Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

mywebsearch and pop ups


  • This topic is locked This topic is locked
11 replies to this topic

#1 mercuryrsng

mercuryrsng

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 13 November 2012 - 11:40 PM

Hey all,

I have a computer here that had a PUP.mywebsearch malware infection which malwarebytes antimalware found. What can I do next to clean this computer out? Getting lots of pop ups while browsing the internet.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:54 PM

Posted 13 November 2012 - 11:49 PM

Hello. also run these....


Please Download

TDSSkiller


Launch it. Click on change parameters-Select TDLFS file system

Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.




Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
  • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
  • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
  • Click the Scan your computer... button.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.



Some sytem info...
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 14 November 2012 - 02:36 PM

23:56:11.0322 1128 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:56:11.0741 1128 ============================================================
23:56:11.0741 1128 Current date / time: 2012/11/13 23:56:11.0741
23:56:11.0741 1128 SystemInfo:
23:56:11.0741 1128
23:56:11.0741 1128 OS Version: 6.1.7601 ServicePack: 1.0
23:56:11.0741 1128 Product type: Workstation
23:56:11.0741 1128 ComputerName: SWINDEN4
23:56:11.0741 1128 UserName: cindy swinden
23:56:11.0741 1128 Windows directory: C:\windows
23:56:11.0741 1128 System windows directory: C:\windows
23:56:11.0741 1128 Running under WOW64
23:56:11.0741 1128 Processor architecture: Intel x64
23:56:11.0741 1128 Number of processors: 4
23:56:11.0741 1128 Page size: 0x1000
23:56:11.0741 1128 Boot type: Normal boot
23:56:11.0741 1128 ============================================================
23:56:13.0538 1128 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:56:13.0542 1128 ============================================================
23:56:13.0542 1128 \Device\Harddisk0\DR0:
23:56:13.0542 1128 MBR partitions:
23:56:13.0542 1128 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x5557C000
23:56:13.0542 1128 ============================================================
23:56:13.0593 1128 C: <-> \Device\Harddisk0\DR0\Partition1
23:56:13.0593 1128 ============================================================
23:56:13.0593 1128 Initialize success
23:56:13.0593 1128 ============================================================
23:56:25.0909 7748 ============================================================
23:56:25.0909 7748 Scan started
23:56:25.0909 7748 Mode: Manual; TDLFS;
23:56:25.0909 7748 ============================================================
23:56:27.0622 7748 ================ Scan system memory ========================
23:56:27.0622 7748 System memory - ok
23:56:27.0622 7748 ================ Scan services =============================
23:56:28.0444 7748 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
23:56:28.0447 7748 1394ohci - ok
23:56:28.0517 7748 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
23:56:28.0520 7748 ACPI - ok
23:56:28.0553 7748 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
23:56:28.0555 7748 AcpiPmi - ok
23:56:28.0964 7748 [ 0D4C486A24A711A45FD83ACDF4D18506 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:56:28.0967 7748 AdobeFlashPlayerUpdateSvc - ok
23:56:29.0006 7748 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
23:56:29.0012 7748 adp94xx - ok
23:56:29.0066 7748 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
23:56:29.0071 7748 adpahci - ok
23:56:29.0075 7748 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
23:56:29.0078 7748 adpu320 - ok
23:56:29.0102 7748 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
23:56:29.0104 7748 AeLookupSvc - ok
23:56:29.0135 7748 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
23:56:29.0141 7748 AFD - ok
23:56:29.0153 7748 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
23:56:29.0154 7748 agp440 - ok
23:56:29.0198 7748 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
23:56:29.0201 7748 ALG - ok
23:56:29.0215 7748 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
23:56:29.0217 7748 aliide - ok
23:56:29.0230 7748 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
23:56:29.0232 7748 amdide - ok
23:56:29.0251 7748 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
23:56:29.0253 7748 AmdK8 - ok
23:56:29.0256 7748 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
23:56:29.0258 7748 AmdPPM - ok
23:56:29.0261 7748 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
23:56:29.0263 7748 amdsata - ok
23:56:29.0278 7748 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
23:56:29.0290 7748 amdsbs - ok
23:56:29.0304 7748 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
23:56:29.0305 7748 amdxata - ok
23:56:29.0346 7748 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
23:56:29.0348 7748 AppID - ok
23:56:29.0369 7748 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
23:56:29.0371 7748 AppIDSvc - ok
23:56:29.0384 7748 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
23:56:29.0386 7748 Appinfo - ok
23:56:29.0403 7748 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
23:56:29.0405 7748 arc - ok
23:56:29.0420 7748 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
23:56:29.0422 7748 arcsas - ok
23:56:29.0634 7748 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:56:29.0636 7748 aspnet_state - ok
23:56:29.0662 7748 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
23:56:29.0663 7748 AsyncMac - ok
23:56:29.0707 7748 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
23:56:29.0707 7748 atapi - ok
23:56:29.0745 7748 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
23:56:29.0752 7748 AudioEndpointBuilder - ok
23:56:29.0760 7748 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
23:56:29.0763 7748 AudioSrv - ok
23:56:29.0830 7748 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
23:56:29.0832 7748 AxInstSV - ok
23:56:29.0893 7748 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
23:56:29.0899 7748 b06bdrv - ok
23:56:29.0915 7748 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
23:56:29.0918 7748 b57nd60a - ok
23:56:29.0963 7748 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
23:56:29.0965 7748 BDESVC - ok
23:56:29.0992 7748 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
23:56:29.0993 7748 Beep - ok
23:56:30.0035 7748 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
23:56:30.0043 7748 BFE - ok
23:56:30.0206 7748 [ 652F4D186325B69FFE80EE18AE9ACC77 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20121030.002\BHDrvx64.sys
23:56:30.0213 7748 BHDrvx64 - ok
23:56:30.0250 7748 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
23:56:30.0260 7748 BITS - ok
23:56:30.0293 7748 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
23:56:30.0294 7748 blbdrive - ok
23:56:30.0328 7748 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
23:56:30.0329 7748 bowser - ok
23:56:30.0362 7748 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
23:56:30.0364 7748 BrFiltLo - ok
23:56:30.0367 7748 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
23:56:30.0368 7748 BrFiltUp - ok
23:56:30.0387 7748 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
23:56:30.0390 7748 Browser - ok
23:56:30.0436 7748 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
23:56:30.0440 7748 Brserid - ok
23:56:30.0444 7748 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
23:56:30.0446 7748 BrSerWdm - ok
23:56:30.0448 7748 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
23:56:30.0449 7748 BrUsbMdm - ok
23:56:30.0452 7748 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
23:56:30.0454 7748 BrUsbSer - ok
23:56:30.0462 7748 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
23:56:30.0464 7748 BTHMODEM - ok
23:56:30.0509 7748 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
23:56:30.0511 7748 bthserv - ok
23:56:30.0598 7748 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NAV C:\windows\system32\drivers\NAVx64\1309000.009\ccSetx64.sys
23:56:30.0599 7748 ccSet_NAV - ok
23:56:30.0626 7748 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
23:56:30.0628 7748 cdfs - ok
23:56:30.0685 7748 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
23:56:30.0687 7748 cdrom - ok
23:56:30.0721 7748 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
23:56:30.0722 7748 CertPropSvc - ok
23:56:30.0729 7748 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
23:56:30.0730 7748 circlass - ok
23:56:30.0762 7748 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
23:56:30.0766 7748 CLFS - ok
23:56:30.0865 7748 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:56:30.0867 7748 clr_optimization_v2.0.50727_32 - ok
23:56:30.0966 7748 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:56:30.0967 7748 clr_optimization_v2.0.50727_64 - ok
23:56:31.0133 7748 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:56:31.0135 7748 clr_optimization_v4.0.30319_32 - ok
23:56:31.0164 7748 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:56:31.0166 7748 clr_optimization_v4.0.30319_64 - ok
23:56:31.0210 7748 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
23:56:31.0212 7748 CmBatt - ok
23:56:31.0214 7748 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
23:56:31.0215 7748 cmdide - ok
23:56:31.0250 7748 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
23:56:31.0255 7748 CNG - ok
23:56:31.0285 7748 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
23:56:31.0286 7748 Compbatt - ok
23:56:31.0294 7748 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
23:56:31.0295 7748 CompositeBus - ok
23:56:31.0298 7748 COMSysApp - ok
23:56:31.0356 7748 [ 723E3512D6D1FF75E5398981B38FCEF7 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
23:56:31.0359 7748 cphs - ok
23:56:31.0387 7748 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
23:56:31.0388 7748 crcdisk - ok
23:56:31.0430 7748 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
23:56:31.0433 7748 CryptSvc - ok
23:56:31.0492 7748 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
23:56:31.0499 7748 DcomLaunch - ok
23:56:31.0700 7748 [ D0B322012EBAB1F29E3AD4A8568B2DBA ] DefaultTabSearch C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
23:56:31.0703 7748 DefaultTabSearch - ok
23:56:31.0893 7748 [ 34AE0DFA3EE3B5B9975042D87332D0B7 ] DefaultTabUpdate C:\Users\cindy swinden\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
23:56:31.0894 7748 DefaultTabUpdate - ok
23:56:31.0980 7748 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
23:56:31.0984 7748 defragsvc - ok
23:56:32.0023 7748 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
23:56:32.0026 7748 DfsC - ok
23:56:32.0084 7748 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
23:56:32.0088 7748 Dhcp - ok
23:56:32.0142 7748 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
23:56:32.0143 7748 discache - ok
23:56:32.0181 7748 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
23:56:32.0182 7748 Disk - ok
23:56:32.0214 7748 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
23:56:32.0217 7748 Dnscache - ok
23:56:32.0226 7748 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
23:56:32.0229 7748 dot3svc - ok
23:56:32.0240 7748 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
23:56:32.0241 7748 DPS - ok
23:56:32.0272 7748 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
23:56:32.0273 7748 drmkaud - ok
23:56:32.0296 7748 [ ED5B31FFC64B9305DDB468701E4019A0 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
23:56:32.0300 7748 DXGKrnl - ok
23:56:32.0330 7748 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
23:56:32.0332 7748 EapHost - ok
23:56:32.0400 7748 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
23:56:32.0445 7748 ebdrv - ok
23:56:32.0516 7748 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
23:56:32.0519 7748 eeCtrl - ok
23:56:32.0557 7748 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
23:56:32.0558 7748 EFS - ok
23:56:32.0661 7748 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
23:56:32.0668 7748 ehRecvr - ok
23:56:32.0726 7748 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
23:56:32.0728 7748 ehSched - ok
23:56:32.0775 7748 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
23:56:32.0781 7748 elxstor - ok
23:56:32.0895 7748 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:56:32.0896 7748 EraserUtilRebootDrv - ok
23:56:32.0907 7748 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
23:56:32.0908 7748 ErrDev - ok
23:56:32.0966 7748 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
23:56:32.0970 7748 EventSystem - ok
23:56:33.0121 7748 [ 64D25284A4E9D11CA0722AF3F30FD970 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
23:56:33.0124 7748 EvtEng - ok
23:56:33.0159 7748 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
23:56:33.0162 7748 exfat - ok
23:56:33.0166 7748 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
23:56:33.0169 7748 fastfat - ok
23:56:33.0216 7748 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
23:56:33.0224 7748 Fax - ok
23:56:33.0251 7748 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
23:56:33.0252 7748 fdc - ok
23:56:33.0278 7748 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
23:56:33.0279 7748 fdPHost - ok
23:56:33.0282 7748 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
23:56:33.0284 7748 FDResPub - ok
