Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I have the 8.26.70.252 redirect issue


  • Please log in to reply
10 replies to this topic

#1 Osceola214

Osceola214

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 18 July 2012 - 07:30 AM

Not sure if this is a virus, trojan, or what, but a quick google search shows I'm not alone. Not detected by antivirus, anti-malware software, and my browser performance, especially IE, has been suspect lately.

Running Windows 7. I have no idea where to start. Can someone help me find a way through this?

Thanks!

BC AdBot (Login to Remove)

 


#2 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:11:36 PM

Posted 18 July 2012 - 08:54 PM

Did you run Malwarebytes?


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size.


Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Please Download Tdsskiller

Run TDSSKiller.exe
Click on Change Parameters
Put a check in the box of Detect TDLFS file system
Start scan
When it is finished the utility outputs a list of detected objects with descriptions:
The utility automatically selects an action (Cure or Delete) for malicious objects and asks you what to do with suspicious objects (Skip, by default)
Just stick with the default options and click Continue
If it wants to reboot please allow it to do so and let me know
Click on Report and post the contents of the text file that will open

By default, the utility outputs the log into system disk (it is usually the disk where the operating system is installed, C:\) root folder. The Log will have a name like: TDSSKiller.Version_Date_Time_log.txt.




Please run a free online scan with the ESET Online Scanner

Disable your antivirus program
Tick the box next to YES, I accept the Terms of Use
Click Start
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click on List of found threats
Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
NOTE. If Eset doesn't find any threats it'll NOT produce any log.

#3 Osceola214

Osceola214
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 18 July 2012 - 09:53 PM

Thank you for the reply.

I did run run Malwarebytes. No help.

Spyware Doctor found Trojan.Tracur (4 infections), but since I wasn't registered, didn't fix it.

MiniToolBox by Farbar Version: 15-07-2012
Ran by Tom (administrator) on 18-07-2012 at 21:43:20
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



::1 localhost
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com

========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)
DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Tom-Dell-8330
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : CC-AF-78-57-1C-95
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : CC-AF-78-57-1C-95
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 78-2B-CB-98-23-AB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3168:aa0f:e2a:c6eb%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, July 18, 2012 8:49:39 PM
Lease Expires . . . . . . . . . . : Thursday, July 19, 2012 8:49:40 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 242756555
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-DE-05-7E-78-2B-CB-98-23-AB
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{B00BF8FB-021C-4661-9FE8-688FBC0EA0A8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{43AC4E28-4A40-45DD-B94A-0FAC3DFB16EC}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: myrouter.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4000:801::1004
74.125.227.133
74.125.227.135
74.125.227.131
74.125.227.136
74.125.227.128
74.125.227.129
74.125.227.130
74.125.227.134
74.125.227.132
74.125.227.142
74.125.227.137


Pinging google.com [74.125.227.136] with 32 bytes of data:
Reply from 74.125.227.136: bytes=32 time=9ms TTL=252
Reply from 74.125.227.136: bytes=32 time=9ms TTL=252

Ping statistics for 74.125.227.136:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 9ms, Maximum = 9ms, Average = 9ms
Server: myrouter.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=133ms TTL=250
Reply from 72.30.38.140: bytes=32 time=54ms TTL=250

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 54ms, Maximum = 133ms, Average = 93ms
Server: myrouter.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...cc af 78 57 1c 95 ......Microsoft Virtual WiFi Miniport Adapter
11...cc af 78 57 1c 95 ......DW1501 Wireless-N WLAN Half-Mini Card
10...78 2b cb 98 23 ab ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 276
192.168.1.3 255.255.255.255 On-link 192.168.1.3 276
192.168.1.255 255.255.255.255 On-link 192.168.1.3 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::3168:aa0f:e2a:c6eb/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 04 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 05 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 06 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448440] (PC Tools Research Pty Ltd.)
x64-Catalog9 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448440] (PC Tools Research Pty Ltd.)
x64-Catalog9 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448440] (PC Tools Research Pty Ltd.)
x64-Catalog9 04 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448440] (PC Tools Research Pty Ltd.)
x64-Catalog9 05 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448440] (PC Tools Research Pty Ltd.)
x64-Catalog9 06 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448440] (PC Tools Research Pty Ltd.)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 16 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 17 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448440] (PC Tools Research Pty Ltd.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/18/2012 09:30:00 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003A9C40).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:29:58 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003A9C40).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:29:58 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003A9C40).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:29:58 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003A9C40).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:29:50 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003A9C40).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:28:35 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(d0:23:db:7a:f2:2c@fe80::d223:dbff:fe7a:f22c._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (07/18/2012 09:13:52 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000000044EFE0).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:13:51 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000000044EFE0).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:13:51 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000000044EFE0).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:13:51 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000000044EFE0).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator


System errors:
=============
Error: (07/18/2012 09:24:48 PM) (Source: PCTCore) (User: )
Description: @5647

Error: (07/18/2012 09:24:48 PM) (Source: PCTCore) (User: )
Description: @5647

Error: (07/18/2012 09:24:48 PM) (Source: PCTCore) (User: )
Description: @5647

Error: (07/18/2012 09:24:47 PM) (Source: PCTCore) (User: )
Description: @5647

Error: (07/18/2012 09:24:47 PM) (Source: PCTCore) (User: )
Description: @5647

Error: (07/18/2012 09:24:46 PM) (Source: PCTCore) (User: )
Description: @5647

Error: (07/18/2012 09:24:40 PM) (Source: PCTCore) (User: )
Description: @5647

Error: (07/18/2012 09:13:31 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/18/2012 08:50:25 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (07/18/2012 08:49:43 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================
Error: (07/18/2012 09:30:00 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003A9C40)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:29:58 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003A9C40)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:29:58 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003A9C40)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:29:58 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003A9C40)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:29:50 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003A9C40)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:28:35 PM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(d0:23:db:7a:f2:2c@fe80::d223:dbff:fe7a:f22c._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (07/18/2012 09:13:52 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},000000000044EFE0)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:13:51 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},000000000044EFE0)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:13:51 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},000000000044EFE0)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (07/18/2012 09:13:51 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},000000000044EFE0)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
7200 (Version: 130.0.365.000)
7200_Help (Version: 82.0.242.000)
7200Trb (Version: 82.0.242.000)
Accurate Outlook Duplicate Remover 1.0
Adobe AIR (Version: 2.7.1.19610)
Adobe Community Help (Version: 3.5.23)
Adobe Download Assistant (Version: 1.0.3)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Photoshop Lightroom 3.6 64-bit (Version: 3.6.1)
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
Aneesoft iPad Video Converter Pro
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Applian FLV and Media Player 3.1.1.12 (Version: 3.1.1.12)
ATI Catalyst Install Manager (Version: 3.0.778.0)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.1913)
Bigasoft iPhone Video Converter 3.5.6.4299
Bonjour (Version: 3.0.0.10)
Broadcom NetXtreme-I Netlink Driver and Management Installer (Version: 14.2.4.1)
Browser Guard 4.0 (Version: 4.0.0.1588)
BufferChm (Version: 130.0.331.000)
CameraHelperMsi (Version: 13.25.1010.0)
CCleaner (Version: 3.16)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Copy (Version: 130.0.428.000)
CrashPlan (Version: 3.0.3)
CrystalDiskMark 3.0.1b (Version: 3.0.1b)
CutePDF Writer 2.8
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
Download Energy Toolbar (Version: 6.3.8.0)
Duplicate Email Remover (Version: 2.15.2)
DW WLAN Card Utility (Version: 5.60.48.35)
EASEUS Partition Master 9.0.0 Home Edition
Easy Duplicate Finder v. 1.4.3.0
eReg (Version: 1.20.138.34)
ESET Online Scanner v3
Eye-One Match 3.6.2 (Version: 3.6.2)
Fax (Version: 130.0.418.000)
FLV Player (Version: 2.0.25)
Free Convert to DIVX AVI WMV MP4 MPEG Converter 5.8
Free RAR Extract Frog (Version: 3.21)
Freemake Video Converter version 3.0.2 (Version: 3.0.2)
Google Chrome (Version: 20.0.1132.57)
Google Update Helper (Version: 1.3.21.115)
GPBaseService2 (Version: 130.0.371.000)
Hardware RAID Manager (Version: 0.09.58)
HighPoint Web RAID Management Service
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
i1_driver_installer_utility_i1Match version 1.0
iCloud (Version: 1.1.0.40)
Imagenomic Noiseware 4.2 Professional Plug-in (build 4205)
Imagenomic Portraiture 2.1 Plug-in (build 2105)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
iTunes (Version: 10.6.3.25)
K-Lite Codec Pack 4.0.0 (Full) (Version: 4.0.0)
Logitech SetPoint 6.32 (Version: 6.32.20)
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.20.1166.0)
LWS Gallery (Version: 13.20.1166.0)
LWS Help_main (Version: 13.27.1020.0)
LWS Launcher (Version: 13.27.1020.0)
LWS Motion Detection (Version: 13.20.1176.0)
LWS Pictures And Video (Version: 13.25.1010.0)
LWS Twitter (Version: 13.20.1166.0)
LWS Video Mask Maker (Version: 13.10.1216.0)
LWS VideoEffects (Version: 13.25.1005.0)
LWS Webcam Software (Version: 13.20.1168.0)
LWS WLM Plugin (Version: 1.20.1166.0)
LWS YouTube Plugin (Version: 13.20.1166.0)
Macromedia Dreamweaver 8 (Version: 8.0.0.2734)
Macromedia Extension Manager (Version: 1.7.240)
magicJack (Version: 2.0.6073.4413)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Camera Codec Pack (Version: 16.0.0652.0621)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nero Burning ROM 10 (Version: 10.2.11000.12.100)
Nero Burning ROM 10 (Version: 10.5.10300)
Nero BurningROM 10 Help (CHM) (Version: 10.5.10100)
Nero BurnRights 10 (Version: 4.2.10300.0.102)
Nero BurnRights 10 Help (CHM) (Version: 10.5.10000)
Nero Control Center 10 (Version: 10.2.10600.0.6)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.17400.8.2)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
NVIDIA 3D Vision Controller Driver (Version: 280.19)
NVIDIA 3D Vision Controller Driver 280.19 (Version: 280.19)
NVIDIA 3D Vision Driver 280.26 (Version: 280.26)
NVIDIA Control Panel 280.26 (Version: 280.26)
NVIDIA Graphics Driver 280.26 (Version: 280.26)
NVIDIA Install Application (Version: 2.1000.25.170)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.8026)
NVIDIA Update 1.4.28 (Version: 1.4.28)
NVIDIA Update Components (Version: 1.4.28)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PC Tools Spyware Doctor 9.0 (Version: 9.0)
PDF Settings CS5 (Version: 10.0)
Perfect Photo Suite 5.5.4 (Version: 5.5.4)
QuickBooks (Version: 20.0.4004.807)
QuickBooks Pro 2010 (Version: 20.0.4004.807)
QuickTime (Version: 7.71.80.42)
R-Studio 4.2 (Version: 4.2.125041)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.1.19.0)
RescuePRO 3.3
ROES.whcc
Scan (Version: 13.0.0.0)
Shop for HP Supplies (Version: 13.0)
Skype™ 5.5 (Version: 5.5.113)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Spybot - Search & Destroy (Version: 1.6.2)
Status (Version: 130.0.469.000)
Toolbox (Version: 130.0.648.000)
Topaz Adjust 4 (64-bit) (Version: 4.0.3)
Topaz Adjust 4 (Version: 4.0.3)
TrayApp (Version: 130.0.422.000)
Tune Sweeper (Version: 1.037)
TurboHddUsb
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Vertus Fluid Mask 3 3.2.2 (Version: 3.2.2)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
WebReg (Version: 130.0.132.017)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Yahoo! Detect

