Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser redirects


  • Please log in to reply
10 replies to this topic

#1 dbteepo

dbteepo

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 19 November 2012 - 06:26 PM

My browser is currently being redirected when clicking on links and I don't have any error messages popping up. I'm currently running Windows 7. Sorry I don't have more information to provide, help?

BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:06 AM

Posted 19 November 2012 - 07:08 PM

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Right Click it Run as Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results

Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log here,


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
post the log here.


Run a scan with Eset.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.




Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:


Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

#3 dbteepo

dbteepo
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 19 November 2012 - 09:05 PM

Thanks for your prompt attention to this matter.

19:46:21.0743 0224 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:46:22.0213 0224 ============================================================
19:46:22.0213 0224 Current date / time: 2012/11/19 19:46:22.0213
19:46:22.0213 0224 SystemInfo:
19:46:22.0213 0224
19:46:22.0213 0224 OS Version: 6.1.7601 ServicePack: 1.0
19:46:22.0213 0224 Product type: Workstation
19:46:22.0213 0224 ComputerName: HP
19:46:22.0213 0224 UserName: Alonzo
19:46:22.0213 0224 Windows directory: C:\Windows
19:46:22.0213 0224 System windows directory: C:\Windows
19:46:22.0213 0224 Running under WOW64
19:46:22.0213 0224 Processor architecture: Intel x64
19:46:22.0213 0224 Number of processors: 4
19:46:22.0213 0224 Page size: 0x1000
19:46:22.0213 0224 Boot type: Normal boot
19:46:22.0213 0224 ============================================================
19:46:22.0673 0224 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:46:22.0683 0224 ============================================================
19:46:22.0683 0224 \Device\Harddisk0\DR0:
19:46:22.0683 0224 MBR partitions:
19:46:22.0683 0224 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x31000
19:46:22.0683 0224 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32FCD, BlocksNum 0x72F699FC
19:46:22.0683 0224 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72F9D000, BlocksNum 0x17695B0
19:46:22.0683 0224 ============================================================
19:46:22.0723 0224 C: <-> \Device\Harddisk0\DR0\Partition2
19:46:22.0773 0224 D: <-> \Device\Harddisk0\DR0\Partition3
19:46:22.0773 0224 ============================================================
19:46:22.0773 0224 Initialize success
19:46:22.0773 0224 ============================================================
19:46:43.0703 4004 ============================================================
19:46:43.0703 4004 Scan started
19:46:43.0703 4004 Mode: Manual; TDLFS;
19:46:43.0703 4004 ============================================================
19:46:44.0053 4004 ================ Scan system memory ========================
19:46:44.0053 4004 System memory - ok
19:46:44.0053 4004 ================ Scan services =============================
19:46:44.0283 4004 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:46:44.0283 4004 1394ohci - ok
19:46:44.0303 4004 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:46:44.0303 4004 ACPI - ok
19:46:44.0333 4004 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:46:44.0333 4004 AcpiPmi - ok
19:46:44.0383 4004 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:46:44.0393 4004 adp94xx - ok
19:46:44.0413 4004 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:46:44.0423 4004 adpahci - ok
19:46:44.0433 4004 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:46:44.0433 4004 adpu320 - ok
19:46:44.0463 4004 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:46:44.0463 4004 AeLookupSvc - ok
19:46:44.0503 4004 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:46:44.0503 4004 AFD - ok
19:46:44.0523 4004 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:46:44.0523 4004 agp440 - ok
19:46:44.0543 4004 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:46:44.0553 4004 ALG - ok
19:46:44.0583 4004 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:46:44.0583 4004 aliide - ok
19:46:44.0603 4004 [ A592CA3EC9A5AF7F74D5169D556B976F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:46:44.0603 4004 AMD External Events Utility - ok
19:46:44.0623 4004 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:46:44.0633 4004 amdide - ok
19:46:44.0653 4004 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:46:44.0653 4004 AmdK8 - ok
19:46:44.0833 4004 [ 1512CEEDC3657082F396A0818528B5E8 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:46:44.0893 4004 amdkmdag - ok
19:46:44.0913 4004 [ 3D00276750E2D6F35228E12868CF1A46 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:46:44.0913 4004 amdkmdap - ok
19:46:44.0933 4004 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:46:44.0933 4004 AmdPPM - ok
19:46:44.0973 4004 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:46:44.0973 4004 amdsata - ok
19:46:45.0023 4004 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:46:45.0023 4004 amdsbs - ok