23:56:33.0297 7748 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
23:56:33.0298 7748 FileInfo - ok
23:56:33.0301 7748 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
23:56:33.0302 7748 Filetrace - ok
23:56:33.0320 7748 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
23:56:33.0321 7748 flpydisk - ok
23:56:33.0326 7748 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
23:56:33.0329 7748 FltMgr - ok
23:56:33.0360 7748 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
23:56:33.0372 7748 FontCache - ok
23:56:33.0432 7748 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:56:33.0433 7748 FontCache3.0.0.0 - ok
23:56:33.0460 7748 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
23:56:33.0461 7748 FsDepends - ok
23:56:33.0487 7748 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
23:56:33.0488 7748 Fs_Rec - ok
23:56:33.0501 7748 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
23:56:33.0503 7748 fvevol - ok
23:56:33.0550 7748 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
23:56:33.0568 7748 FwLnk - ok
23:56:33.0635 7748 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
23:56:33.0636 7748 gagp30kx - ok
23:56:33.0666 7748 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
23:56:33.0675 7748 gpsvc - ok
23:56:33.0717 7748 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:56:33.0718 7748 gupdate - ok
23:56:33.0730 7748 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:56:33.0731 7748 gupdatem - ok
23:56:33.0800 7748 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:56:33.0803 7748 gusvc - ok
23:56:33.0843 7748 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
23:56:33.0844 7748 hcw85cir - ok
23:56:33.0931 7748 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
23:56:33.0942 7748 HdAudAddService - ok
23:56:33.0956 7748 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
23:56:33.0958 7748 HDAudBus - ok
23:56:33.0975 7748 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
23:56:33.0977 7748 HidBatt - ok
23:56:33.0980 7748 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
23:56:33.0982 7748 HidBth - ok
23:56:33.0991 7748 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
23:56:33.0992 7748 HidIr - ok
23:56:34.0013 7748 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
23:56:34.0015 7748 hidserv - ok
23:56:34.0057 7748 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
23:56:34.0058 7748 HidUsb - ok
23:56:34.0081 7748 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
23:56:34.0083 7748 hkmsvc - ok
23:56:34.0112 7748 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
23:56:34.0115 7748 HomeGroupListener - ok
23:56:34.0138 7748 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
23:56:34.0141 7748 HomeGroupProvider - ok
23:56:34.0183 7748 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
23:56:34.0184 7748 HpSAMD - ok
23:56:34.0202 7748 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
23:56:34.0214 7748 HTTP - ok
23:56:34.0216 7748 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
23:56:34.0217 7748 hwpolicy - ok
23:56:34.0254 7748 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
23:56:34.0256 7748 i8042prt - ok
23:56:34.0309 7748 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
23:56:34.0311 7748 iaStor - ok
23:56:34.0334 7748 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
23:56:34.0338 7748 iaStorV - ok
23:56:34.0403 7748 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:56:34.0413 7748 idsvc - ok
23:56:34.0613 7748 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20121113.006\IDSvia64.sys
23:56:34.0616 7748 IDSVia64 - ok
23:56:34.0857 7748 [ 9AA61DC7AA32C1D1260C4267FF07E0C1 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
23:56:35.0073 7748 igfx - ok
23:56:35.0122 7748 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
23:56:35.0124 7748 iirsp - ok
23:56:35.0155 7748 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
23:56:35.0165 7748 IKEEXT - ok
23:56:35.0202 7748 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
23:56:35.0204 7748 intaud_WaveExtensible - ok
23:56:35.0340 7748 [ 8BD7EB761F4341E6F9FD066099F24B01 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
23:56:35.0360 7748 IntcAzAudAddService - ok
23:56:35.0413 7748 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
23:56:35.0418 7748 IntcDAud - ok
23:56:35.0478 7748 [ 7C76466F4E0F76CE259C6005D161E9E8 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:56:35.0487 7748 Intel® Capability Licensing Service Interface - ok
23:56:35.0541 7748 [ D7467E57549960468E0CA85C17185B12 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
23:56:35.0542 7748 Intel® ME Service - ok
23:56:35.0566 7748 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
23:56:35.0568 7748 intelide - ok
23:56:35.0609 7748 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
23:56:35.0610 7748 intelppm - ok
23:56:35.0630 7748 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
23:56:35.0632 7748 IPBusEnum - ok
23:56:35.0636 7748 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
23:56:35.0638 7748 IpFilterDriver - ok
23:56:35.0769 7748 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
23:56:35.0824 7748 iphlpsvc - ok
23:56:35.0881 7748 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
23:56:35.0898 7748 IPMIDRV - ok
23:56:35.0917 7748 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
23:56:35.0921 7748 IPNAT - ok
23:56:35.0949 7748 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
23:56:35.0951 7748 IRENUM - ok
23:56:35.0954 7748 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
23:56:35.0955 7748 isapnp - ok
23:56:35.0984 7748 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
23:56:35.0987 7748 iScsiPrt - ok
23:56:36.0076 7748 [ 846354992EBB373F452EB9182D501B08 ] iusb3hcs C:\windows\system32\DRIVERS\iusb3hcs.sys
23:56:36.0077 7748 iusb3hcs - ok
23:56:36.0095 7748 [ 1D88A23853387D34D52CC8F9DDBFC56C ] iusb3hub C:\windows\system32\DRIVERS\iusb3hub.sys
23:56:36.0097 7748 iusb3hub - ok
23:56:36.0206 7748 [ FC5EFD7C797DF19DFB999F0605A7924E ] iusb3xhc C:\windows\system32\DRIVERS\iusb3xhc.sys
23:56:36.0210 7748 iusb3xhc - ok
23:56:36.0316 7748 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\windows\system32\DRIVERS\iwdbus.sys
23:56:36.0317 7748 iwdbus - ok
23:56:36.0356 7748 [ 604A8615BB3D7064197A0563C799B938 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
23:56:36.0357 7748 jhi_service - ok
23:56:36.0373 7748 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
23:56:36.0374 7748 kbdclass - ok
23:56:36.0397 7748 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
23:56:36.0409 7748 kbdhid - ok
23:56:36.0435 7748 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
23:56:36.0436 7748 KeyIso - ok
23:56:36.0469 7748 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
23:56:36.0470 7748 KSecDD - ok
23:56:36.0488 7748 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
23:56:36.0490 7748 KSecPkg - ok
23:56:36.0506 7748 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
23:56:36.0507 7748 ksthunk - ok
23:56:36.0536 7748 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
23:56:36.0541 7748 KtmRm - ok
23:56:36.0579 7748 [ 3CE6A9BEF066BF9488E6BC4D6C62F77E ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
23:56:36.0580 7748 L1C - ok
23:56:36.0622 7748 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
23:56:36.0626 7748 LanmanServer - ok
23:56:36.0645 7748 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
23:56:36.0648 7748 LanmanWorkstation - ok
23:56:36.0695 7748 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
23:56:36.0697 7748 lltdio - ok
23:56:36.0740 7748 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
23:56:36.0744 7748 lltdsvc - ok
23:56:36.0768 7748 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
23:56:36.0770 7748 lmhosts - ok
23:56:36.0841 7748 [ AB41542FA180CB3317F597ED7E7D5C5D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:56:36.0843 7748 LMS - ok
23:56:36.0897 7748 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
23:56:36.0899 7748 LSI_FC - ok
23:56:36.0904 7748 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
23:56:36.0905 7748 LSI_SAS - ok
23:56:36.0910 7748 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
23:56:36.0911 7748 LSI_SAS2 - ok
23:56:36.0915 7748 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
23:56:36.0917 7748 LSI_SCSI - ok
23:56:36.0921 7748 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
23:56:36.0923 7748 luafv - ok
23:56:36.0959 7748 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
23:56:36.0961 7748 Mcx2Svc - ok
23:56:36.0963 7748 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
23:56:36.0964 7748 megasas - ok
23:56:37.0002 7748 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
23:56:37.0006 7748 MegaSR - ok
23:56:37.0057 7748 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
23:56:37.0058 7748 MEIx64 - ok
23:56:37.0096 7748 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
23:56:37.0097 7748 MMCSS - ok
23:56:37.0103 7748 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
23:56:37.0104 7748 Modem - ok
23:56:37.0121 7748 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
23:56:37.0122 7748 monitor - ok
23:56:37.0139 7748 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
23:56:37.0139 7748 mouclass - ok
23:56:37.0147 7748 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
23:56:37.0148 7748 mouhid - ok
23:56:37.0162 7748 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
23:56:37.0163 7748 mountmgr - ok
23:56:37.0178 7748 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
23:56:37.0181 7748 mpio - ok
23:56:37.0184 7748 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
23:56:37.0186 7748 mpsdrv - ok
23:56:37.0219 7748 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
23:56:37.0228 7748 MpsSvc - ok
23:56:37.0256 7748 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
23:56:37.0259 7748 MRxDAV - ok
23:56:37.0262 7748 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
23:56:37.0265 7748 mrxsmb - ok
23:56:37.0271 7748 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
23:56:37.0275 7748 mrxsmb10 - ok
23:56:37.0278 7748 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
23:56:37.0280 7748 mrxsmb20 - ok
23:56:37.0282 7748 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
23:56:37.0283 7748 msahci - ok
23:56:37.0287 7748 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
23:56:37.0289 7748 msdsm - ok
23:56:37.0297 7748 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
23:56:37.0300 7748 MSDTC - ok
23:56:37.0306 7748 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
23:56:37.0307 7748 Msfs - ok
23:56:37.0333 7748 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
23:56:37.0334 7748 mshidkmdf - ok
23:56:37.0337 7748 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
23:56:37.0337 7748 msisadrv - ok
23:56:37.0377 7748 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
23:56:37.0380 7748 MSiSCSI - ok
23:56:37.0383 7748 msiserver - ok
23:56:37.0395 7748 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
23:56:37.0396 7748 MSKSSRV - ok
23:56:37.0411 7748 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
23:56:37.0412 7748 MSPCLOCK - ok
23:56:37.0414 7748 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
23:56:37.0415 7748 MSPQM - ok
23:56:37.0436 7748 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
23:56:37.0447 7748 MsRPC - ok
23:56:37.0452 7748 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
23:56:37.0452 7748 mssmbios - ok
23:56:37.0477 7748 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
23:56:37.0479 7748 MSTEE - ok
23:56:37.0481 7748 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
23:56:37.0482 7748 MTConfig - ok
23:56:37.0487 7748 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
23:56:37.0488 7748 Mup - ok
23:56:37.0545 7748 [ E3B58E3011B207C5289D11173B30E298 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
23:56:37.0548 7748 MyWiFiDHCPDNS - ok
23:56:37.0581 7748 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
23:56:37.0587 7748 napagent - ok
23:56:37.0630 7748 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
23:56:37.0634 7748 NativeWifiP - ok
23:56:37.0813 7748 [ F2840DBFE9322F35557219AE82CC4597 ] NAV C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe
23:56:37.0814 7748 NAV - ok
23:56:37.0947 7748 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20121113.009\ENG64.SYS
23:56:37.0949 7748 NAVENG - ok
23:56:38.0018 7748 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20121113.009\EX64.SYS
23:56:38.0027 7748 NAVEX15 - ok
23:56:38.0137 7748 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
23:56:38.0141 7748 NDIS - ok
23:56:38.0200 7748 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
23:56:38.0201 7748 NdisCap - ok
23:56:38.0267 7748 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
23:56:38.0268 7748 NdisTapi - ok
23:56:38.0301 7748 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
23:56:38.0303 7748 Ndisuio - ok
23:56:38.0337 7748 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
23:56:38.0339 7748 NdisWan - ok
23:56:38.0371 7748 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
23:56:38.0373 7748 NDProxy - ok
23:56:38.0376 7748 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
23:56:38.0377 7748 NetBIOS - ok
23:56:38.0456 7748 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
23:56:38.0467 7748 NetBT - ok
23:56:38.0491 7748 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
23:56:38.0492 7748 Netlogon - ok