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 16366.46 MB
Available physical RAM: 11293.2 MB
Total Pagefile: 32731.11 MB
Available Pagefile: 27033.48 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.32 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:111.69 GB) (Free:15.51 GB) NTFS
2 Drive f: (CANON_DC) (Removable) (Total:1.86 GB) (Free:1.76 GB) FAT
3 Drive i: (India) (Fixed) (Total:931.51 GB) (Free:540.51 GB) NTFS
4 Drive j: (JULIETTE) (Fixed) (Total:1863.01 GB) (Free:297.5 GB) NTFS
5 Drive k: (NIKON D3) (Removable) (Total:14.21 GB) (Free:12.9 GB) FAT32
9 Drive t: (Tango) (Fixed) (Total:465.75 GB) (Free:198.63 GB) NTFS

========================= Users: ========================================

User accounts for \\TOM-DELL-8330

Administrator Guest Test
Tom UpdatusUser


**** End of log ****







Here is my TDSSSKiller report:

08:54:35.0110 14528 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
08:54:35.0698 14528 ============================================================
08:54:35.0698 14528 Current date / time: 2012/07/18 08:54:35.0698
08:54:35.0698 14528 SystemInfo:
08:54:35.0698 14528
08:54:35.0699 14528 OS Version: 6.1.7601 ServicePack: 1.0
08:54:35.0699 14528 Product type: Workstation
08:54:35.0699 14528 ComputerName: TOM-DELL-8330
08:54:35.0699 14528 UserName: Tom
08:54:35.0699 14528 Windows directory: C:\Windows
08:54:35.0699 14528 System windows directory: C:\Windows
08:54:35.0699 14528 Running under WOW64
08:54:35.0699 14528 Processor architecture: Intel x64
08:54:35.0699 14528 Number of processors: 4
08:54:35.0699 14528 Page size: 0x1000
08:54:35.0699 14528 Boot type: Normal boot
08:54:35.0699 14528 ============================================================
08:54:35.0875 14528 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:54:35.0875 14528 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:54:35.0883 14528 Drive \Device\Harddisk2\DR2 - Size: 0x77580000 (1.86 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:54:35.0885 14528 Drive \Device\Harddisk3\DR3 - Size: 0x38DFE4000 (14.22 Gb), SectorSize: 0x200, Cylinders: 0x740, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:54:35.0895 14528 Drive \Device\Harddisk7\DR11 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:54:35.0907 14528 Drive \Device\Harddisk8\DR12 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:54:35.0934 14528 Drive \Device\Harddisk9\DR13 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:54:35.0953 14528 ============================================================
08:54:35.0953 14528 \Device\Harddisk0\DR0:
08:54:35.0953 14528 MBR partitions:
08:54:35.0953 14528 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:54:35.0953 14528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
08:54:35.0953 14528 \Device\Harddisk1\DR1:
08:54:35.0953 14528 MBR partitions:
08:54:35.0995 14528 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0xE8E035C1
08:54:35.0995 14528 \Device\Harddisk2\DR2:
08:54:35.0996 14528 MBR partitions:
08:54:35.0996 14528 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x6, StartLBA 0x81, BlocksNum 0x3BAB7F
08:54:35.0996 14528 \Device\Harddisk3\DR3:
08:54:35.0997 14528 MBR partitions:
08:54:35.0997 14528 \Device\Harddisk3\DR3\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1C6FEE1
08:54:35.0997 14528 \Device\Harddisk7\DR11:
08:54:35.0997 14528 MBR partitions:
08:54:35.0997 14528 \Device\Harddisk7\DR11\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
08:54:35.0997 14528 \Device\Harddisk8\DR12:
08:54:35.0997 14528 MBR partitions:
08:54:35.0997 14528 \Device\Harddisk8\DR12\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
08:54:35.0997 14528 \Device\Harddisk9\DR13:
08:54:36.0002 14528 MBR partitions:
08:54:36.0009 14528 \Device\Harddisk9\DR13\Partition0: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x3A380D41
08:54:36.0009 14528 ============================================================
08:54:36.0011 14528 C: <-> \Device\Harddisk0\DR0\Partition1
08:54:36.0033 14528 J: <-> \Device\Harddisk1\DR1\Partition0
08:54:36.0039 14528 T: <-> \Device\Harddisk9\DR13\Partition0
08:54:36.0064 14528 D: <-> \Device\Harddisk7\DR11\Partition0
08:54:36.0090 14528 I: <-> \Device\Harddisk8\DR12\Partition0
08:54:36.0090 14528 ============================================================
08:54:36.0090 14528 Initialize success
08:54:36.0090 14528 ============================================================
08:54:41.0609 5456 ============================================================
08:54:41.0609 5456 Scan started
08:54:41.0609 5456 Mode: Manual; TDLFS;
08:54:41.0609 5456 ============================================================
08:54:42.0473 5456 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
08:54:42.0474 5456 1394ohci - ok
08:54:42.0486 5456 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
08:54:42.0488 5456 ACPI - ok
08:54:42.0491 5456 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
08:54:42.0491 5456 AcpiPmi - ok
08:54:42.0518 5456 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:54:42.0519 5456 AdobeFlashPlayerUpdateSvc - ok
08:54:42.0537 5456 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
08:54:42.0539 5456 adp94xx - ok
08:54:42.0552 5456 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
08:54:42.0553 5456 adpahci - ok
08:54:42.0561 5456 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
08:54:42.0562 5456 adpu320 - ok
08:54:42.0567 5456 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
08:54:42.0567 5456 AeLookupSvc - ok
08:54:42.0584 5456 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
08:54:42.0586 5456 AFD - ok
08:54:42.0590 5456 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
08:54:42.0590 5456 agp440 - ok
08:54:42.0595 5456 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
08:54:42.0595 5456 ALG - ok
08:54:42.0597 5456 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
08:54:42.0598 5456 aliide - ok
08:54:42.0606 5456 AMD External Events Utility (a359974eaac83a435497c52f62a2e590) C:\Windows\system32\atiesrxx.exe
08:54:42.0607 5456 AMD External Events Utility - ok
08:54:42.0610 5456 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
08:54:42.0610 5456 amdide - ok
08:54:42.0614 5456 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
08:54:42.0615 5456 AmdK8 - ok
08:54:42.0873 5456 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
08:54:42.0914 5456 amdkmdag - ok
08:54:42.0948 5456 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys
08:54:42.0950 5456 amdkmdap - ok
08:54:42.0955 5456 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
08:54:42.0955 5456 AmdPPM - ok
08:54:42.0965 5456 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
08:54:42.0965 5456 amdsata - ok
08:54:42.0973 5456 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
08:54:42.0974 5456 amdsbs - ok
08:54:42.0982 5456 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
08:54:42.0983 5456 amdxata - ok
08:54:42.0987 5456 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
08:54:42.0988 5456 AppID - ok
08:54:42.0991 5456 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
08:54:42.0991 5456 AppIDSvc - ok
08:54:42.0996 5456 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
08:54:42.0997 5456 Appinfo - ok
08:54:43.0004 5456 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:54:43.0005 5456 Apple Mobile Device - ok
08:54:43.0013 5456 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
08:54:43.0014 5456 AppMgmt - ok
08:54:43.0019 5456 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
08:54:43.0019 5456 arc - ok
08:54:43.0024 5456 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
08:54:43.0025 5456 arcsas - ok
08:54:43.0027 5456 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
08:54:43.0027 5456 AsyncMac - ok
08:54:43.0030 5456 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
08:54:43.0030 5456 atapi - ok
08:54:43.0037 5456 AtiHdmiService (637e0753bd6deb8ea5314a5c357ec1a0) C:\Windows\system32\drivers\AtiHdmi.sys
08:54:43.0038 5456 AtiHdmiService - ok
08:54:43.0059 5456 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:54:43.0062 5456 AudioEndpointBuilder - ok
08:54:43.0066 5456 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:54:43.0070 5456 AudioSrv - ok
08:54:43.0206 5456 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
08:54:43.0225 5456 AVGIDSAgent - ok
08:54:43.0255 5456 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
08:54:43.0256 5456 AVGIDSDriver - ok
08:54:43.0258 5456 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
08:54:43.0258 5456 AVGIDSEH - ok
08:54:43.0261 5456 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
08:54:43.0261 5456 AVGIDSFilter - ok
08:54:43.0272 5456 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
08:54:43.0273 5456 Avgldx64 - ok
08:54:43.0276 5456 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
08:54:43.0277 5456 Avgmfx64 - ok
08:54:43.0280 5456 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
08:54:43.0280 5456 Avgrkx64 - ok
08:54:43.0293 5456 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
08:54:43.0295 5456 Avgtdia - ok
08:54:43.0306 5456 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
08:54:43.0307 5456 avgwd - ok
08:54:43.0314 5456 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
08:54:43.0316 5456 AxInstSV - ok
08:54:43.0332 5456 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
08:54:43.0334 5456 b06bdrv - ok
08:54:43.0344 5456 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
08:54:43.0346 5456 b57nd60a - ok
08:54:43.0349 5456 BCM42RLY (ac4e2d84de54cd3a013aeff0cc56095c) C:\Windows\system32\drivers\BCM42RLY.sys
08:54:43.0350 5456 BCM42RLY - ok
08:54:43.0438 5456 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
08:54:43.0451 5456 BCM43XX - ok
08:54:43.0477 5456 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
08:54:43.0478 5456 BDESVC - ok
08:54:43.0483 5456 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
08:54:43.0483 5456 Beep - ok
08:54:43.0512 5456 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
08:54:43.0516 5456 BITS - ok
08:54:43.0520 5456 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
08:54:43.0521 5456 blbdrive - ok
08:54:43.0526 5456 Blfp (c5e9e88661c72f5ab1b22308ad4f61a6) C:\Windows\system32\DRIVERS\basp.sys
08:54:43.0526 5456 Blfp - ok
08:54:43.0543 5456 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
08:54:43.0545 5456 Bonjour Service - ok
08:54:43.0551 5456 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
08:54:43.0551 5456 bowser - ok
08:54:43.0558 5456 BrcmMgmtAgent (96afb6d33247fe90421a5b2e76f4ed59) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
08:54:43.0559 5456 BrcmMgmtAgent - ok
08:54:43.0561 5456 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:54:43.0562 5456 BrFiltLo - ok
08:54:43.0564 5456 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:54:43.0564 5456 BrFiltUp - ok
08:54:43.0570 5456 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
08:54:43.0571 5456 Browser - ok
08:54:43.0581 5456 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
08:54:43.0582 5456 Brserid - ok
08:54:43.0586 5456 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
08:54:43.0586 5456 BrSerWdm - ok