19:46:45.0033 4004 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:46:45.0033 4004 amdxata - ok
19:46:45.0063 4004 [ 2FBB00A7616106B95104574C6CD640C2 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
19:46:45.0063 4004 amd_sata - ok
19:46:45.0083 4004 [ 87D0D7645CB0D53220649BD5FE15D93E ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
19:46:45.0083 4004 amd_xata - ok
19:46:45.0103 4004 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:46:45.0103 4004 AppID - ok
19:46:45.0123 4004 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:46:45.0123 4004 AppIDSvc - ok
19:46:45.0133 4004 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:46:45.0133 4004 Appinfo - ok
19:46:45.0143 4004 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:46:45.0153 4004 arc - ok
19:46:45.0153 4004 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:46:45.0153 4004 arcsas - ok
19:46:45.0203 4004 aspnet_state - ok
19:46:45.0233 4004 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:46:45.0233 4004 AsyncMac - ok
19:46:45.0253 4004 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:46:45.0253 4004 atapi - ok
19:46:45.0273 4004 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:46:45.0283 4004 AudioEndpointBuilder - ok
19:46:45.0293 4004 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:46:45.0293 4004 AudioSrv - ok
19:46:45.0323 4004 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:46:45.0323 4004 AxInstSV - ok
19:46:45.0353 4004 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:46:45.0353 4004 b06bdrv - ok
19:46:45.0373 4004 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:46:45.0383 4004 b57nd60a - ok
19:46:45.0453 4004 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:46:45.0453 4004 BBSvc - ok
19:46:45.0483 4004 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:46:45.0493 4004 BDESVC - ok
19:46:45.0503 4004 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:46:45.0503 4004 Beep - ok
19:46:45.0543 4004 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:46:45.0563 4004 BFE - ok
19:46:45.0593 4004 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:46:45.0613 4004 BITS - ok
19:46:45.0623 4004 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:46:45.0623 4004 blbdrive - ok
19:46:45.0653 4004 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:46:45.0653 4004 bowser - ok
19:46:45.0673 4004 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:46:45.0683 4004 BrFiltLo - ok
19:46:45.0693 4004 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:46:45.0693 4004 BrFiltUp - ok
19:46:45.0723 4004 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:46:45.0723 4004 Browser - ok
19:46:45.0743 4004 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:46:45.0743 4004 Brserid - ok
19:46:45.0763 4004 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:46:45.0763 4004 BrSerWdm - ok
19:46:45.0773 4004 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:46:45.0773 4004 BrUsbMdm - ok
19:46:45.0793 4004 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:46:45.0793 4004 BrUsbSer - ok
19:46:45.0803 4004 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:46:45.0803 4004 BTHMODEM - ok
19:46:45.0833 4004 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:46:45.0833 4004 bthserv - ok
19:46:45.0853 4004 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:46:45.0853 4004 cdfs - ok
19:46:45.0873 4004 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:46:45.0883 4004 cdrom - ok
19:46:45.0893 4004 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:46:45.0903 4004 CertPropSvc - ok
19:46:45.0943 4004 [ 7C6B5BE2696DFD2D0BF6C9EE20326EF8 ] cfwids C:\Windows\system32\drivers\cfwids.sys
19:46:45.0943 4004 cfwids - ok
19:46:45.0963 4004 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:46:45.0973 4004 circlass - ok
19:46:46.0003 4004 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:46:46.0003 4004 CLFS - ok
19:46:46.0033 4004 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:46:46.0033 4004 clr_optimization_v2.0.50727_32 - ok
19:46:46.0083 4004 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:46:46.0083 4004 clr_optimization_v2.0.50727_64 - ok
19:46:46.0143 4004 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:46:46.0143 4004 clr_optimization_v4.0.30319_32 - ok
19:46:46.0163 4004 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:46:46.0173 4004 clr_optimization_v4.0.30319_64 - ok
19:46:46.0193 4004 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:46:46.0193 4004 CmBatt - ok
19:46:46.0213 4004 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:46:46.0213 4004 cmdide - ok
19:46:46.0253 4004 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:46:46.0253 4004 CNG - ok
19:46:46.0273 4004 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:46:46.0273 4004 Compbatt - ok
19:46:46.0293 4004 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:46:46.0293 4004 CompositeBus - ok
19:46:46.0303 4004 COMSysApp - ok
19:46:46.0333 4004 [ A398ED024F739E7BE74ECFFA8A713A89 ] CpqDfw C:\Windows\system32\drivers\CpqDfw.sys
19:46:46.0333 4004 CpqDfw - ok
19:46:46.0363 4004 [ 10FB0FF62AF6262BF88E3607E2AE2A69 ] cqcpu C:\Windows\system32\drivers\cqcpu.sys
19:46:46.0363 4004 cqcpu - ok
19:46:46.0363 4004 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:46:46.0363 4004 crcdisk - ok
19:46:46.0403 4004 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:46:46.0403 4004 CryptSvc - ok