23:56:38.0540 7748 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
23:56:38.0545 7748 Netman - ok
23:56:38.0689 7748 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:56:38.0691 7748 NetMsmqActivator - ok
23:56:38.0694 7748 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:56:38.0695 7748 NetPipeActivator - ok
23:56:38.0729 7748 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
23:56:38.0734 7748 netprofm - ok
23:56:38.0756 7748 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:56:38.0757 7748 NetTcpActivator - ok
23:56:38.0760 7748 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:56:38.0761 7748 NetTcpPortSharing - ok
23:56:38.0928 7748 [ 47DC062656EA661FE9175DBACAD00E9D ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys
23:56:39.0099 7748 NETwNs64 - ok
23:56:39.0140 7748 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
23:56:39.0142 7748 nfrd960 - ok
23:56:39.0175 7748 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
23:56:39.0178 7748 NlaSvc - ok
23:56:39.0181 7748 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
23:56:39.0182 7748 Npfs - ok
23:56:39.0193 7748 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
23:56:39.0195 7748 nsi - ok
23:56:39.0197 7748 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
23:56:39.0198 7748 nsiproxy - ok
23:56:39.0246 7748 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
23:56:39.0263 7748 Ntfs - ok
23:56:39.0284 7748 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
23:56:39.0285 7748 Null - ok
23:56:39.0298 7748 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
23:56:39.0310 7748 nvraid - ok
23:56:39.0313 7748 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
23:56:39.0316 7748 nvstor - ok
23:56:39.0323 7748 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
23:56:39.0325 7748 nv_agp - ok
23:56:39.0341 7748 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
23:56:39.0343 7748 ohci1394 - ok
23:56:39.0375 7748 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
23:56:39.0379 7748 p2pimsvc - ok
23:56:39.0394 7748 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
23:56:39.0400 7748 p2psvc - ok
23:56:39.0423 7748 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
23:56:39.0425 7748 Parport - ok
23:56:39.0454 7748 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
23:56:39.0456 7748 partmgr - ok
23:56:39.0486 7748 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
23:56:39.0489 7748 PcaSvc - ok
23:56:39.0516 7748 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
23:56:39.0518 7748 pci - ok
23:56:39.0521 7748 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
23:56:39.0522 7748 pciide - ok
23:56:39.0527 7748 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
23:56:39.0530 7748 pcmcia - ok
23:56:39.0532 7748 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
23:56:39.0534 7748 pcw - ok
23:56:39.0543 7748 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
23:56:39.0550 7748 PEAUTH - ok
23:56:39.0766 7748 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
23:56:39.0768 7748 PerfHost - ok
23:56:39.0825 7748 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
23:56:39.0826 7748 PGEffect - ok
23:56:39.0912 7748 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
23:56:39.0939 7748 pla - ok
23:56:40.0025 7748 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
23:56:40.0031 7748 PlugPlay - ok
23:56:40.0046 7748 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
23:56:40.0048 7748 PNRPAutoReg - ok
23:56:40.0075 7748 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
23:56:40.0077 7748 PNRPsvc - ok
23:56:40.0142 7748 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
23:56:40.0148 7748 PolicyAgent - ok
23:56:40.0219 7748 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\windows\system32\umpo.dll
23:56:40.0222 7748 Power - ok
23:56:40.0250 7748 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
23:56:40.0252 7748 PptpMiniport - ok
23:56:40.0268 7748 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
23:56:40.0269 7748 Processor - ok
23:56:40.0294 7748 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
23:56:40.0298 7748 ProfSvc - ok
23:56:40.0313 7748 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
23:56:40.0315 7748 ProtectedStorage - ok
23:56:40.0333 7748 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
23:56:40.0334 7748 Psched - ok
23:56:40.0367 7748 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
23:56:40.0382 7748 ql2300 - ok
23:56:40.0401 7748 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
23:56:40.0403 7748 ql40xx - ok
23:56:40.0428 7748 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
23:56:40.0432 7748 QWAVE - ok
23:56:40.0442 7748 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
23:56:40.0444 7748 QWAVEdrv - ok
23:56:40.0446 7748 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
23:56:40.0447 7748 RasAcd - ok
23:56:40.0491 7748 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
23:56:40.0492 7748 RasAgileVpn - ok
23:56:40.0520 7748 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
23:56:40.0523 7748 RasAuto - ok
23:56:40.0556 7748 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
23:56:40.0558 7748 Rasl2tp - ok
23:56:40.0583 7748 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
23:56:40.0588 7748 RasMan - ok
23:56:40.0591 7748 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
23:56:40.0593 7748 RasPppoe - ok
23:56:40.0606 7748 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
23:56:40.0608 7748 RasSstp - ok
23:56:40.0634 7748 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
23:56:40.0646 7748 rdbss - ok
23:56:40.0648 7748 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
23:56:40.0649 7748 rdpbus - ok
23:56:40.0659 7748 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
23:56:40.0659 7748 RDPCDD - ok
23:56:40.0664 7748 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
23:56:40.0665 7748 RDPENCDD - ok
23:56:40.0669 7748 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
23:56:40.0669 7748 RDPREFMP - ok
23:56:40.0703 7748 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
23:56:40.0706 7748 RDPWD - ok
23:56:40.0739 7748 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
23:56:40.0742 7748 rdyboost - ok
23:56:40.0798 7748 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
23:56:40.0799 7748 RegSrvc - ok
23:56:40.0828 7748 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
23:56:40.0830 7748 RemoteAccess - ok
23:56:40.0855 7748 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
23:56:40.0858 7748 RemoteRegistry - ok
23:56:40.0865 7748 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
23:56:40.0867 7748 RpcEptMapper - ok
23:56:40.0902 7748 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
23:56:40.0904 7748 RpcLocator - ok
23:56:40.0993 7748 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
23:56:40.0997 7748 RpcSs - ok
23:56:41.0062 7748 [ 40447D89F56780C49AC2EC22A05D5727 ] RSP2STOR C:\windows\system32\DRIVERS\RtsP2Stor.sys
23:56:41.0063 7748 RSP2STOR - ok
23:56:41.0087 7748 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
23:56:41.0089 7748 rspndr - ok
23:56:41.0102 7748 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
23:56:41.0103 7748 SamSs - ok
23:56:41.0106 7748 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
23:56:41.0108 7748 sbp2port - ok
23:56:41.0129 7748 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
23:56:41.0133 7748 SCardSvr - ok
23:56:41.0156 7748 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
23:56:41.0157 7748 scfilter - ok
23:56:41.0176 7748 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
23:56:41.0189 7748 Schedule - ok
23:56:41.0222 7748 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
23:56:41.0223 7748 SCPolicySvc - ok
23:56:41.0251 7748 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
23:56:41.0255 7748 SDRSVC - ok
23:56:41.0281 7748 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
23:56:41.0282 7748 secdrv - ok
23:56:41.0292 7748 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
23:56:41.0295 7748 seclogon - ok
23:56:41.0329 7748 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
23:56:41.0331 7748 SENS - ok
23:56:41.0353 7748 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
23:56:41.0355 7748 SensrSvc - ok
23:56:41.0370 7748 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
23:56:41.0372 7748 Serenum - ok
23:56:41.0396 7748 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
23:56:41.0407 7748 Serial - ok
23:56:41.0414 7748 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
23:56:41.0415 7748 sermouse - ok
23:56:41.0443 7748 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
23:56:41.0445 7748 SessionEnv - ok
23:56:41.0463 7748 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
23:56:41.0465 7748 sffdisk - ok
23:56:41.0467 7748 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
23:56:41.0468 7748 sffp_mmc - ok
23:56:41.0471 7748 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
23:56:41.0473 7748 sffp_sd - ok
23:56:41.0475 7748 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
23:56:41.0476 7748 sfloppy - ok
23:56:41.0495 7748 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
23:56:41.0500 7748 SharedAccess - ok
23:56:41.0540 7748 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
23:56:41.0545 7748 ShellHWDetection - ok
23:56:41.0576 7748 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
23:56:41.0578 7748 SiSRaid2 - ok
23:56:41.0581 7748 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
23:56:41.0582 7748 SiSRaid4 - ok
23:56:41.0588 7748 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
23:56:41.0591 7748 Smb - ok
23:56:41.0627 7748 [ 20C99358D42DB9585A21BF3BC27FC9BC ] SmbDrv C:\windows\system32\DRIVERS\Smb_driver.sys
23:56:41.0628 7748 SmbDrv - ok
23:56:41.0671 7748 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
23:56:41.0673 7748 SNMPTRAP - ok
23:56:41.0701 7748 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
23:56:41.0702 7748 spldr - ok
23:56:41.0741 7748 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
23:56:41.0745 7748 Spooler - ok
23:56:41.0809 7748 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
23:56:41.0824 7748 sppsvc - ok
23:56:41.0842 7748 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
23:56:41.0845 7748 sppuinotify - ok
23:56:41.0989 7748 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\windows\System32\Drivers\NAVx64\1309000.009\SRTSP64.SYS
23:56:41.0992 7748 SRTSP - ok
23:56:42.0018 7748 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\windows\system32\drivers\NAVx64\1309000.009\SRTSPX64.SYS
23:56:42.0019 7748 SRTSPX - ok
23:56:42.0049 7748 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
23:56:42.0054 7748 srv - ok
23:56:42.0071 7748 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
23:56:42.0075 7748 srv2 - ok
23:56:42.0079 7748 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
23:56:42.0081 7748 srvnet - ok
23:56:42.0125 7748 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
23:56:42.0128 7748 SSDPSRV - ok
23:56:42.0131 7748 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
23:56:42.0133 7748 SstpSvc - ok
23:56:42.0143 7748 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
23:56:42.0144 7748 stexstor - ok
23:56:42.0193 7748 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
23:56:42.0200 7748 stisvc - ok
23:56:42.0223 7748 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
23:56:42.0224 7748 swenum - ok
23:56:42.0257 7748 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
23:56:42.0264 7748 swprv - ok
23:56:42.0303 7748 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\windows\system32\drivers\NAVx64\1309000.009\SYMDS64.SYS
23:56:42.0305 7748 SymDS - ok
23:56:42.0350 7748 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\windows\system32\drivers\NAVx64\1309000.009\SYMEFA64.SYS
23:56:42.0355 7748 SymEFA - ok
23:56:42.0399 7748 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
23:56:42.0400 7748 SymEvent - ok
23:56:42.0425 7748 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\windows\system32\drivers\NAVx64\1309000.009\Ironx64.SYS
23:56:42.0426 7748 SymIRON - ok
23:56:42.0451 7748 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\windows\System32\Drivers\NAVx64\1309000.009\SYMNETS.SYS
23:56:42.0454 7748 SymNetS - ok
23:56:42.0493 7748 [ 7C7E05EEA6407130B3896A7A01390B6F ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
23:56:42.0495 7748 SynTP - ok
23:56:42.0538 7748 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
23:56:42.0556 7748 SysMain - ok
23:56:42.0565 7748 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
23:56:42.0567 7748 TabletInputService - ok
23:56:42.0593 7748 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
23:56:42.0597 7748 TapiSrv - ok
23:56:42.0605 7748 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
23:56:42.0607 7748 TBS - ok
23:56:42.0660 7748 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
23:56:42.0679 7748 Tcpip - ok
23:56:42.0727 7748 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
23:56:42.0735 7748 TCPIP6 - ok
23:56:42.0760 7748 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
23:56:42.0761 7748 tcpipreg - ok
23:56:42.0809 7748 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
23:56:42.0810 7748 tdcmdpst - ok
23:56:42.0827 7748 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
23:56:42.0828 7748 TDPIPE - ok
23:56:42.0845 7748 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
23:56:42.0846 7748 TDTCP - ok