08:54:43.0589 5456 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:54:43.0589 5456 BrUsbMdm - ok
08:54:43.0591 5456 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
08:54:43.0591 5456 BrUsbSer - ok
08:54:43.0596 5456 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
08:54:43.0596 5456 BTHMODEM - ok
08:54:43.0602 5456 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
08:54:43.0602 5456 bthserv - ok
08:54:43.0607 5456 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
08:54:43.0607 5456 cdfs - ok
08:54:43.0614 5456 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
08:54:43.0615 5456 cdrom - ok
08:54:43.0620 5456 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:54:43.0620 5456 CertPropSvc - ok
08:54:43.0624 5456 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
08:54:43.0624 5456 circlass - ok
08:54:43.0637 5456 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
08:54:43.0639 5456 CLFS - ok
08:54:43.0645 5456 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:54:43.0645 5456 clr_optimization_v2.0.50727_32 - ok
08:54:43.0652 5456 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:54:43.0652 5456 clr_optimization_v2.0.50727_64 - ok
08:54:43.0661 5456 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:54:43.0662 5456 clr_optimization_v4.0.30319_32 - ok
08:54:43.0671 5456 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:54:43.0672 5456 clr_optimization_v4.0.30319_64 - ok
08:54:43.0675 5456 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
08:54:43.0675 5456 CmBatt - ok
08:54:43.0678 5456 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
08:54:43.0678 5456 cmdide - ok
08:54:43.0693 5456 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
08:54:43.0695 5456 CNG - ok
08:54:43.0698 5456 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
08:54:43.0698 5456 Compbatt - ok
08:54:43.0702 5456 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
08:54:43.0702 5456 CompositeBus - ok
08:54:43.0705 5456 COMSysApp - ok
08:54:43.0714 5456 CrashPlanService (e2cec73b4d221b9ffe906748d1f5fc54) C:\Program Files\CrashPlan\CrashPlanService.exe
08:54:43.0716 5456 CrashPlanService - ok
08:54:43.0718 5456 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
08:54:43.0719 5456 crcdisk - ok
08:54:43.0727 5456 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
08:54:43.0728 5456 CryptSvc - ok
08:54:43.0747 5456 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
08:54:43.0749 5456 CSC - ok
08:54:43.0772 5456 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
08:54:43.0775 5456 CscService - ok
08:54:43.0794 5456 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:54:43.0797 5456 DcomLaunch - ok
08:54:43.0807 5456 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
08:54:43.0809 5456 defragsvc - ok
08:54:43.0816 5456 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
08:54:43.0817 5456 DfsC - ok
08:54:43.0829 5456 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
08:54:43.0830 5456 Dhcp - ok
08:54:43.0834 5456 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
08:54:43.0834 5456 discache - ok
08:54:43.0838 5456 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
08:54:43.0839 5456 Disk - ok
08:54:43.0846 5456 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
08:54:43.0847 5456 Dnscache - ok
08:54:43.0856 5456 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
08:54:43.0858 5456 dot3svc - ok
08:54:43.0864 5456 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
08:54:43.0865 5456 DPS - ok
08:54:43.0867 5456 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
08:54:43.0868 5456 drmkaud - ok
08:54:43.0899 5456 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
08:54:43.0904 5456 DXGKrnl - ok
08:54:43.0910 5456 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
08:54:43.0911 5456 EapHost - ok
08:54:44.0000 5456 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
08:54:44.0014 5456 ebdrv - ok
08:54:44.0038 5456 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
08:54:44.0039 5456 EFS - ok
08:54:44.0061 5456 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
08:54:44.0064 5456 ehRecvr - ok
08:54:44.0070 5456 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
08:54:44.0071 5456 ehSched - ok
08:54:44.0094 5456 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
08:54:44.0096 5456 elxstor - ok
08:54:44.0099 5456 epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys
08:54:44.0100 5456 epmntdrv - ok
08:54:44.0102 5456 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
08:54:44.0102 5456 ErrDev - ok
08:54:44.0106 5456 EuGdiDrv (fb949ed2c93c878a189039f3d7730942) C:\Windows\system32\EuGdiDrv.sys
08:54:44.0107 5456 EuGdiDrv - ok
08:54:44.0123 5456 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
08:54:44.0125 5456 EventSystem - ok
08:54:44.0133 5456 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
08:54:44.0134 5456 exfat - ok
08:54:44.0136 5456 EyeOneDisplay (a33e0921d0c256e348e0f6d66c77b7f7) C:\Windows\system32\Drivers\i1display_x64.sys
08:54:44.0137 5456 EyeOneDisplay - ok
08:54:44.0144 5456 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
08:54:44.0146 5456 fastfat - ok
08:54:44.0167 5456 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
08:54:44.0171 5456 Fax - ok
08:54:44.0174 5456 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
08:54:44.0174 5456 fdc - ok
08:54:44.0177 5456 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
08:54:44.0178 5456 fdPHost - ok
08:54:44.0180 5456 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
08:54:44.0181 5456 FDResPub - ok
08:54:44.0185 5456 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
08:54:44.0185 5456 FileInfo - ok
08:54:44.0188 5456 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
08:54:44.0189 5456 Filetrace - ok
08:54:44.0191 5456 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
08:54:44.0192 5456 flpydisk - ok
08:54:44.0202 5456 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
08:54:44.0204 5456 FltMgr - ok
08:54:44.0239 5456 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
08:54:44.0244 5456 FontCache - ok
08:54:44.0248 5456 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:54:44.0248 5456 FontCache3.0.0.0 - ok
08:54:44.0254 5456 Freemake Improver (565619f1b6da86e3c7ba75a1e60ecfcd) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
08:54:44.0255 5456 Freemake Improver - ok
08:54:44.0261 5456 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
08:54:44.0262 5456 FsDepends - ok
08:54:44.0264 5456 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
08:54:44.0265 5456 Fs_Rec - ok
08:54:44.0274 5456 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
08:54:44.0275 5456 fvevol - ok
08:54:44.0279 5456 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:54:44.0279 5456 gagp30kx - ok
08:54:44.0282 5456 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:54:44.0283 5456 GEARAspiWDM - ok
08:54:44.0306 5456 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
08:54:44.0309 5456 gpsvc - ok
08:54:44.0317 5456 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:54:44.0318 5456 gupdate - ok
08:54:44.0320 5456 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:54:44.0321 5456 gupdatem - ok
08:54:44.0325 5456 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
08:54:44.0326 5456 hcw85cir - ok
08:54:44.0340 5456 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
08:54:44.0341 5456 HdAudAddService - ok
08:54:44.0347 5456 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
08:54:44.0348 5456 HDAudBus - ok
08:54:44.0350 5456 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
08:54:44.0351 5456 HidBatt - ok
08:54:44.0355 5456 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
08:54:44.0356 5456 HidBth - ok
08:54:44.0359 5456 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
08:54:44.0359 5456 HidIr - ok
08:54:44.0362 5456 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
08:54:44.0363 5456 hidserv - ok
08:54:44.0366 5456 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
08:54:44.0367 5456 HidUsb - ok
08:54:44.0371 5456 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
08:54:44.0372 5456 hkmsvc - ok
08:54:44.0381 5456 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
08:54:44.0383 5456 HomeGroupListener - ok
08:54:44.0390 5456 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
08:54:44.0391 5456 HomeGroupProvider - ok
08:54:44.0406 5456 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
08:54:44.0407 5456 hpqcxs08 - ok
08:54:44.0413 5456 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
08:54:44.0414 5456 hpqddsvc - ok
08:54:44.0419 5456 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
08:54:44.0419 5456 HpSAMD - ok
08:54:44.0453 5456 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
08:54:44.0458 5456 HPSLPSVC - ok
08:54:44.0461 5456 hptsvr - ok
08:54:44.0465 5456 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
08:54:44.0465 5456 HTCAND64 - ok
08:54:44.0489 5456 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
08:54:44.0493 5456 HTTP - ok
08:54:44.0495 5456 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
08:54:44.0496 5456 hwpolicy - ok
08:54:44.0500 5456 HWRaidManager (13d55980a7c1561e04ecfdaf1b62ffb5) C:\Program Files (x86)\HWRaidManager\XSrvSetup.exe
08:54:44.0500 5456 HWRaidManager - ok
08:54:44.0506 5456 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
08:54:44.0506 5456 i8042prt - ok
08:54:44.0521 5456 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
08:54:44.0523 5456 iaStor - ok
08:54:44.0526 5456 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
08:54:44.0526 5456 IAStorDataMgrSvc - ok
08:54:44.0540 5456 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
08:54:44.0542 5456 iaStorV - ok
08:54:44.0568 5456 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:54:44.0572 5456 idsvc - ok
08:54:44.0575 5456 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
08:54:44.0576 5456 iirsp - ok
08:54:44.0601 5456 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
08:54:44.0606 5456 IKEEXT - ok
08:54:44.0682 5456 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
08:54:44.0693 5456 IntcAzAudAddService - ok
08:54:44.0719 5456 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
08:54:44.0720 5456 intelide - ok
08:54:44.0724 5456 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
08:54:44.0724 5456 intelppm - ok
08:54:44.0729 5456 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
08:54:44.0730 5456 IPBusEnum - ok
08:54:44.0734 5456 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:54:44.0735 5456 IpFilterDriver - ok
08:54:44.0739 5456 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
08:54:44.0740 5456 IPMIDRV - ok
08:54:44.0745 5456 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
08:54:44.0746 5456 IPNAT - ok
08:54:44.0774 5456 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
08:54:44.0778 5456 iPod Service - ok
08:54:44.0781 5456 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
08:54:44.0781 5456 IRENUM - ok
08:54:44.0784 5456 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
08:54:44.0784 5456 isapnp - ok
08:54:44.0794 5456 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
08:54:44.0795 5456 iScsiPrt - ok
08:54:44.0810 5456 k57nd60a (12e27942dbb7c91880163634b0d8a776) C:\Windows\system32\DRIVERS\k57nd60a.sys
