookies\4Y8ZS7WY.txt [ Cookie:choate@zedo.com/ ]
C:\USERS\CHOATE\Cookies\JK9OL0KK.txt [ Cookie:choate@realmedia.com/ ]
C:\USERS\CHOATE\Cookies\E1V1KCGQ.txt [ Cookie:choate@intermundomedia.com/ ]
C:\USERS\CHOATE\Cookies\9P07F67J.txt [ Cookie:choate@yieldmanager.net/ ]
C:\USERS\CHOATE\Cookies\ABQ84CCI.txt [ Cookie:choate@liveperson.net/ ]
C:\USERS\CHOATE\Cookies\VK26H2ER.txt [ Cookie:choate@burstnet.com/ ]
C:\USERS\CHOATE\Cookies\BV1KFNXP.txt [ Cookie:choate@accounts.youtube.com/accounts ]
C:\USERS\CHOATE\Cookies\4PS5FEDE.txt [ Cookie:choate@www.pathfinderbank.com/ ]
C:\USERS\CHOATE\Cookies\BC57O2WM.txt [ Cookie:choate@myweather.112.2o7.net/ ]
C:\USERS\CHOATE\Cookies\KFUSP0LE.txt [ Cookie:choate@mediaservices-d.openxenterprise.com/ ]
C:\USERS\CHOATE\Cookies\C93H9QMR.txt [ Cookie:choate@1.sharkadnetwork.com/ ]
C:\USERS\CHOATE\Cookies\PZPOAW2X.txt [ Cookie:choate@religion.blogs.cnn.com/2012/05/15/my-take-what-the-bible-really-says-about-homosexuality/ ]
C:\USERS\CHOATE\Cookies\4JKIR93C.txt [ Cookie:choate@burstbeacon.com/ ]
C:\USERS\CHOATE\Cookies\RO1JDHHN.txt [ Cookie:choate@ads.discountdance.com/ ]
C:\USERS\CHOATE\Cookies\V8OYS54G.txt [ Cookie:choate@qksrv.net/ ]
C:\USERS\CHOATE\Cookies\YPQ9QFAC.txt [ Cookie:choate@track.adform.net/ ]
C:\USERS\CHOATE\Cookies\IGXTKWKK.txt [ Cookie:choate@click.findsearchengineresults.com/ads-clicktrack/click/ ]
C:\USERS\CHOATE\Cookies\FYN8I22N.txt [ Cookie:choate@ads.pointroll.com/ ]
C:\USERS\CHOATE\Cookies\WGV46WNQ.txt [ Cookie:choate@adlegend.com/ ]
C:\USERS\CHOATE\Cookies\N5CYHI43.txt [ Cookie:choate@adserver.twitpic.com/ ]
C:\USERS\CHOATE\Cookies\MZ2BWJ2Y.txt [ Cookie:choate@thechart.blogs.cnn.com/2012/04/24/sextuplets-born-to-houston-mom/ ]
C:\USERS\CHOATE\Cookies\GOY48OMH.txt [ Cookie:choate@www.teennick.com/ ]
C:\USERS\CHOATE\Cookies\I7374GJN.txt [ Cookie:choate@r.looksmart.com/og/pr=Psr;ro=1;rc=2;digest=be3216b6598df3a4d6a53d637f5dc510;kid=5f8148a09c4514e01915a80bd7bbc1a5;t=1340737515;v=8;data=QfkrQUuMJ7mT4eLGGR0f0skB2AMo-ufm-ur5E2LCvIdkrB3-qQvHUQo_jFD0YuqgUMvDX6HDBhn9LOrEe2tuj_NCGDtNnd6-tSiZ2RUaICrPaPB3lwgHJH8JZJhsNCBTMvpSOzyviMwnkbDJrYYtJMOP1Y72aa44oHjoQxqt2u3EidNjNbBYXA;uh=143x3472682638050498238;la=1180577;lm=1845226;ad=754790423;ag=764811574;kw=1562354864;qt=z%20lyrics;vr=5;lt=BM;ip=24.58.68.202;pt=;st=119.18.97.0.0.0.0;os=418.89.4.0.2.87.2.6;sy=keyword;my=ROC;geo=894417;vid=0;subid=107175-2691-27681;opi=bizz_main;lg=0;sqid=DD14D722-BFC1-11E1-AFE3-07F03A0DFABA;siid=DD268058-BFC1-11E1-8F4D-07F03A0DFABA;ii=4159.537b.4fea07eb.36d8;pn=;to=;tc=2;po=1;pc=2;pi=bizz_main_pre:ent;ts=;rm=;pfid=263328;rh=answerherefinders.in%7Chttp://infomash.org/100/11656/ ]
C:\USERS\CHOATE\Cookies\LT27PKM7.txt [ Cookie:choate@ru4.com/ ]
C:\USERS\CHOATE\Cookies\HG3DGSRQ.txt [ Cookie:choate@www.google.com/accounts ]
C:\USERS\CHOATE\Cookies\RXTDAMVL.txt [ Cookie:choate@www.findeme.com/ ]
C:\USERS\CHOATE\Cookies\VVB4EXLC.txt [ Cookie:choate@click.get-answers-fast.com/ads-clicktrack/click/ ]
C:\USERS\CHOATE\Cookies\A76BPCAU.txt [ Cookie:choate@northcountrylibraries.org/ ]
C:\USERS\CHOATE\Cookies\DRTKN3E5.txt [ Cookie:choate@delivery.ctasnet.com/adserver/www/delivery/ ]
C:\USERS\CHOATE\Cookies\PBSY2KXL.txt [ Cookie:choate@nextag.com/ ]
C:\USERS\CHOATE\Cookies\XW7S3ZSX.txt [ Cookie:choate@trafficmp.com/ ]
C:\USERS\CHOATE\Cookies\R7RPQFB7.txt [ Cookie:choate@server.cpmstar.com/ ]
C:\USERS\CHOATE\Cookies\IUTDZ7VG.txt [ Cookie:choate@questionmarket.com/ ]
C:\USERS\CHOATE\Cookies\N954MIHD.txt [ Cookie:choate@wwf.122.2o7.net/ ]
C:\USERS\CHOATE\Cookies\1EP9FAHZ.txt [ Cookie:choate@teennick.com/ ]
C:\USERS\CHOATE\Cookies\UMVET99P.txt [ Cookie:choate@www.9wsyr.com/sports/content/su_sports/story/Fab-Melo-answering-questions-about-academic/ ]
C:\USERS\CHOATE\Cookies\5T1IU1HN.txt [ Cookie:choate@t.pointroll.com/ ]
core.insightexpressai.com [ C:\USERS\CHOATE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FAJFVU2R ]
core.saymedia.com [ C:\USERS\CHOATE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FAJFVU2R ]
media.mtvnservices.com [ C:\USERS\CHOATE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FAJFVU2R ]
secure-us.imrworldwide.com [ C:\USERS\CHOATE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FAJFVU2R ]
account.goodgamestudios.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
art.aim4media.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
cdn.media.abc.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
cdn.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
cdn2.baronsmedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
click.searchnation.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
core.insightexpressai.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
core.saymedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
crackle.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
ds.serving-sys.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
i.adultswim.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
ictv-ic-ec.indieclicktv.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
kaltura.hutchmedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
media.heavy.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
media.kyte.tv [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
media.mtvnservices.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
media1.break.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
media3.onsugar.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
media4.onsugar.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
mediaforgews.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
msnbcmedia.msn.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
objects.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
s0.2mdn.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
s1.2mdn.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
secure-us.imrworldwide.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
service.twistage.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
sftrack.searchforce.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
static.discoverymedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
tag.2bluemedia.hiro.tv [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
tag.blutonicmedia.hiro.tv [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
video.adultswim.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
wdw1.wdpromedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]
www.entrepreneur.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\37E3H5QY ]