23:56:42.0850 7748 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
23:56:42.0851 7748 tdx - ok
23:56:42.0870 7748 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
23:56:42.0871 7748 TermDD - ok
23:56:42.0913 7748 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
23:56:42.0921 7748 TermService - ok
23:56:42.0934 7748 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
23:56:42.0936 7748 Themes - ok
23:56:42.0995 7748 [ 7F35CA8296A52C7161088EB1D952E8ED ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
23:56:42.0996 7748 Thpdrv - ok
23:56:43.0010 7748 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
23:56:43.0011 7748 Thpevm - ok
23:56:43.0058 7748 [ 0B4734AE9EC70B843DF02E7B1C056377 ] Thpsrv C:\windows\system32\ThpSrv.exe
23:56:43.0061 7748 Thpsrv - ok
23:56:43.0096 7748 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
23:56:43.0097 7748 THREADORDER - ok
23:56:43.0160 7748 [ 521C21E7F6EAB98679F90CA4E135FB95 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
23:56:43.0161 7748 TMachInfo - ok
23:56:43.0185 7748 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
23:56:43.0187 7748 TODDSrv - ok
23:56:43.0289 7748 [ A7EFE68D424A55FA84CCB6099D1D93C0 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
23:56:43.0291 7748 TosCoSrv - ok
23:56:43.0330 7748 [ 6E2330FB032ED3EBEFC1349AD7081A98 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
23:56:43.0332 7748 TOSHIBA eco Utility Service - ok
23:56:43.0395 7748 [ 9338C2DEB14CA2804BCB3276CB7EB4FD ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
23:56:43.0395 7748 TOSHIBA HDD SSD Alert Service - ok
23:56:43.0453 7748 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
23:56:43.0458 7748 tos_sps64 - ok
23:56:43.0507 7748 [ 36CDD894395BEC46EFB14F49D77D3D82 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
23:56:43.0511 7748 TPCHSrv - ok
23:56:43.0536 7748 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
23:56:43.0539 7748 TrkWks - ok
23:56:43.0572 7748 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
23:56:43.0574 7748 TrustedInstaller - ok
23:56:43.0586 7748 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
23:56:43.0587 7748 tssecsrv - ok
23:56:43.0590 7748 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
23:56:43.0592 7748 TsUsbFlt - ok
23:56:43.0601 7748 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
23:56:43.0602 7748 TsUsbGD - ok
23:56:43.0631 7748 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
23:56:43.0632 7748 tunnel - ok
23:56:43.0666 7748 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
23:56:43.0667 7748 TVALZ - ok
23:56:43.0686 7748 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
23:56:43.0687 7748 TVALZFL - ok
23:56:43.0712 7748 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
23:56:43.0714 7748 uagp35 - ok
23:56:43.0720 7748 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
23:56:43.0724 7748 udfs - ok
23:56:43.0752 7748 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
23:56:43.0754 7748 UI0Detect - ok
23:56:43.0787 7748 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
23:56:43.0808 7748 uliagpkx - ok
23:56:43.0828 7748 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
23:56:43.0829 7748 umbus - ok
23:56:43.0832 7748 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
23:56:43.0834 7748 UmPass - ok
23:56:44.0004 7748 [ 182BBA1B43898D5DA0938D2E9A526B31 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:56:44.0020 7748 UNS - ok
23:56:44.0054 7748 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
23:56:44.0059 7748 upnphost - ok
23:56:44.0090 7748 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
23:56:44.0092 7748 usbccgp - ok
23:56:44.0095 7748 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
23:56:44.0097 7748 usbcir - ok
23:56:44.0101 7748 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
23:56:44.0102 7748 usbehci - ok
23:56:44.0111 7748 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
23:56:44.0115 7748 usbhub - ok
23:56:44.0118 7748 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
23:56:44.0119 7748 usbohci - ok
23:56:44.0155 7748 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
23:56:44.0156 7748 usbprint - ok
23:56:44.0178 7748 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
23:56:44.0180 7748 usbscan - ok
23:56:44.0183 7748 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
23:56:44.0185 7748 USBSTOR - ok
23:56:44.0187 7748 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
23:56:44.0189 7748 usbuhci - ok
23:56:44.0205 7748 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
23:56:44.0216 7748 usbvideo - ok
23:56:44.0242 7748 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
23:56:44.0244 7748 UxSms - ok
23:56:44.0258 7748 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
23:56:44.0259 7748 VaultSvc - ok
23:56:44.0294 7748 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
23:56:44.0295 7748 vdrvroot - ok
23:56:44.0329 7748 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
23:56:44.0336 7748 vds - ok
23:56:44.0373 7748 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
23:56:44.0374 7748 vga - ok
23:56:44.0377 7748 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
23:56:44.0379 7748 VgaSave - ok
23:56:44.0383 7748 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
23:56:44.0386 7748 vhdmp - ok
23:56:44.0389 7748 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
23:56:44.0390 7748 viaide - ok
23:56:44.0394 7748 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
23:56:44.0395 7748 volmgr - ok
23:56:44.0401 7748 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
23:56:44.0404 7748 volmgrx - ok
23:56:44.0417 7748 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
23:56:44.0420 7748 volsnap - ok
23:56:44.0430 7748 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
23:56:44.0432 7748 vsmraid - ok
23:56:44.0478 7748 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
23:56:44.0496 7748 VSS - ok
23:56:44.0508 7748 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
23:56:44.0509 7748 vwifibus - ok
23:56:44.0525 7748 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
23:56:44.0527 7748 vwififlt - ok
23:56:44.0540 7748 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
23:56:44.0541 7748 vwifimp - ok
23:56:44.0572 7748 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
23:56:44.0577 7748 W32Time - ok
23:56:44.0598 7748 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
23:56:44.0599 7748 WacomPen - ok
23:56:44.0626 7748 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
23:56:44.0628 7748 WANARP - ok
23:56:44.0631 7748 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
23:56:44.0632 7748 Wanarpv6 - ok
23:56:44.0746 7748 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
23:56:44.0759 7748 WatAdminSvc - ok
23:56:44.0828 7748 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
23:56:44.0845 7748 wbengine - ok
23:56:44.0852 7748 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
23:56:44.0856 7748 WbioSrvc - ok
23:56:44.0861 7748 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
23:56:44.0866 7748 wcncsvc - ok
23:56:44.0879 7748 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
23:56:44.0881 7748 WcsPlugInService - ok
23:56:44.0922 7748 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
23:56:44.0923 7748 Wd - ok
23:56:44.0965 7748 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
23:56:44.0972 7748 Wdf01000 - ok
23:56:44.0994 7748 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
23:56:44.0997 7748 WdiServiceHost - ok
23:56:44.0999 7748 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
23:56:45.0001 7748 WdiSystemHost - ok
23:56:45.0055 7748 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
23:56:45.0059 7748 WebClient - ok
23:56:45.0076 7748 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
23:56:45.0081 7748 Wecsvc - ok
23:56:45.0112 7748 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
23:56:45.0114 7748 wercplsupport - ok
23:56:45.0186 7748 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
23:56:45.0188 7748 WerSvc - ok
23:56:45.0252 7748 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
23:56:45.0253 7748 WfpLwf - ok
23:56:45.0256 7748 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
23:56:45.0257 7748 WIMMount - ok
23:56:45.0266 7748 WinDefend - ok
23:56:45.0272 7748 WinHttpAutoProxySvc - ok
23:56:45.0390 7748 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
23:56:45.0392 7748 Winmgmt - ok
23:56:45.0441 7748 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
23:56:45.0462 7748 WinRM - ok
23:56:45.0528 7748 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
23:56:45.0529 7748 WinUsb - ok
23:56:45.0573 7748 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
23:56:45.0583 7748 Wlansvc - ok
23:56:45.0645 7748 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:56:45.0647 7748 wlcrasvc - ok
23:56:45.0736 7748 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:56:45.0746 7748 wlidsvc - ok
23:56:45.0764 7748 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
23:56:45.0765 7748 WmiAcpi - ok
23:56:45.0805 7748 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
23:56:45.0808 7748 wmiApSrv - ok
23:56:45.0826 7748 WMPNetworkSvc - ok
23:56:45.0849 7748 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
23:56:45.0851 7748 WPCSvc - ok
23:56:45.0854 7748 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
23:56:45.0856 7748 WPDBusEnum - ok
23:56:45.0887 7748 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
23:56:45.0888 7748 ws2ifsl - ok
23:56:45.0904 7748 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
23:56:45.0907 7748 wscsvc - ok
23:56:45.0909 7748 WSearch - ok
23:56:45.0965 7748 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
23:56:45.0989 7748 wuauserv - ok
23:56:46.0010 7748 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
23:56:46.0012 7748 WudfPf - ok
23:56:46.0024 7748 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
23:56:46.0027 7748 WUDFRd - ok
23:56:46.0087 7748 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
23:56:46.0090 7748 wudfsvc - ok
23:56:46.0138 7748 [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc C:\windows\System32\wwansvc.dll
23:56:46.0149 7748 WwanSvc - ok
23:56:46.0175 7748 [ C6B289A70A2D36242A2CCAA2715E1747 ] X5XSEx_Pr143 C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys
23:56:46.0176 7748 X5XSEx_Pr143 - ok
23:56:46.0235 7748 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
23:56:46.0238 7748 YahooAUService - ok
23:56:46.0355 7748 [ 74713CB32792F9C7632DAA7DA22CA974 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
23:56:46.0357 7748 ZeroConfigService - ok
23:56:46.0363 7748 ================ Scan global ===============================
23:56:46.0383 7748 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
23:56:46.0418 7748 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
23:56:46.0425 7748 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
23:56:46.0464 7748 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
23:56:46.0483 7748 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
23:56:46.0486 7748 [Global] - ok
23:56:46.0486 7748 ================ Scan MBR ==================================
23:56:46.0495 7748 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
23:56:46.0496 7748 Suspicious mbr (Forged): \Device\Harddisk0\DR0
23:56:46.0542 7748 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
23:56:46.0542 7748 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
23:56:46.0588 7748 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
23:56:46.0588 7748 \Device\Harddisk0\DR0 - detected TDSS File System (1)
23:56:46.0588 7748 ================ Scan VBR ==================================
23:56:46.0616 7748 [ D9F314127C023C6A2B12FFEEFCDE4821 ] \Device\Harddisk0\DR0\Partition1
23:56:46.0618 7748 \Device\Harddisk0\DR0\Partition1 - ok
23:56:46.0618 7748 ============================================================
23:56:46.0618 7748 Scan finished
23:56:46.0618 7748 ============================================================
23:56:46.0625 5472 Detected object count: 2
23:56:46.0625 5472 Actual detected object count: 2
23:57:06.0739 5472 \Device\Harddisk0\DR0\# - copied to quarantine
23:57:06.0741 5472 \Device\Harddisk0\DR0 - copied to quarantine
23:57:06.0833 5472 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
23:57:06.0836 5472 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
23:57:06.0850 5472 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
23:57:06.0859 5472 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
23:57:06.0861 5472 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
23:57:06.0862 5472 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
23:57:06.0864 5472 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
23:57:06.0866 5472 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
23:57:06.0869 5472 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
23:57:06.0871 5472 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
23:57:06.0872 5472 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
23:57:06.0874 5472 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
23:57:06.0907 5472 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
23:57:06.0973 5472 \Device\Harddisk0\DR0 - ok
23:57:07.0432 5472 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
23:57:07.0432 5472 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
23:57:07.0432 5472 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
23:59:14.0232 6300 Deinitialize success