08:54:44.0812 5456 k57nd60a - ok
08:54:44.0816 5456 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
08:54:44.0816 5456 kbdclass - ok
08:54:44.0819 5456 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
08:54:44.0820 5456 kbdhid - ok
08:54:44.0823 5456 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:54:44.0824 5456 KeyIso - ok
08:54:44.0828 5456 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
08:54:44.0829 5456 KSecDD - ok
08:54:44.0835 5456 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
08:54:44.0836 5456 KSecPkg - ok
08:54:44.0839 5456 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
08:54:44.0839 5456 ksthunk - ok
08:54:44.0851 5456 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
08:54:44.0853 5456 KtmRm - ok
08:54:44.0862 5456 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
08:54:44.0864 5456 LanmanServer - ok
08:54:44.0869 5456 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
08:54:44.0871 5456 LanmanWorkstation - ok
08:54:44.0884 5456 LBTServ (7772dfab22611050b79504e671b06e6e) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
08:54:44.0885 5456 LBTServ - ok
08:54:44.0892 5456 LEqdUsb (ed7ec050cd6c20e1a93a4dafb7efd14d) C:\Windows\system32\DRIVERS\LEqdUsb.Sys
08:54:44.0892 5456 LEqdUsb - ok
08:54:44.0896 5456 LHidEqd (3267bc698e29474a8381e68904eb0390) C:\Windows\system32\DRIVERS\LHidEqd.Sys
08:54:44.0897 5456 LHidEqd - ok
08:54:44.0902 5456 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
08:54:44.0903 5456 LHidFilt - ok
08:54:44.0907 5456 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
08:54:44.0908 5456 lltdio - ok
08:54:44.0919 5456 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
08:54:44.0921 5456 lltdsvc - ok
08:54:44.0923 5456 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
08:54:44.0924 5456 lmhosts - ok
08:54:44.0928 5456 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
08:54:44.0929 5456 LMouFilt - ok
08:54:44.0942 5456 LMS (926eba26a8b49d1597751ced06b50862) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
08:54:44.0944 5456 LMS - ok
08:54:44.0951 5456 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
08:54:44.0952 5456 LSI_FC - ok
08:54:44.0958 5456 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
08:54:44.0959 5456 LSI_SAS - ok
08:54:44.0964 5456 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:54:44.0965 5456 LSI_SAS2 - ok
08:54:44.0970 5456 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:54:44.0971 5456 LSI_SCSI - ok
08:54:44.0976 5456 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
08:54:44.0977 5456 luafv - ok
08:54:44.0991 5456 LVRS64 (f643ef866c3a8aea35f8fcc7ad451f69) C:\Windows\system32\DRIVERS\lvrs64.sys
08:54:44.0992 5456 LVRS64 - ok
08:54:45.0106 5456 LVUVC64 (dbed5efeb1a5f51a233a4fd494302c7d) C:\Windows\system32\DRIVERS\lvuvc64.sys
08:54:45.0124 5456 LVUVC64 - ok
08:54:45.0149 5456 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
08:54:45.0150 5456 Mcx2Svc - ok
08:54:45.0156 5456 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
08:54:45.0156 5456 megasas - ok
08:54:45.0166 5456 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
08:54:45.0168 5456 MegaSR - ok
08:54:45.0172 5456 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
08:54:45.0172 5456 MEIx64 - ok
08:54:45.0176 5456 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:54:45.0177 5456 MMCSS - ok
08:54:45.0180 5456 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
08:54:45.0181 5456 Modem - ok
08:54:45.0184 5456 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
08:54:45.0184 5456 monitor - ok
08:54:45.0188 5456 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
08:54:45.0188 5456 mouclass - ok
08:54:45.0191 5456 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
08:54:45.0192 5456 mouhid - ok
08:54:45.0196 5456 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
08:54:45.0197 5456 mountmgr - ok
08:54:45.0204 5456 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:54:45.0205 5456 MozillaMaintenance - ok
08:54:45.0212 5456 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
08:54:45.0212 5456 mpio - ok
08:54:45.0217 5456 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
08:54:45.0218 5456 mpsdrv - ok
08:54:45.0224 5456 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
08:54:45.0225 5456 MRxDAV - ok
08:54:45.0231 5456 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:54:45.0232 5456 mrxsmb - ok
08:54:45.0242 5456 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:54:45.0243 5456 mrxsmb10 - ok
08:54:45.0249 5456 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:54:45.0250 5456 mrxsmb20 - ok
08:54:45.0252 5456 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
08:54:45.0253 5456 msahci - ok
08:54:45.0259 5456 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
08:54:45.0260 5456 msdsm - ok
08:54:45.0266 5456 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
08:54:45.0267 5456 MSDTC - ok
08:54:45.0272 5456 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
08:54:45.0273 5456 Msfs - ok
08:54:45.0274 5456 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
08:54:45.0275 5456 mshidkmdf - ok
08:54:45.0277 5456 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
08:54:45.0278 5456 msisadrv - ok
08:54:45.0284 5456 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
08:54:45.0285 5456 MSiSCSI - ok
08:54:45.0287 5456 msiserver - ok
08:54:45.0291 5456 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
08:54:45.0291 5456 MSKSSRV - ok
08:54:45.0294 5456 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
08:54:45.0294 5456 MSPCLOCK - ok
08:54:45.0296 5456 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
08:54:45.0297 5456 MSPQM - ok
08:54:45.0310 5456 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
08:54:45.0312 5456 MsRPC - ok
08:54:45.0316 5456 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
08:54:45.0317 5456 mssmbios - ok
08:54:45.0319 5456 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
08:54:45.0319 5456 MSTEE - ok
08:54:45.0322 5456 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
08:54:45.0322 5456 MTConfig - ok
08:54:45.0327 5456 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
08:54:45.0327 5456 Mup - ok
08:54:45.0343 5456 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
08:54:45.0346 5456 napagent - ok
08:54:45.0357 5456 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
08:54:45.0359 5456 NativeWifiP - ok
08:54:45.0391 5456 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
08:54:45.0395 5456 NDIS - ok
08:54:45.0398 5456 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
08:54:45.0399 5456 NdisCap - ok
08:54:45.0401 5456 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
08:54:45.0402 5456 NdisTapi - ok
08:54:45.0405 5456 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
08:54:45.0406 5456 Ndisuio - ok
08:54:45.0413 5456 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
08:54:45.0414 5456 NdisWan - ok
08:54:45.0418 5456 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
08:54:45.0418 5456 NDProxy - ok
08:54:45.0424 5456 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
08:54:45.0425 5456 Net Driver HPZ12 - ok
08:54:45.0428 5456 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
08:54:45.0429 5456 NetBIOS - ok
08:54:45.0439 5456 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
08:54:45.0440 5456 NetBT - ok
08:54:45.0443 5456 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:54:45.0444 5456 Netlogon - ok
08:54:45.0456 5456 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
08:54:45.0459 5456 Netman - ok
08:54:45.0474 5456 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
08:54:45.0476 5456 netprofm - ok
08:54:45.0482 5456 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:54:45.0483 5456 NetTcpPortSharing - ok
08:54:45.0487 5456 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
08:54:45.0487 5456 nfrd960 - ok
08:54:45.0499 5456 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
08:54:45.0500 5456 NlaSvc - ok
08:54:45.0522 5456 nlsX86cc (b1ef4686961986dffb7fe8f18e6fcb5b) C:\Windows\SysWOW64\nlssrv32.exe
08:54:45.0523 5456 nlsX86cc - ok
08:54:45.0526 5456 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
08:54:45.0526 5456 Npfs - ok
08:54:45.0529 5456 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
08:54:45.0530 5456 nsi - ok
08:54:45.0532 5456 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
08:54:45.0533 5456 nsiproxy - ok
08:54:45.0582 5456 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
08:54:45.0589 5456 Ntfs - ok
08:54:45.0614 5456 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
08:54:45.0615 5456 Null - ok
08:54:45.0620 5456 nusb3hub (9a33100ac62a0463c49e47ee8e77083a) C:\Windows\system32\DRIVERS\nusb3hub.sys
08:54:45.0621 5456 nusb3hub - ok
08:54:45.0629 5456 nusb3xhc (87c321f7bee646b7ec6eedd6eb725741) C:\Windows\system32\DRIVERS\nusb3xhc.sys
08:54:45.0630 5456 nusb3xhc - ok
08:54:45.0982 5456 nvlddmkm (cc1efea1f0ab17e59bd4b5baff3e5cb0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:54:46.0036 5456 nvlddmkm - ok
08:54:46.0067 5456 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
08:54:46.0068 5456 nvraid - ok
08:54:46.0074 5456 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
08:54:46.0075 5456 nvstor - ok
08:54:46.0105 5456 nvsvc (39f933ca2798156b0b7a19d104b73b9a) C:\Windows\system32\nvvsvc.exe
08:54:46.0110 5456 nvsvc - ok
08:54:46.0176 5456 nvUpdatusService (4e5c5d88eb0a8d21824d5a3eb7327e69) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
08:54:46.0186 5456 nvUpdatusService - ok
08:54:46.0215 5456 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
08:54:46.0215 5456 nv_agp - ok
08:54:46.0220 5456 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
08:54:46.0220 5456 ohci1394 - ok
08:54:46.0229 5456 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:54:46.0230 5456 ose - ok
08:54:46.0386 5456 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:54:46.0407 5456 osppsvc - ok
08:54:46.0441 5456 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:54:46.0443 5456 p2pimsvc - ok
08:54:46.0460 5456 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
08:54:46.0463 5456 p2psvc - ok
08:54:46.0470 5456 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
08:54:46.0471 5456 Parport - ok
08:54:46.0475 5456 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
08:54:46.0476 5456 partmgr - ok
08:54:46.0483 5456 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
08:54:46.0485 5456 PcaSvc - ok
08:54:46.0492 5456 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
08:54:46.0493 5456 pci - ok
08:54:46.0496 5456 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
08:54:46.0496 5456 pciide - ok
08:54:46.0504 5456 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
08:54:46.0505 5456 pcmcia - ok
08:54:46.0510 5456 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
08:54:46.0511 5456 pcw - ok
08:54:46.0513 5456 PDIHWCTL - ok
08:54:46.0534 5456 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
08:54:46.0537 5456 PEAUTH - ok
08:54:46.0576 5456 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
08:54:46.0582 5456 PeerDistSvc - ok
08:54:46.0603 5456 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