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,902 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:45 AM

Posted 26 June 2012 - 07:04 PM

Ok, much better.. Let me know how it is after this.

Rerun TDSS select the Cure or Delete option for these,,,
16:27:34.0651 3060 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:27:34.0651 3060 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


We need to Update Java and while in Control Panel remove these if you don't use them.
Ask Toolbar (Version: 1.13.1.0)
Skype Toolbars (Version: 5.0.4137)
Windows Live Toolbar (Version: 14.0.8064.206)



Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
    64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u5-windows-i586.exe (or jre-7u5-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#8 scriba_golfer

scriba_golfer
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 27 June 2012 - 04:53 PM

I think we are back to square 1.

1)I ran TDSS and it had one item. I didn't or don't remember seeing the Cure or Delete option.
So I selected delete and clicked continue.

2)Right away I got a warning from Microsoft Security Essentials that it had detectd 4 Trojans. (Later while I was going through deleting Java, it came back and said it had cleaned them)

3) I removed the Ask Toolbar

4) Removed Skype Toolbar

5) Did not find Windows Live Toolbar. Found other Windows Live items but not one described as you stated.

6) When I clicked on your link for Java Runtime Environment I experinced a redirect. Closed the window and it worked the 2nd time.

7)Downloaded Java 64-bit to desktop as an offline installation.

8)Then removed old Java programs with the Control Panel uninstall command.

9)Installed Java. Did not encounter insufficient user permissions so I was OK there. Was not offered any offers going through installation so I had nothing to uncheck.

10) Conducted reboot.

11) Following reboot I attempted a google search and still encounter redirect bug. Following reboot Security Essentials said it detected one threat and later said it has cleaned it (which I doubt)


So that's why I said I think we are back to square 1.

Will any of these steps elimnate adds which appear everywhere now or is that a separate issue? For all I know they coudl be related.

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,902 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:45 AM

Posted 27 June 2012 - 05:48 PM

Ok,
We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#10 scriba_golfer

scriba_golfer
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 27 June 2012 - 07:58 PM

GMER would run as it was suppose to. I didn't have the option to check all the boxes shown in the instructions. Other than that it went well. I do remember a recent downloaded software which was installed that I attempted to uncheck all the junk associated with it upon installation. That was Format Factory. It did have some nuisance search browser called white something.

The ads problem happened right after that.

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,902 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:45 AM

Posted 27 June 2012 - 09:01 PM

Thanks, we'll find it now.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 3 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users