# AdwCleaner v2.007 - Logfile created 11/13/2012 at 23:59:17
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : cindy swinden - SWINDEN4
# Boot Mode : Normal
# Running from : C:\Users\cindy swinden\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : DefaultTabSearch
Stopped & Deleted : DefaultTabUpdate

***** [Files / Folders] *****

File Deleted : C:\Users\cindy swinden\Desktop\Free Dolphin Screensaver.lnk
Folder Deleted : C:\Program Files (x86)\DefaultTab
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\GamesBar
Folder Deleted : C:\Program Files (x86)\Shop To Win
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\ProgramData\GamesBar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\cindy swinden\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Folder Deleted : C:\Users\cindy swinden\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Folder Deleted : C:\Users\cindy swinden\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\cindy swinden\Documents\ShopToWin

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Compete
Key Deleted : HKCU\Software\AppDataLow\Software\CompeteInc
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\Compete
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\ShopToWin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A57F7191-1E7F-4852-BAAF-F80A43E2687A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{DBBBC528-9C8C-4051-9187-ED6F01A457C9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{DD7C44CC-0F60-4FD9-A38F-5CF30D698AC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EB583FE1-9458-4EDA-AC68-24D24F17C70F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\CptUrlPassthru.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dca-api.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dca-bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShoppingBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor
Key Deleted : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor.1
Key Deleted : HKLM\SOFTWARE\Classes\dcabho.Dca
Key Deleted : HKLM\SOFTWARE\Classes\dcabho.Dca.1
Key Deleted : HKLM\SOFTWARE\Classes\FCSB000063449.JSOptionsImpl
Key Deleted : HKLM\SOFTWARE\Classes\FCSB000063449.JSOptionsImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\FCSB000063449.Shopping
Key Deleted : HKLM\SOFTWARE\Classes\FCSB000063449.Shopping.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7BAB653D-88FB-4F60-AFC2-8E6FD59FAFF3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A57F7191-1E7F-4852-BAAF-F80A43E2687A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C8758BC4-4581-48C7-BA38-C1A650477AE9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\CompeteInc
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1A93C934-025B-4C3A-B38E-9654A7003239}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60260024-AA48-4A2F-84DA-2C2DCB24AAD0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Shop To Win]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\cindy swinden\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [8171 octets] - [13/11/2012 23:59:17]

########## EOF - C:\AdwCleaner[S1].txt - [8231 octets] ##########




SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/14/2012 at 00:48 AM

Application Version : 5.6.1014

Core Rules Database Version : 9580
Trace Rules Database Version: 7392

Scan type : Complete Scan
Total Scan Time : 00:38:41

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 610
Memory threats detected : 0
Registry items scanned : 71480
Registry threats detected : 30
File items scanned : 43389
File threats detected : 267