08:54:46.0604 5456 PerfHost - ok
08:54:46.0666 5456 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
08:54:46.0673 5456 pla - ok
08:54:46.0688 5456 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
08:54:46.0691 5456 PlugPlay - ok
08:54:46.0697 5456 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
08:54:46.0698 5456 Pml Driver HPZ12 - ok
08:54:46.0701 5456 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
08:54:46.0702 5456 PNRPAutoReg - ok
08:54:46.0714 5456 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:54:46.0716 5456 PNRPsvc - ok
08:54:46.0733 5456 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
08:54:46.0736 5456 PolicyAgent - ok
08:54:46.0744 5456 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
08:54:46.0746 5456 Power - ok
08:54:46.0754 5456 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
08:54:46.0755 5456 PptpMiniport - ok
08:54:46.0759 5456 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
08:54:46.0760 5456 Processor - ok
08:54:46.0768 5456 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
08:54:46.0769 5456 ProfSvc - ok
08:54:46.0773 5456 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:54:46.0774 5456 ProtectedStorage - ok
08:54:46.0780 5456 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
08:54:46.0781 5456 Psched - ok
08:54:46.0787 5456 QBCFMonitorService (0e7cea5dd0ae5500c94cbafaca024dec) c:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
08:54:46.0788 5456 QBCFMonitorService - ok
08:54:46.0791 5456 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) c:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
08:54:46.0792 5456 QBFCService - ok
08:54:46.0837 5456 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
08:54:46.0844 5456 ql2300 - ok
08:54:46.0873 5456 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
08:54:46.0873 5456 ql40xx - ok
08:54:46.0883 5456 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
08:54:46.0885 5456 QWAVE - ok
08:54:46.0888 5456 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
08:54:46.0889 5456 QWAVEdrv - ok
08:54:46.0893 5456 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
08:54:46.0894 5456 RasAcd - ok
08:54:46.0900 5456 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:54:46.0901 5456 RasAgileVpn - ok
08:54:46.0907 5456 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
08:54:46.0909 5456 RasAuto - ok
08:54:46.0916 5456 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:54:46.0917 5456 Rasl2tp - ok
08:54:46.0929 5456 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
08:54:46.0932 5456 RasMan - ok
08:54:46.0938 5456 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
08:54:46.0939 5456 RasPppoe - ok
08:54:46.0944 5456 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
08:54:46.0945 5456 RasSstp - ok
08:54:46.0957 5456 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
08:54:46.0959 5456 rdbss - ok
08:54:46.0963 5456 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
08:54:46.0963 5456 rdpbus - ok
08:54:46.0966 5456 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:54:46.0967 5456 RDPCDD - ok
08:54:46.0977 5456 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
08:54:46.0978 5456 RDPDR - ok
08:54:46.0982 5456 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
08:54:46.0982 5456 RDPENCDD - ok
08:54:46.0987 5456 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
08:54:46.0987 5456 RDPREFMP - ok
08:54:46.0996 5456 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
08:54:46.0998 5456 RDPWD - ok
08:54:47.0008 5456 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
08:54:47.0009 5456 rdyboost - ok
08:54:47.0016 5456 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
08:54:47.0017 5456 RemoteAccess - ok
08:54:47.0026 5456 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
08:54:47.0027 5456 RemoteRegistry - ok
08:54:47.0031 5456 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
08:54:47.0032 5456 RpcEptMapper - ok
08:54:47.0035 5456 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
08:54:47.0035 5456 RpcLocator - ok
08:54:47.0052 5456 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:54:47.0055 5456 RpcSs - ok
08:54:47.0062 5456 rr62x (dc37e853c300b6f45753f52a2eb71f23) C:\Windows\system32\DRIVERS\rr62x.sys
08:54:47.0063 5456 rr62x - ok
08:54:47.0068 5456 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
08:54:47.0068 5456 rspndr - ok
08:54:47.0071 5456 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
08:54:47.0071 5456 s3cap - ok
08:54:47.0074 5456 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:54:47.0075 5456 SamSs - ok
08:54:47.0085 5456 SbFw (cdb954c736d51dc5fa712c039af4f683) C:\Windows\system32\drivers\SbFw.sys
08:54:47.0086 5456 SbFw - ok
08:54:47.0091 5456 SBFWIMCL (5de22e3cb6140213da2e0599b08d525c) C:\Windows\system32\DRIVERS\sbfwim.sys
08:54:47.0092 5456 SBFWIMCL - ok
08:54:47.0094 5456 SBFWIMCLMP (5de22e3cb6140213da2e0599b08d525c) C:\Windows\system32\DRIVERS\SBFWIM.sys
08:54:47.0095 5456 SBFWIMCLMP - ok
08:54:47.0098 5456 sbhips (a5bc45f8c2f30350e7566799c86b2f5d) C:\Windows\system32\drivers\sbhips.sys
08:54:47.0099 5456 sbhips - ok
08:54:47.0104 5456 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
08:54:47.0105 5456 sbp2port - ok
08:54:47.0107 5456 SBRE - ok
08:54:47.0144 5456 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
08:54:47.0149 5456 SBSDWSCService - ok
08:54:47.0154 5456 SbTis (f9955774a6bf0a5ca696f591c7b80a79) C:\Windows\system32\drivers\sbtis.sys
08:54:47.0155 5456 SbTis - ok
08:54:47.0162 5456 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
08:54:47.0164 5456 SCardSvr - ok
08:54:47.0167 5456 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
08:54:47.0168 5456 scfilter - ok
08:54:47.0199 5456 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
08:54:47.0204 5456 Schedule - ok
08:54:47.0209 5456 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:54:47.0210 5456 SCPolicySvc - ok
08:54:47.0217 5456 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
08:54:47.0219 5456 SDRSVC - ok
08:54:47.0224 5456 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
08:54:47.0224 5456 secdrv - ok
08:54:47.0227 5456 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
08:54:47.0228 5456 seclogon - ok
08:54:47.0232 5456 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
08:54:47.0233 5456 SENS - ok
08:54:47.0236 5456 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
08:54:47.0237 5456 SensrSvc - ok
08:54:47.0240 5456 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
08:54:47.0241 5456 Serenum - ok
08:54:47.0246 5456 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
08:54:47.0246 5456 Serial - ok
08:54:47.0249 5456 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
08:54:47.0250 5456 sermouse - ok
08:54:47.0258 5456 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
08:54:47.0260 5456 SessionEnv - ok
08:54:47.0262 5456 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
08:54:47.0263 5456 sffdisk - ok
08:54:47.0265 5456 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
08:54:47.0265 5456 sffp_mmc - ok
08:54:47.0268 5456 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
08:54:47.0268 5456 sffp_sd - ok
08:54:47.0271 5456 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
08:54:47.0272 5456 sfloppy - ok
08:54:47.0284 5456 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
08:54:47.0286 5456 SharedAccess - ok
08:54:47.0299 5456 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
08:54:47.0301 5456 ShellHWDetection - ok
08:54:47.0305 5456 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:54:47.0305 5456 SiSRaid2 - ok
08:54:47.0310 5456 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
08:54:47.0310 5456 SiSRaid4 - ok
08:54:47.0315 5456 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
08:54:47.0316 5456 Smb - ok
08:54:47.0322 5456 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
08:54:47.0323 5456 SNMPTRAP - ok
08:54:47.0325 5456 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
08:54:47.0326 5456 spldr - ok
08:54:47.0344 5456 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
08:54:47.0347 5456 Spooler - ok
08:54:47.0453 5456 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
08:54:47.0469 5456 sppsvc - ok
08:54:47.0494 5456 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
08:54:47.0495 5456 sppuinotify - ok
08:54:47.0514 5456 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
08:54:47.0516 5456 srv - ok
08:54:47.0530 5456 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
08:54:47.0532 5456 srv2 - ok
08:54:47.0540 5456 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
08:54:47.0541 5456 srvnet - ok
08:54:47.0549 5456 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
08:54:47.0550 5456 SSDPSRV - ok
08:54:47.0555 5456 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
08:54:47.0556 5456 SstpSvc - ok
08:54:47.0570 5456 Stereo Service (9bf7e58d9113ce15cf4f1e1b18ceff83) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
08:54:47.0572 5456 Stereo Service - ok
08:54:47.0576 5456 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
08:54:47.0576 5456 stexstor - ok
08:54:47.0579 5456 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
08:54:47.0580 5456 StillCam - ok
08:54:47.0601 5456 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
08:54:47.0605 5456 stisvc - ok
08:54:47.0609 5456 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
08:54:47.0609 5456 storflt - ok
08:54:47.0612 5456 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
08:54:47.0613 5456 StorSvc - ok
08:54:47.0617 5456 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
08:54:47.0617 5456 storvsc - ok
08:54:47.0620 5456 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
08:54:47.0620 5456 swenum - ok
08:54:47.0638 5456 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
08:54:47.0641 5456 SwitchBoard - ok
08:54:47.0657 5456 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
08:54:47.0660 5456 swprv - ok
08:54:47.0710 5456 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
08:54:47.0718 5456 SysMain - ok
08:54:47.0743 5456 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
08:54:47.0745 5456 TabletInputService - ok
08:54:47.0757 5456 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
08:54:47.0759 5456 TapiSrv - ok
08:54:47.0763 5456 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
08:54:47.0764 5456 TBS - ok
08:54:47.0821 5456 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
08:54:47.0829 5456 Tcpip - ok
08:54:47.0907 5456 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
08:54:47.0915 5456 TCPIP6 - ok
08:54:47.0943 5456 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
08:54:47.0944 5456 tcpipreg - ok
08:54:47.0948 5456 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
08:54:47.0948 5456 TDPIPE - ok
08:54:47.0951 5456 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
08:54:47.0952 5456 TDTCP - ok
08:54:47.0957 5456 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
08:54:47.0958 5456 tdx - ok
08:54:47.0963 5456 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
08:54:47.0963 5456 TermDD - ok
08:54:47.0987 5456 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