Adware.RivalGaming
(x86) HKCR\CLSID\{26D675AC-D925-4BBF-A720-62C2AA4A81EB}
(x86) HKCR\CLSID\{26D675AC-D925-4BBF-A720-62C2AA4A81EB}\InprocServer32
(x86) HKCR\CLSID\{26D675AC-D925-4BBF-A720-62C2AA4A81EB}\InprocServer32#ThreadingModel
(x86) HKCR\CLSID\{26D675AC-D925-4BBF-A720-62C2AA4A81EB}\ProgID
(x86) HKCR\CLSID\{26D675AC-D925-4BBF-A720-62C2AA4A81EB}\Programmable
(x86) HKCR\CLSID\{26D675AC-D925-4BBF-A720-62C2AA4A81EB}\TypeLib
(x86) HKCR\CLSID\{26D675AC-D925-4BBF-A720-62C2AA4A81EB}\VersionIndependentProgID
(x86) HKLM\Software\Classes\CLSID\{26D675AC-D925-4bbf-A720-62C2AA4A81EB}
(x86) HKCR\CLSID\{26D675AC-D925-4BBF-A720-62C2AA4A81EB}
(x86) HKCR\RivalGaming.Module.1
(x86) HKCR\RivalGaming.Module.1\CLSID
(x86) HKCR\RivalGaming.Module
(x86) HKCR\RivalGaming.Module\CLSID
(x86) HKCR\RivalGaming.Module\CurVer
(x86) HKCR\TypeLib\{275DA4CE-9717-4da7-B19B-490CB937718F}
(x86) HKCR\TypeLib\{275DA4CE-9717-4da7-B19B-490CB937718F}\1.0
(x86) HKCR\TypeLib\{275DA4CE-9717-4da7-B19B-490CB937718F}\1.0\0
(x86) HKCR\TypeLib\{275DA4CE-9717-4da7-B19B-490CB937718F}\1.0\0\win32
(x86) HKCR\TypeLib\{275DA4CE-9717-4da7-B19B-490CB937718F}\1.0\FLAGS
(x86) HKCR\TypeLib\{275DA4CE-9717-4da7-B19B-490CB937718F}\1.0\HELPDIR
C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\RIVALGAMING\RIVALGAMING.DLL
(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26D675AC-D925-4bbf-A720-62C2AA4A81EB}
(x86) HKU\S-1-5-21-2418494816-2196345058-1927274749-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26D675AC-D925-4BBF-A720-62C2AA4A81EB}
(x86) HKCR\Interface\{DECB1BC9-7B19-411B-85B7-2B9FF33E2BE7}
(x86) HKCR\Interface\{DECB1BC9-7B19-411B-85B7-2B9FF33E2BE7}\ProxyStubClsid32
(x86) HKCR\Interface\{DECB1BC9-7B19-411B-85B7-2B9FF33E2BE7}\TypeLib
(x86) HKCR\Interface\{DECB1BC9-7B19-411B-85B7-2B9FF33E2BE7}\TypeLib#Version
(x86) HKCR\Interface\{F03DA033-A35C-4F66-8849-5F68A181F632}
(x86) HKCR\Interface\{F03DA033-A35C-4F66-8849-5F68A181F632}\ProxyStubClsid32
(x86) HKCR\Interface\{F03DA033-A35C-4F66-8849-5F68A181F632}\TypeLib
(x86) HKCR\Interface\{F03DA033-A35C-4F66-8849-5F68A181F632}\TypeLib#Version

Adware.Tracking Cookie
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\HTLQUVSP.txt [ /mediaservices-d.openxenterprise.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\IJ0T25RZ.txt [ /advertising.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\15W6CIDM.txt [ /imrworldwide.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\9EG4BT7O.txt [ /247realmedia.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\4STML14G.txt [ /ads.undertone.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\W84N70T3.txt [ /questionmarket.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\PT0ZY3EM.txt [ /media6degrees.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\1BODKUUA.txt [ /account.norton.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\1I0E6WJO.txt [ /realmedia.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\Z5MUF70R.txt [ /tribalfusion.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\C1MQXYGF.txt [ /lucidmedia.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\E2MXWKHT.txt [ /apmebf.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\OEQ9PUAW.txt [ /fastclick.net ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\QK9K95UD.txt [ /legolas-media.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\I9QAH39Q.txt [ /a.intentmedia.net ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\PR1FC7GH.txt [ /interclick.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\ZQGNAJPG.txt [ /at.atwola.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\KJJ07B0N.txt [ /revsci.net ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\FYITPUEI.txt [ /collective-media.net ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\ND9LKKVT.txt [ /atdmt.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\J49M8Q19.txt [ /insightexpressai.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\K7JG1HRW.txt [ /adbrite.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\4KDR0HP1.txt [ /network.realmedia.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\0Y9BBIQ9.txt [ /ru4.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\7SVYULO5.txt [ /tacoda.at.atwola.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\WNDYQQDM.txt [ /doubleclick.net ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\MIO2VZ2Y.txt [ /ad.yieldmanager.com ]
C:\Users\cindy swinden\AppData\Roaming\Microsoft\Windows\Cookies\BA07BWEP.txt [ /invitemedia.com ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\1ACY2X0H.txt [ Cookie:cindy swinden@www.googleadservices.com/pagead/conversion/1069620997/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\UTQWT624.txt [ Cookie:cindy swinden@www.googleadservices.com/pagead/conversion/996645526/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\F6R0A03V.txt [ Cookie:cindy swinden@cbcnewmedia.112.2o7.net/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\5KCY08EC.txt [ Cookie:cindy swinden@mywebsearch.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\EE9S4OL4.txt [ Cookie:cindy swinden@ad.mlnadvertising.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\RBM7XDIX.txt [ Cookie:cindy swinden@advertising.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\IT406V5P.txt [ Cookie:cindy swinden@adserver.zenoviaexchange.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\HC1ISUQ5.txt [ Cookie:cindy swinden@adnet.affinity.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\5NYTVADM.txt [ Cookie:cindy swinden@247realmedia.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\6PO4IK48.txt [ Cookie:cindy swinden@bs.serving-sys.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\6DMQB3JD.txt [ Cookie:cindy swinden@liveperson.net/hc/44153975 ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\6B2I7HFJ.txt [ Cookie:cindy swinden@saymedia.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\69TK35NH.txt [ Cookie:cindy swinden@www.googleadservices.com/pagead/conversion/1015658707/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\P03TWWQS.txt [ Cookie:cindy swinden@questionmarket.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\FEIGL5OR.txt [ Cookie:cindy swinden@www.googleadservices.com/pagead/conversion/1033292869/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\IPS6HNEH.txt [ Cookie:cindy swinden@auto-price-finder.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\24VL6DN1.txt [ Cookie:cindy swinden@www.google.com/accounts ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\61HAFV8Z.txt [ Cookie:cindy swinden@newsday.122.2o7.net/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\HGLG718A.txt [ Cookie:cindy swinden@servads.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\47IREYXD.txt [ Cookie:cindy swinden@media6degrees.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\KG67M26Y.txt [ Cookie:cindy swinden@realmedia.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\BZQ6KWJW.txt [ Cookie:cindy swinden@banners.andomedia.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\FEEFFP1A.txt [ Cookie:cindy swinden@crackle.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\M9SWHNIA.txt [ Cookie:cindy swinden@tribalfusion.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\LEWYFSFU.txt [ Cookie:cindy swinden@specificclick.net/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\A1G1ZO5L.txt [ Cookie:cindy swinden@fastclick.net/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\M9HST274.txt [ Cookie:cindy swinden@edge.jeetyetmedia.com/ads/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\C36P7RCD.txt [ Cookie:cindy swinden@www.googleadservices.com/pagead/conversion/1052740578/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z6ZPF5PA.txt [ Cookie:cindy swinden@petfinder.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\01HTO1KX.txt [ Cookie:cindy swinden@a1.interclick.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\CPF8O63J.txt [ Cookie:cindy swinden@adserver.adtechus.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\EM77OZAJ.txt [ Cookie:cindy swinden@revsci.net/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\H43IAGIH.txt [ Cookie:cindy swinden@collective-media.net/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\3CQMYJJH.txt [ Cookie:cindy swinden@pointroll.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\9VDT9JC4.txt [ Cookie:cindy swinden@www.googleadservices.com/pagead/conversion/1034892697/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\HVPHHD71.txt [ Cookie:cindy swinden@insightexpressai.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\01S7PDHK.txt [ Cookie:cindy swinden@adsonar.com/adserving ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\BGP96Y5I.txt [ Cookie:cindy swinden@adbrite.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\GDCKJFA6.txt [ Cookie:cindy swinden@accounts.google.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\EOV481W0.txt [ Cookie:cindy swinden@network.realmedia.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\O6976YPW.txt [ Cookie:cindy swinden@burstnet.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\6E32CDJZ.txt [ Cookie:cindy swinden@edge.jeetyetmedia.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\D8MTXR4K.txt [ Cookie:cindy swinden@ads.pointroll.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\JIJG6YQM.txt [ Cookie:cindy swinden@casalemedia.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\LCGETCZY.txt [ Cookie:cindy swinden@mediaplex.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\FNZSVXT7.txt [ Cookie:cindy swinden@ru4.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\8ZDYNIC3.txt [ Cookie:cindy swinden@traffic.prod.cobaltgroup.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\WSXQ0Y9S.txt [ Cookie:cindy swinden@www.googleadservices.com/pagead/conversion/1056951002/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\W4HWXKA3.txt [ Cookie:cindy swinden@intermundomedia.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\CQCUIVCL.txt [ Cookie:cindy swinden@overture.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\8L52X21A.txt [ Cookie:cindy swinden@smartadserver.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\5NMI3YJJ.txt [ Cookie:cindy swinden@home.mywebsearch.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\OFEH54EQ.txt [ Cookie:cindy swinden@liveperson.net/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\42Y27B0H.txt [ Cookie:cindy swinden@tacoda.at.atwola.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\K2WDUDKV.txt [ Cookie:cindy swinden@doubleclick.net/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\D26V2UWW.txt [ Cookie:cindy swinden@www.googleadservices.com/pagead/conversion/1064647855/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\GW2RSSSE.txt [ Cookie:cindy swinden@serving-sys.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\NTNPJ951.txt [ Cookie:cindy swinden@invitemedia.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\YTHCY7SO.txt [ Cookie:cindy swinden@trafficregenerator.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\KOYQDV2A.txt [ Cookie:cindy swinden@www.googleadservices.com/pagead/conversion/1013776351/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\5Y1IQT6I.txt [ Cookie:cindy swinden@click.searchwebresults.com/ads-clicktrack/click/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\MDV8TRPU.txt [ Cookie:cindy swinden@avanquest.upclick.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\YLQ7YXKT.txt [ Cookie:cindy swinden@ar.atwola.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\VBLCP96K.txt [ Cookie:cindy swinden@cpvtracking2.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\VW0IKEQI.txt [ Cookie:cindy swinden@upclick.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\A7NOG4H5.txt [ Cookie:cindy swinden@steelhousemedia.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\51OVFFRN.txt [ Cookie:cindy swinden@ww251.smartadserver.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\5ZW85VYA.txt [ Cookie:cindy swinden@clickfuse.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\RGEHFYX8.txt [ Cookie:cindy swinden@enlinettrack.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\LXV5DI97.txt [ Cookie:cindy swinden@media2.legacy.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\G0VRNQKP.txt [ Cookie:cindy swinden@sales.liveperson.net/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\39J41OW9.txt [ Cookie:cindy swinden@tacoda.net/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\NFJJ2DXW.txt [ Cookie:cindy swinden@www.googleadservices.com/pagead/conversion/1019974448/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\MB72X8S2.txt [ Cookie:cindy swinden@www.googleadservices.com/pagead/conversion/1051415940/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\4T0E9IXE.txt [ Cookie:cindy swinden@matcher.realmedia.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\IZMG534G.txt [ Cookie:cindy swinden@statcounter.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\N8FT2Q1E.txt [ Cookie:cindy swinden@www.googleadservices.com/pagead/conversion/1071174766/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\HE7F19DY.txt [ Cookie:cindy swinden@2o7.net/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\48FOAV5L.txt [ Cookie:cindy swinden@mm.chitika.net/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\O8REF6E4.txt [ Cookie:cindy swinden@vpmc.122.2o7.net/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\0ICA47XN.txt [ Cookie:cindy swinden@adtech.de/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\P7060PG1.txt [ Cookie:cindy swinden@media.adfrontiers.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\5TONAGXU.txt [ Cookie:cindy swinden@c.atdmt.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZIWM4UJG.txt [ Cookie:cindy swinden@jeetyetmedia.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\6JQ72J9G.txt [ Cookie:cindy swinden@s.clickability.com/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\2OD36IAW.txt [ Cookie:cindy swinden@www.googleadservices.com/pagead/conversion/997443033/ ]
C:\USERS\CINDY SWINDEN\AppData\Roaming\Microsoft\Windows\Cookies\Low\HEZFXZTK.txt [ Cookie:cindy swinden@yieldmanager.net/ ]
C:\USERS\CINDY SWINDEN\Cookies\HTLQUVSP.txt [ Cookie:cindy swinden@mediaservices-d.openxenterprise.com/ ]
C:\USERS\CINDY SWINDEN\Cookies\IJ0T25RZ.txt [ Cookie:cindy swinden@advertising.com/ ]
C:\USERS\CINDY SWINDEN\Cookies\9EG4BT7O.txt [ Cookie:cindy swinden@247realmedia.com/ ]
C:\USERS\CINDY SWINDEN\Cookies\W84N70T3.txt [ Cookie:cindy swinden@questionmarket.com/ ]
C:\USERS\CINDY SWINDEN\Cookies\PT0ZY3EM.txt [ Cookie:cindy swinden@media6degrees.com/ ]
C:\USERS\CINDY SWINDEN\Cookies\1BODKUUA.txt [ Cookie:cindy swinden@account.norton.com/ ]
C:\USERS\CINDY SWINDEN\Cookies\1I0E6WJO.txt [ Cookie:cindy swinden@realmedia.com/ ]
C:\USERS\CINDY SWINDEN\Cookies\Z5MUF70R.txt [ Cookie:cindy swinden@tribalfusion.com/ ]
C:\USERS\CINDY SWINDEN\Cookies\OEQ9PUAW.txt [ Cookie:cindy swinden@fastclick.net/ ]
C:\USERS\CINDY SWINDEN\Cookies\KJJ07B0N.txt [ Cookie:cindy swinden@revsci.net/ ]
C:\USERS\CINDY SWINDEN\Cookies\FYITPUEI.txt [ Cookie:cindy swinden@collective-media.net/ ]
C:\USERS\CINDY SWINDEN\Cookies\J49M8Q19.txt [ Cookie:cindy swinden@insightexpressai.com/ ]
C:\USERS\CINDY SWINDEN\Cookies\K7JG1HRW.txt [ Cookie:cindy swinden@adbrite.com/ ]
C:\USERS\CINDY SWINDEN\Cookies\4KDR0HP1.txt [ Cookie:cindy swinden@network.realmedia.com/ ]
C:\USERS\CINDY SWINDEN\Cookies\0Y9BBIQ9.txt [ Cookie:cindy swinden@ru4.com/ ]
C:\USERS\CINDY SWINDEN\Cookies\7SVYULO5.txt [ Cookie:cindy swinden@tacoda.at.atwola.com/ ]
C:\USERS\CINDY SWINDEN\Cookies\WNDYQQDM.txt [ Cookie:cindy swinden@doubleclick.net/ ]
C:\USERS\CINDY SWINDEN\Cookies\BA07BWEP.txt [ Cookie:cindy swinden@invitemedia.com/ ]
.collective-media.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.reedge.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.reedge.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.reedge.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.strayeruniversity.112.2o7.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.youtube.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petfinder.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petfinder.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.petfinder.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petfinder.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petfinder.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petfinder.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petfinder.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petfinder.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bridge.ame.admarketplace.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.admarketplace.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kanoodle.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
webtracker.educationconnection.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.acclaimnetwork.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.acclaimnetwork.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
sales.liveperson.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.synacortoshiba.112.2o7.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cloud.bannergadgets.com [ C:\USERS\CINDY SWINDEN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UBUUPX5K ]
core.saymedia.com [ C:\USERS\CINDY SWINDEN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UBUUPX5K ]