08:54:47.0991 5456 TermService - ok
08:54:47.0995 5456 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
08:54:47.0996 5456 Themes - ok
08:54:48.0001 5456 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:54:48.0001 5456 THREADORDER - ok
08:54:48.0008 5456 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
08:54:48.0009 5456 TrkWks - ok
08:54:48.0017 5456 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
08:54:48.0019 5456 TrustedInstaller - ok
08:54:48.0023 5456 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:54:48.0024 5456 tssecsrv - ok
08:54:48.0028 5456 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
08:54:48.0028 5456 TsUsbFlt - ok
08:54:48.0035 5456 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
08:54:48.0036 5456 tunnel - ok
08:54:48.0040 5456 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
08:54:48.0040 5456 uagp35 - ok
08:54:48.0053 5456 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
08:54:48.0055 5456 udfs - ok
08:54:48.0061 5456 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
08:54:48.0062 5456 UI0Detect - ok
08:54:48.0067 5456 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
08:54:48.0067 5456 uliagpkx - ok
08:54:48.0071 5456 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
08:54:48.0071 5456 umbus - ok
08:54:48.0074 5456 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
08:54:48.0074 5456 UmPass - ok
08:54:48.0083 5456 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
08:54:48.0084 5456 UmRdpService - ok
08:54:48.0101 5456 UMVPFSrv (5b27bac376642259825a6131879d760b) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
08:54:48.0103 5456 UMVPFSrv - ok
08:54:48.0174 5456 UNS (fdf92ec84fecee834fb10a2a0a19bcda) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
08:54:48.0185 5456 UNS - ok
08:54:48.0218 5456 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
08:54:48.0221 5456 upnphost - ok
08:54:48.0228 5456 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
08:54:48.0228 5456 USBAAPL64 - ok
08:54:48.0234 5456 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
08:54:48.0235 5456 usbaudio - ok
08:54:48.0240 5456 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
08:54:48.0241 5456 usbccgp - ok
08:54:48.0246 5456 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
08:54:48.0247 5456 usbcir - ok
08:54:48.0251 5456 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
08:54:48.0251 5456 usbehci - ok
08:54:48.0264 5456 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
08:54:48.0265 5456 usbhub - ok
08:54:48.0268 5456 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
08:54:48.0269 5456 usbohci - ok
08:54:48.0272 5456 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
08:54:48.0273 5456 usbprint - ok
08:54:48.0277 5456 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:54:48.0278 5456 USBSTOR - ok
08:54:48.0281 5456 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
08:54:48.0282 5456 usbuhci - ok
08:54:48.0289 5456 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
08:54:48.0291 5456 usbvideo - ok
08:54:48.0294 5456 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
08:54:48.0295 5456 UxSms - ok
08:54:48.0298 5456 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:54:48.0299 5456 VaultSvc - ok
08:54:48.0302 5456 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
08:54:48.0303 5456 vdrvroot - ok
08:54:48.0320 5456 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
08:54:48.0323 5456 vds - ok
08:54:48.0327 5456 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
08:54:48.0327 5456 vga - ok
08:54:48.0330 5456 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
08:54:48.0330 5456 VgaSave - ok
08:54:48.0339 5456 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
08:54:48.0340 5456 vhdmp - ok
08:54:48.0343 5456 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
08:54:48.0343 5456 viaide - ok
08:54:48.0351 5456 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
08:54:48.0352 5456 vmbus - ok
08:54:48.0355 5456 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
08:54:48.0356 5456 VMBusHID - ok
08:54:48.0360 5456 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
08:54:48.0361 5456 volmgr - ok
08:54:48.0373 5456 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
08:54:48.0375 5456 volmgrx - ok
08:54:48.0386 5456 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
08:54:48.0388 5456 volsnap - ok
08:54:48.0396 5456 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
08:54:48.0397 5456 vsmraid - ok
08:54:48.0443 5456 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
08:54:48.0451 5456 VSS - ok
08:54:48.0477 5456 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
08:54:48.0478 5456 vwifibus - ok
08:54:48.0482 5456 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
08:54:48.0483 5456 vwififlt - ok
08:54:48.0485 5456 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
08:54:48.0486 5456 vwifimp - ok
08:54:48.0499 5456 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
08:54:48.0501 5456 W32Time - ok
08:54:48.0506 5456 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
08:54:48.0506 5456 WacomPen - ok
08:54:48.0511 5456 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:54:48.0512 5456 WANARP - ok
08:54:48.0514 5456 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:54:48.0515 5456 Wanarpv6 - ok
08:54:48.0558 5456 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
08:54:48.0563 5456 WatAdminSvc - ok
08:54:48.0610 5456 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
08:54:48.0617 5456 wbengine - ok
08:54:48.0646 5456 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
08:54:48.0648 5456 WbioSrvc - ok
08:54:48.0661 5456 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
08:54:48.0663 5456 wcncsvc - ok
08:54:48.0667 5456 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
08:54:48.0668 5456 WcsPlugInService - ok
08:54:48.0673 5456 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
08:54:48.0674 5456 Wd - ok
08:54:48.0694 5456 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
08:54:48.0697 5456 Wdf01000 - ok
08:54:48.0702 5456 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:54:48.0704 5456 WdiServiceHost - ok
08:54:48.0706 5456 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:54:48.0707 5456 WdiSystemHost - ok
08:54:48.0717 5456 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
08:54:48.0719 5456 WebClient - ok
08:54:48.0728 5456 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
08:54:48.0730 5456 Wecsvc - ok
08:54:48.0734 5456 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
08:54:48.0736 5456 wercplsupport - ok
08:54:48.0740 5456 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
08:54:48.0742 5456 WerSvc - ok
08:54:48.0747 5456 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
08:54:48.0747 5456 WfpLwf - ok
08:54:48.0750 5456 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
08:54:48.0750 5456 WIMMount - ok
08:54:48.0753 5456 WinHttpAutoProxySvc - ok
08:54:48.0766 5456 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
08:54:48.0767 5456 Winmgmt - ok
08:54:48.0829 5456 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
08:54:48.0838 5456 WinRM - ok
08:54:48.0867 5456 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
08:54:48.0868 5456 WinUsb - ok
08:54:48.0895 5456 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
08:54:48.0900 5456 Wlansvc - ok
08:54:48.0969 5456 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:54:48.0979 5456 wlidsvc - ok
08:54:48.0983 5456 wltrysvc (de816a0624d54d68e1fb8a9028dcf81a) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
08:54:48.0984 5456 wltrysvc - ok
08:54:49.0009 5456 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
08:54:49.0010 5456 WmiAcpi - ok
08:54:49.0021 5456 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
08:54:49.0022 5456 wmiApSrv - ok
08:54:49.0026 5456 WMPNetworkSvc - ok
08:54:49.0029 5456 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
08:54:49.0030 5456 WPCSvc - ok
08:54:49.0036 5456 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
08:54:49.0038 5456 WPDBusEnum - ok
08:54:49.0041 5456 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
08:54:49.0041 5456 ws2ifsl - ok
08:54:49.0043 5456 WSearch - ok
08:54:49.0115 5456 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
08:54:49.0126 5456 wuauserv - ok
08:54:49.0158 5456 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
08:54:49.0159 5456 WudfPf - ok
08:54:49.0168 5456 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:54:49.0169 5456 WUDFRd - ok
08:54:49.0173 5456 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
08:54:49.0175 5456 wudfsvc - ok
08:54:49.0184 5456 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
08:54:49.0186 5456 WwanSvc - ok
08:54:49.0194 5456 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:54:49.0288 5456 \Device\Harddisk0\DR0 - ok
08:54:49.0304 5456 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
08:54:49.0363 5456 \Device\Harddisk1\DR1 - ok
08:54:49.0367 5456 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk2\DR2
08:54:49.0530 5456 \Device\Harddisk2\DR2 - ok
08:54:49.0534 5456 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk3\DR3
08:54:49.0636 5456 \Device\Harddisk3\DR3 - ok
08:54:49.0638 5456 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk7\DR11
08:54:49.0849 5456 \Device\Harddisk7\DR11 - ok
08:54:49.0852 5456 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk8\DR12
08:54:49.0895 5456 \Device\Harddisk8\DR12 - ok
08:54:49.0905 5456 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk9\DR13
08:54:49.0994 5456 \Device\Harddisk9\DR13 - ok
08:54:49.0996 5456 Boot (0x1200) (03137f344733cb5178f5b2f8a737ce3b) \Device\Harddisk0\DR0\Partition0
08:54:49.0996 5456 \Device\Harddisk0\DR0\Partition0 - ok
08:54:49.0998 5456 Boot (0x1200) (887c64d33a8beb427e5de759274be4e1) \Device\Harddisk0\DR0\Partition1
08:54:49.0999 5456 \Device\Harddisk0\DR0\Partition1 - ok
08:54:50.0001 5456 Boot (0x1200) (63a3a3528421e230730040e1a1af5e5c) \Device\Harddisk1\DR1\Partition0
08:54:50.0002 5456 \Device\Harddisk1\DR1\Partition0 - ok
08:54:50.0004 5456 Boot (0x1200) (45300bc0322de4cc92a4a6d7b7c77d9f) \Device\Harddisk2\DR2\Partition0
08:54:50.0005 5456 \Device\Harddisk2\DR2\Partition0 - ok
08:54:50.0008 5456 Boot (0x1200) (7ff7ed5fd090762c83766b3ed21d6be1) \Device\Harddisk3\DR3\Partition0
08:54:50.0010 5456 \Device\Harddisk3\DR3\Partition0 - ok
08:54:50.0012 5456 Boot (0x1200) (8d2b1b6efb09691f6a1f0571f41106a0) \Device\Harddisk7\DR11\Partition0
08:54:50.0013 5456 \Device\Harddisk7\DR11\Partition0 - ok
08:54:50.0014 5456 Boot (0x1200) (6e53ca8053e5517d528ebca16cedb6ad) \Device\Harddisk8\DR12\Partition0
08:54:50.0015 5456 \Device\Harddisk8\DR12\Partition0 - ok
08:54:50.0017 5456 Boot (0x1200) (b106901d2bb4c0b68f35a72b3f1dc783) \Device\Harddisk9\DR13\Partition0
08:54:50.0018 5456 \Device\Harddisk9\DR13\Partition0 - ok
08:54:50.0018 5456 ============================================================
08:54:50.0018 5456 Scan finished
08:54:50.0018 5456 ============================================================
08:54:50.0024 9564 Detected object count: 0
08:54:50.0024 9564 Actual detected object count: 0
08:55:39.0835 7516 Deinitialize success


I will post the ESET results next.

#4 Osceola214

Osceola214
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 19 July 2012 - 05:06 AM

ESET info:

C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000050 HTML/WhiteSmoke application cleaned by deleting - quarantined

#5 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:11:36 PM

Posted 19 July 2012 - 10:56 AM

I see ESET got rid of something related to White Smoke. We may have to have the Malware Response Team take a look at your machine, but lets try one more thing first and see what we find.

Please Download SAS (SuperAntiSpyware)

Allow it to update
Select complete scan
Select Scan your Computer...
Select your main drive (usually c:\) Uncheck other drives
Select Start Complete Scan>
Post the results

Have AVG or Spybot found anything?

#6 Osceola214

Osceola214
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 19 July 2012 - 03:50 PM

Thanks so much!

Note,

I originally posted that this redirected to 8.26.70.252. Now it seems to go to different places, but still redirects, even after white smoke was caught. The redirects are weird. Sometimes they go to a site very similar to what I was searching for. Sometimes not similar at all, sometimes porn.



SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/19/2012 at 03:49 PM

Application Version : 5.5.1012

Core Rules Database Version : 8929
Trace Rules Database Version: 6741

Scan type : Quick Scan
Total Scan Time : 00:02:30

Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 680
Memory threats detected : 0
Registry items scanned : 58719
Registry threats detected : 0
File items scanned : 12225
File threats detected : 185