Adware.Gamevance
C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\ADHMHCLAFDHFABMMGLBCNGPDDPDEIJGD\NPRIVALGAMINGGC.DLL

PUP.MyWebSearch
C:\USERS\CINDY SWINDEN\APPDATA\LOCAL\TEMP\LOW\TEMPORARY INTERNET FILES\CONTENT.IE5\KD0UZTET\unified[1].css [ cache:mywebsearch.com ]





MiniToolBox by Farbar Version: 10-11-2012 02
Ran by cindy swinden (administrator) on 14-11-2012 at 14:32:48
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 2200 = Wireless Network Connection (Connected)
Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : swinden4
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hvc.rr.com

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 9C-4E-36-2A-16-FD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 9C-4E-36-2A-16-FD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hvc.rr.com
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 2200
Physical Address. . . . . . . . . : 9C-4E-36-2A-16-FC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::19ef:849a:8b1d:4aa3%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.118(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, November 14, 2012 2:29:01 PM
Lease Expires . . . . . . . . . . : Thursday, November 15, 2012 2:29:01 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 312233526
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-74-16-3B-00-26-6C-22-0F-68
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 00-26-6C-22-0F-68
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hvc.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hvc.rr.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:24dc:2f15:3f57:fe89(Preferred)
Link-local IPv6 Address . . . . . : fe80::24dc:2f15:3f57:fe89%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2607:f8b0:4004:802::1009
74.125.228.73
74.125.228.78
74.125.228.64
74.125.228.65
74.125.228.66
74.125.228.67
74.125.228.68
74.125.228.69
74.125.228.70
74.125.228.71
74.125.228.72


Pinging google.com [74.125.228.2] with 32 bytes of data:
Reply from 74.125.228.2: bytes=32 time=246ms TTL=52
Reply from 74.125.228.2: bytes=32 time=266ms TTL=52

Ping statistics for 74.125.228.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 246ms, Maximum = 266ms, Average = 256ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=442ms TTL=49
Reply from 72.30.38.140: bytes=32 time=491ms TTL=49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 442ms, Maximum = 491ms, Average = 466ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...9c 4e 36 2a 16 fd ......Microsoft Virtual WiFi Miniport Adapter #2
13...9c 4e 36 2a 16 fd ......Microsoft Virtual WiFi Miniport Adapter
12...9c 4e 36 2a 16 fc ......Intel® Centrino® Wireless-N 2200
11...00 26 6c 22 0f 68 ......Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.118 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.118 286
192.168.1.118 255.255.255.255 On-link 192.168.1.118 286
192.168.1.255 255.255.255.255 On-link 192.168.1.118 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.118 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.118 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:9d38:6ab8:24dc:2f15:3f57:fe89/128
On-link
12 286 fe80::/64 On-link
15 306 fe80::/64 On-link
12 286 fe80::19ef:849a:8b1d:4aa3/128
On-link
15 306 fe80::24dc:2f15:3f57:fe89/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
12 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/14/2012 02:25:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2012 01:51:58 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2012 00:00:55 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/13/2012 11:03:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/13/2012 10:46:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/13/2012 10:46:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Exception code: 0xc0000005
Fault offset: 0x00002d80
Faulting process id: 0x63c
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3

Error: (11/10/2012 08:52:14 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2012 08:52:13 AM) (Source: Application Error) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5004e5aa
Exception code: 0xc0000005
Fault offset: 0x00002d80
Faulting process id: 0x674
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3

Error: (11/10/2012 08:05:55 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6
Faulting module name: MSHTML.dll, version: 9.0.8112.16450, time stamp: 0x50372c8a
Exception code: 0xc0000005
Fault offset: 0x0040a50d
Faulting process id: 0x1f30
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/10/2012 08:04:40 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x086c7970
Faulting process id: 0xaa8
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (11/13/2012 11:04:33 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (11/13/2012 11:04:26 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (11/13/2012 10:46:50 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).

Error: (11/13/2012 10:46:34 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:25:50 PM on ?11/?10/?2012 was unexpected.

Error: (11/10/2012 08:52:14 AM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).