Adware.Tracking Cookie
C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Cookies\B9MWJ2W9.txt [ /2o7.net ]
C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Cookies\O9AP9VLH.txt [ /www.seetanianaked.com ]
C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Cookies\W4WGAPML.txt [ /thefind.com ]
.kontera.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Cookies\ZT7TJ0V0.txt [ /seetanianaked.com ]
.doubleclick.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Cookies\BK1C2UMG.txt [ /eset.122.2o7.net ]
.at.atwola.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Cookies\ZR8PAGEO.txt [ /avgtechnologies.112.2o7.net ]
.collective-media.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TEST\AppData\Roaming\Microsoft\Windows\Cookies\Low\HBVNUGO1.txt [ Cookie:test@atdmt.com/ ]
C:\USERS\TEST\AppData\Roaming\Microsoft\Windows\Cookies\Low\ABPULTL3.txt [ Cookie:test@ads.pointroll.com/ ]
.imrworldwide.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\8O800C8V.txt [ Cookie:tom@tacoda.at.atwola.com/ ]
ad.yieldmanager.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\GL41VVR3.txt [ Cookie:tom@lucidmedia.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\HVNW9PPM.txt [ Cookie:tom@apmebf.com/ ]
.liveperson.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\YSU2AKRB.txt [ Cookie:tom@burstnet.com/ ]
server.iad.liveperson.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\SMLHDINJ.txt [ Cookie:tom@sales.liveperson.net/ ]
.liveperson.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\WN4SCNOP.txt [ Cookie:tom@histats.com/stats/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\6OOYVAYP.txt [ Cookie:tom@ads.crakmedia.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\JH4R1PHP.txt [ Cookie:tom@support.easeus.com/ordertrack/ ]
.invitemedia.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\I49VO1LD.txt [ Cookie:tom@mediaplex.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\PFSVT0DU.txt [ Cookie:tom@accounts.google.com/ ]
ad.yieldmanager.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\7LOYBUY4.txt [ Cookie:tom@trafficmp.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\ACR71IUZ.txt [ Cookie:tom@steelhousemedia.com/ ]
.adbrite.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
click.get-answers-fast.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\K7AY6H7L.txt [ Cookie:tom@at.atwola.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\XHJY2538.txt [ Cookie:tom@pointroll.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\8F8Q8DPV.txt [ Cookie:tom@www.burstnet.com/ ]
ad.yieldmanager.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZVUGXOCD.txt [ Cookie:tom@serving-sys.com/ ]
ad.yieldmanager.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\9KC8P4FS.txt [ Cookie:tom@imrworldwide.com/cgi-bin ]
.revsci.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\RS7SS6P1.txt [ Cookie:tom@specificclick.net/ ]
ad.yieldmanager.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\06BBN9MB.txt [ Cookie:tom@atdmt.com/ ]
.revsci.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\3YVR3LYT.txt [ Cookie:tom@adserver.adtechus.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\BT2HUGQ1.txt [ Cookie:tom@2o7.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\QMI0Y6CL.txt [ Cookie:tom@ox-d.secure-clicks.org/ ]
.ru4.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\R0KEMRJ9.txt [ Cookie:tom@adxpose.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\RW8CLS7Q.txt [ Cookie:tom@adfarm1.adition.com/ ]
.dmtracker.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\2ZUZZ6C4.txt [ Cookie:tom@adinterax.com/ ]
.questionmarket.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\APMZNH27.txt [ Cookie:tom@microsoftsto.112.2o7.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\4SG0UNSC.txt [ Cookie:tom@www.qsstats.com/ ]
.revsci.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\TITFQF6G.txt [ Cookie:tom@interclick.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\IJI5AB28.txt [ Cookie:tom@ads2.zeusclicks.com/ ]
.adbrite.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\K6R1M690.txt [ Cookie:tom@pcworldcommunication.122.2o7.net/ ]
.casalemedia.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\YK8GM1CJ.txt [ Cookie:tom@estat.com/ ]
.casalemedia.com [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbank.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbank.net [ C:\USERS\TOM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\7H2FXWDT.txt [ Cookie:tom@premiumtv.122.2o7.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\JHPSUDJO.txt [ Cookie:tom@invitemedia.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\BUO8ABAU.txt [ Cookie:tom@insightexpressai.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\EA16D59I.txt [ Cookie:tom@mm.chitika.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\VDCZWCLM.txt [ Cookie:tom@ad2.adfarm1.adition.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\49OUFWMX.txt [ Cookie:tom@in.getclicky.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\K0A27YFL.txt [ Cookie:tom@verizontelecom.112.2o7.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\W1J3IHSP.txt [ Cookie:tom@religion.blogs.cnn.com/2012/07/03/tom-cruise-divorce-raises-question-what-is-scientology-anyway/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\0F5N4ZTA.txt [ Cookie:tom@liveperson.net/hc/46950671 ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\HD3RP3UU.txt [ Cookie:tom@click.findsearchengineresults.com/ads-clicktrack/click/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\USXAKGMP.txt [ Cookie:tom@ads.pointroll.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\UK2EV9ZA.txt [ Cookie:tom@247realmedia.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\245P5Q7F.txt [ Cookie:tom@histats.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\63VHJJ86.txt [ Cookie:tom@ru4.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\06MFY8GQ.txt [ Cookie:tom@mediaservices-d.openxenterprise.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\9H54W9Q3.txt [ Cookie:tom@intermundomedia.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\XYDZ54CC.txt [ Cookie:tom@hitbox.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\1KSQYTK1.txt [ Cookie:tom@zedo.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\RUD9OROH.txt [ Cookie:tom@www.googleadservices.com/pagead/conversion/1071030338/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\K1UQ891M.txt [ Cookie:tom@bridge.ame.admarketplace.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\FLNVHLPT.txt [ Cookie:tom@kontera.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\130QU6T5.txt [ Cookie:tom@adultadworld.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\0OH2R5D0.txt [ Cookie:tom@cnt4.millioncounter.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\VI56LFJW.txt [ Cookie:tom@media.adfrontiers.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\CYMWJFM1.txt [ Cookie:tom@adsonar.com/adserving ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\RHY60GD3.txt [ Cookie:tom@live.realtimewebstats.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\9IMNXL9P.txt [ Cookie:tom@revsci.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\K3MGLHKO.txt [ Cookie:tom@server.iad.liveperson.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\2EQVG14H.txt [ Cookie:tom@questionmarket.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\SABTU8ZN.txt [ Cookie:tom@collective-media.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\HONT8QTU.txt [ Cookie:tom@amazon-adsystem.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\991Z9WJ1.txt [ Cookie:tom@www.clickmanage.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\CQ9KCBT1.txt [ Cookie:tom@validclick.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\B3IMOMDF.txt [ Cookie:tom@www.burstbeacon.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\HUGLSR2N.txt [ Cookie:tom@dmtracker.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\LK0DQKSA.txt [ Cookie:tom@myroitracking.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\UV4A721S.txt [ Cookie:tom@lynxtrack.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\H7LJCKBI.txt [ Cookie:tom@www.googleadservices.com/pagead/conversion/995282950/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\MSZI7P28.txt [ Cookie:tom@click.get-answers-fast.com/ads-clicktrack/click/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\73WLOTIK.txt [ Cookie:tom@accounts.youtube.com/accounts ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\RPLS1TWX.txt [ Cookie:tom@adlegend.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\MO1IE5WA.txt [ Cookie:tom@www.googleadservices.com/pagead/conversion/1071393233/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\19KJ5QXM.txt [ Cookie:tom@liveperson.net/hc/52266821 ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\8DY3PM4I.txt [ Cookie:tom@travidia.112.2o7.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\OQ8I68J5.txt [ Cookie:tom@www.googleadservices.com/pagead/conversion/1039236499/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\7BIRD0K8.txt [ Cookie:tom@counter.hitslink.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\AXUINL1J.txt [ Cookie:tom@clicksor.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\VC6HT9I9.txt [ Cookie:tom@wjadserver.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\SYMIG77B.txt [ Cookie:tom@atlanticmedia.122.2o7.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\B3FS62C5.txt [ Cookie:tom@www.qsstats.com/dcs2gsur0r4tuuf7ougx9tppe_4v1r ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\09HZ05OR.txt [ Cookie:tom@dc.tremormedia.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\79Z847IE.txt [ Cookie:tom@realmedia.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\6L6JPVMI.txt [ Cookie:tom@msnportal.112.2o7.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\GPEHNRQL.txt [ Cookie:tom@liveperson.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\OM6UF252.txt [ Cookie:tom@adtech.de/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\RAE836Y3.txt [ Cookie:tom@saymedia.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\WAR3C9Z4.txt [ Cookie:tom@eset.122.2o7.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\AJNOCRIU.txt [ Cookie:tom@liveperson.net/hc/63541529 ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\SG02IFY3.txt [ Cookie:tom@xiti.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\ICYS360Y.txt [ Cookie:tom@s.clickability.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\UZYLQ2DO.txt [ Cookie:tom@media.charter.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\A716QEG2.txt [ Cookie:tom@avgtechnologies.112.2o7.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\77L1OUSZ.txt [ Cookie:tom@stats.paypal.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\0W8J45PR.txt [ Cookie:tom@c.atdmt.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\THQOXMTN.txt [ Cookie:tom@a.iad.lpsnmedia.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\71YOQVV0.txt [ Cookie:tom@admarketplace.net/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\KWPP7B18.txt [ Cookie:tom@www.google.com/accounts ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\C6A0SXYN.txt [ Cookie:tom@theclickcheck.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\YN01GZJ9.txt [ Cookie:tom@ads.saymedia.com/ ]
C:\USERS\TOM\AppData\Roaming\Microsoft\Windows\Cookies\Low\DSLJZ78P.txt [ Cookie:tom@traffic.buyservices.com/ ]
C:\USERS\TOM\Cookies\B9MWJ2W9.txt [ Cookie:tom@2o7.net/ ]
C:\USERS\TOM\Cookies\O9AP9VLH.txt [ Cookie:tom@www.seetanianaked.com/ ]
C:\USERS\TOM\Cookies\W4WGAPML.txt [ Cookie:tom@thefind.com/ ]
C:\USERS\TOM\Cookies\ZT7TJ0V0.txt [ Cookie:tom@seetanianaked.com/ ]
C:\USERS\TOM\Cookies\BK1C2UMG.txt [ Cookie:tom@eset.122.2o7.net/ ]
C:\USERS\TOM\Cookies\ZR8PAGEO.txt [ Cookie:tom@avgtechnologies.112.2o7.net/ ]

#7 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:11:36 PM

Posted 19 July 2012 - 04:10 PM

Can you please post a scan log for MBAM where you ran a FULL SCAN as Administrator. If you have not rut it in this manor please do so and post the log. Make sure to update it as well.

#8 Osceola214

Osceola214
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 19 July 2012 - 04:22 PM

"Can you please post a scan log for MBAM where you ran a FULL SCAN as Administrator"

Doing that now.

The redirects are funny. Sometimes it only happens when I try to open in a new tab. Sometimes I try to open in a new tab, and get a new window with the redirect, and sometimes it doesn't redirect at all. Used to link only to the IP in the subject line, but now seems to go all over.

Will post MBAM Administrator full scan shortly.

Edited by Osceola214, 19 July 2012 - 04:24 PM.


#9 Osceola214

Osceola214
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 19 July 2012 - 04:37 PM

BTW, now it doesn't just redirect to 8.26.70.252, it goes all over.


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.19.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Tom :: TOM-DELL-8330 [administrator]

7/19/2012 4:20:54 PM
mbam-log-2012-07-19 (16-20-54).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 544810
Time elapsed: 14 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Edited by Osceola214, 19 July 2012 - 04:38 PM.


#10 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:11:36 PM

Posted 20 July 2012 - 02:08 PM

I think you must have something nasty stuck in your system. You may fair better with someone on the Malware Response Team.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

#11 Osceola214

Osceola214
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 20 July 2012 - 03:22 PM

Thank you. I'll do as you suggested.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users