Error: (11/10/2012 08:09:19 AM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service failed to start due to the following error:
%%1069

Error: (11/10/2012 08:09:19 AM) (Source: Service Control Manager) (User: )
Description: The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (11/10/2012 08:09:19 AM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service failed to start due to the following error:
%%1069

Error: (11/10/2012 08:09:19 AM) (Source: Service Control Manager) (User: )
Description: The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:
%%1352

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (11/10/2012 08:09:19 AM) (Source: DCOM) (User: )
Description: 1069upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}


Microsoft Office Sessions:
=========================
Error: (11/14/2012 02:25:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2012 01:51:58 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2012 00:00:55 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/13/2012 11:03:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/13/2012 10:46:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/13/2012 10:46:38 PM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.05004e5aaDefaultTabSearch.exe0.0.0.05004e5aac000000500002d8063c01cdc21aa4a0123aC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exee42f76a6-2e0d-11e2-97ce-9c4e362a16fc

Error: (11/10/2012 08:52:14 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2012 08:52:13 AM) (Source: Application Error)(User: )
Description: DefaultTabSearch.exe0.0.0.05004e5aaDefaultTabSearch.exe0.0.0.05004e5aac000000500002d8067401cdbf4a8c6e2e48C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exed443c579-2b3d-11e2-9589-00266c220f68

Error: (11/10/2012 08:05:55 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16450503723f6MSHTML.dll9.0.8112.1645050372c8ac00000050040a50d1f3001cdbf441c9bc461C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\windows\system32\MSHTML.dll5c2a8e52-2b37-11e2-b65b-00266c220f68

Error: (11/10/2012 08:04:40 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5unknown0.0.0.000000000c0000005086c7970aa801cdbf42100a1d67\\.\globalroot\systemroot\svchost.exeunknown2fc6a0b7-2b37-11e2-b65b-00266c220f68


=========================== Installed Programs ============================

7 Wonders II
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.228)
Adobe Reader X MUI (Version: 10.0.0)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 2.0.12.13)
Consumer Input Software (remove only) (Version: 2.7.1.7915)
D3DX10 (Version: 15.4.2368.0902)
Free Ride Games Player
GamesBar 2.0.1.82 (Version: 2.0.1.82)
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 23.0.1271.64)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Intel PROSet Wireless
Intel® Manageability Engine Firmware Recovery Agent (Version: 1.0.0.35342)
Intel® Management Engine Components (Version: 8.0.1.1399)
Intel® OpenCL CPU Runtime
Intel® Processor Graphics (Version: 8.15.10.2712)
Intel® Rapid Storage Technology (Version: 11.0.0.1032)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.4.220)
Intel® WiDi (Version: 3.0.12.0)
Intel® Wireless Display
Intel® PROSet/Wireless WiFi Software (Version: 15.00.0000.0708)
Intel® Trusted Connect Service Client (Version: 1.23.219.2)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Norton AntiVirus (Version: 19.9.0.9)
Playalot Games (Version: 1.0.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6581)
Realtek PCIE Card Reader (Version: 6.1.7601.29006)
RivalGaming
Roads of Rome
Shop To Win (Version: 1.2.0.0)
SRS Premium Sound Control Panel (Version: 1.12.1100)
SUPERAntiSpyware (Version: 5.6.1014)
Synaptics Pointing Device Driver (Version: 15.3.41.7)
The Treasures of Montezuma
TOSHIBA Application Installer (Version: 9.0.1.2)
TOSHIBA Assist (Version: 4.2.3.1)
Toshiba Book Place (Version: 3.0.9490)
TOSHIBA Bulletin Board (Version: 1.6.11.64)
TOSHIBA Disc Creator (Version: 2.1.0.11 for x64)
TOSHIBA eco Utility (Version: 1.3.10.64)
TOSHIBA Face Recognition (Version: 3.1.18.64)
TOSHIBA Hardware Setup (Version: 2.1.0.8)
TOSHIBA HDD Protection (Version: 2.2.2.15)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.11)
TOSHIBA Media Controller (Version: 1.0.87.5)
TOSHIBA Media Controller Plug-in (Version: 1.0.7.7)
TOSHIBA PC Health Monitor (Version: 1.7.15.64)
TOSHIBA Quality Application (Version: 1.0.4)
TOSHIBA Recovery Media Creator (Version: 2.1.6.52020009)
TOSHIBA ReelTime (Version: 1.7.21.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.2004)
Toshiba Security Dashboard (Version: 1.0.0.48)
TOSHIBA Service Station (Version: 2.3.0)
TOSHIBA Sleep Utility (Version: 1.4.0022.000104)
TOSHIBA Supervisor Password (Version: 2.1.0.3)
TOSHIBA User's Guide (Version: 1.00.02)
TOSHIBA Value Added Package (Version: 1.6.0022.640207)
TOSHIBA VIDEO PLAYER (Version: 5.0.0.22-A)
TOSHIBA Web Camera Application (Version: 2.0.3.33)
TOSHIBA Wireless Display Monitor (Version: 1.0.1)
TOSHIBARegistration (Version: 1.0.9)
Unlikely Suspects
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Video Download Converter version 1.0.0.0 (Version: 1.0.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 6063.3 MB
Available physical RAM: 4188.56 MB
Total Pagefile: 12124.79 MB
Available Pagefile: 10111.14 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.07 MB

========================= Partitions: =====================================

1 Drive c: (TI106411W0E) (Fixed) (Total:682.74 GB) (Free:638.33 GB) NTFS

========================= Users: ========================================

User accounts for \\SWINDEN4

Administrator cindy swinden Guest


**** End of log ****

#4 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 15 November 2012 - 10:12 PM

Hi,
Just wondering what I can do next.

Thanks

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:54 PM

Posted 16 November 2012 - 01:11 PM

Sorry about the delay.

Rerun TDSSKiller and change the option fot these 2 (last 2found in first scan) to Cure or Delete..
23:57:07.0432 5472 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
23:57:07.0432 5472 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.


How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 16 November 2012 - 07:23 PM

Hey,

I re-ran tdss and those options didn't show up. I think I remember removing them the first time. Here is the ESET scan. Haven't had much time to play around but it seems better. I just wanted to get the results to you.



C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zdatact.dll a variant of Win32/Toolbar.MyWebSearch.A application cleaned by deleting - quarantined
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zhtmlmu.dll probably a variant of Win32/Toolbar.MyWebSearch.B application cleaned by deleting - quarantined
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zieovr.dll probably a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zPlugin.dll probably a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zskin.dll a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\T8HTML.DLL probably a variant of Win32/Toolbar.MyWebSearch.F application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.11.2012_23.56.11\mbr0000\tdlfs0000\tsk0001.dta a variant of Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.11.2012_23.56.11\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.11.2012_23.56.11\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.11.2012_23.56.11\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\Users\cindy swinden\AppData\Local\RivalGaming\RivalGaming.dll probably a variant of Win32/Adware.Gamevance.DB application cleaned by deleting - quarantined
C:\Users\cindy swinden\AppData\Local\RivalGaming\Uninstaller.exe a variant of Win32/Adware.Gamevance.CJ application cleaned by deleting - quarantined
C:\Users\cindy swinden\AppData\Local\Temp\YontooSetup-S.exe multiple threats cleaned by deleting - quarantined
C:\Users\cindy swinden\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@rivalgaming.com\components\xpcomponent.dll a variant of Win32/Adware.Gamevance.CZ application cleaned by deleting - quarantined

#7 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 16 November 2012 - 07:24 PM

It still a little slow at times. It just kinda freezes up for a few seconds, and then resumes.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:54 PM

Posted 16 November 2012 - 08:07 PM

Ok,than they are removed. Some slowness may be due to the fact we removed all the cookies and some things will be repopulated as you re visit your usual haunts.

I would still like to run 2 last tools to be sure we've left nothing. These are not long.

Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.


And
Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 16 November 2012 - 09:10 PM

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-16 20:49:47
-----------------------------
20:49:47.967 OS Version: Windows x64 6.1.7601 Service Pack 1
20:49:47.967 Number of processors: 4 586 0x3A09
20:49:47.967 ComputerName: SWINDEN4 UserName:
20:49:50.777 Initialize success
20:50:46.492 AVAST engine defs: 12111601
20:58:41.606 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:58:41.606 Disk 0 Vendor: Hitachi_ JE4O Size: 715404MB BusType: 3
20:58:41.621 Disk 0 MBR read successfully
20:58:41.621 Disk 0 MBR scan
20:58:41.637 Disk 0 Windows VISTA default MBR code
20:58:41.637 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
20:58:41.652 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 699128 MB offset 3074048
20:58:41.684 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 14775 MB offset 1434888192
20:58:41.730 Disk 0 scanning C:\windows\system32\drivers
20:58:48.115 Service scanning
20:59:27.806 Modules scanning
20:59:27.816 Disk 0 trace - called modules:
20:59:27.836 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys iaStor.sys hal.dll
20:59:27.876 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008ae9060]
20:59:27.876 3 CLASSPNP.SYS[fffff88001d5b43f] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8008ae8060]
20:59:27.886 5 thpdrv.sys[fffff88001ca42b0] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006293050]
20:59:29.486 AVAST engine scan C:\windows
20:59:32.566 AVAST engine scan C:\windows\system32
21:02:03.584 AVAST engine scan C:\windows\system32\drivers
21:02:25.172 AVAST engine scan C:\Users\cindy swinden
21:07:52.607 AVAST engine scan C:\ProgramData
21:08:47.609 Scan finished successfully
21:09:50.596 Disk 0 MBR has been saved successfully to "C:\Users\cindy swinden\Desktop\cleanup\MBR.dat"
21:09:50.596 The log file has been saved successfully to "C:\Users\cindy swinden\Desktop\cleanup\aswMBR.txt"

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:54 PM

Posted 16 November 2012 - 09:22 PM

Ok, good
Lets mop up..

Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.


Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link
  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.



Now if there are no issues.
Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 mercuryrsng

mercuryrsng
  • Topic Starter

  • Members
  • 298 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 16 November 2012 - 11:06 PM

Done. That all?

#12 hamluis

hamluis

    Moderator


  • Moderator
  • 56,131 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:54 PM

Posted 08 March 2013 - 06:07 PM

OP initiated a whole new series of posts regarding malware issues which were subsequently solved.

 

This topic is now closed, should have been closed back in Nov 2012 :).

 

Louis






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users