19:46:46.0483 4004 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:46:46.0483 4004 cvhsvc - ok
19:46:46.0523 4004 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:46:46.0533 4004 DcomLaunch - ok
19:46:46.0563 4004 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:46:46.0563 4004 defragsvc - ok
19:46:46.0573 4004 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:46:46.0583 4004 DfsC - ok
19:46:46.0603 4004 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:46:46.0613 4004 Dhcp - ok
19:46:46.0623 4004 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:46:46.0623 4004 discache - ok
19:46:46.0653 4004 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:46:46.0653 4004 Disk - ok
19:46:46.0683 4004 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:46:46.0683 4004 Dnscache - ok
19:46:46.0703 4004 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:46:46.0703 4004 dot3svc - ok
19:46:46.0723 4004 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:46:46.0723 4004 DPS - ok
19:46:46.0743 4004 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:46:46.0743 4004 drmkaud - ok
19:46:46.0773 4004 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:46:46.0773 4004 dtsoftbus01 - ok
19:46:46.0803 4004 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:46:46.0813 4004 DXGKrnl - ok
19:46:46.0823 4004 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:46:46.0823 4004 EapHost - ok
19:46:46.0903 4004 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:46:46.0933 4004 ebdrv - ok
19:46:46.0953 4004 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:46:46.0953 4004 EFS - ok
19:46:47.0013 4004 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:46:47.0023 4004 ehRecvr - ok
19:46:47.0043 4004 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:46:47.0043 4004 ehSched - ok
19:46:47.0093 4004 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:46:47.0103 4004 elxstor - ok
19:46:47.0123 4004 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:46:47.0123 4004 ErrDev - ok
19:46:47.0153 4004 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:46:47.0163 4004 EventSystem - ok
19:46:47.0173 4004 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:46:47.0183 4004 exfat - ok
19:46:47.0193 4004 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:46:47.0193 4004 fastfat - ok
19:46:47.0213 4004 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:46:47.0223 4004 Fax - ok
19:46:47.0233 4004 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:46:47.0233 4004 fdc - ok
19:46:47.0263 4004 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:46:47.0263 4004 fdPHost - ok
19:46:47.0273 4004 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:46:47.0283 4004 FDResPub - ok
19:46:47.0293 4004 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:46:47.0293 4004 FileInfo - ok
19:46:47.0303 4004 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:46:47.0303 4004 Filetrace - ok
19:46:47.0323 4004 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:46:47.0323 4004 flpydisk - ok
19:46:47.0343 4004 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:46:47.0353 4004 FltMgr - ok
19:46:47.0383 4004 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:46:47.0393 4004 FontCache - ok
19:46:47.0413 4004 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:46:47.0423 4004 FontCache3.0.0.0 - ok
19:46:47.0433 4004 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:46:47.0433 4004 FsDepends - ok
19:46:47.0453 4004 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:46:47.0453 4004 Fs_Rec - ok
19:46:47.0473 4004 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:46:47.0473 4004 fvevol - ok
19:46:47.0503 4004 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:46:47.0503 4004 gagp30kx - ok
19:46:47.0553 4004 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:46:47.0553 4004 GamesAppService - ok
19:46:47.0583 4004 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:46:47.0593 4004 gpsvc - ok
19:46:47.0643 4004 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:46:47.0643 4004 gupdate - ok
19:46:47.0653 4004 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:46:47.0653 4004 gupdatem - ok
19:46:47.0673 4004 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:46:47.0683 4004 gusvc - ok
19:46:47.0703 4004 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:46:47.0703 4004 hcw85cir - ok
19:46:47.0733 4004 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:46:47.0733 4004 HdAudAddService - ok
19:46:47.0763 4004 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:46:47.0763 4004 HDAudBus - ok
19:46:47.0783 4004 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:46:47.0783 4004 HidBatt - ok
19:46:47.0793 4004 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:46:47.0793 4004 HidBth - ok
19:46:47.0803 4004 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:46:47.0803 4004 HidIr - ok
19:46:47.0823 4004 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:46:47.0823 4004 hidserv - ok
19:46:47.0843 4004 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:46:47.0843 4004 HidUsb - ok
19:46:47.0863 4004 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
19:46:47.0873 4004 HipShieldK - ok
19:46:47.0893 4004 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:46:47.0893 4004 hkmsvc - ok
19:46:47.0913 4004 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:46:47.0913 4004 HomeGroupListener - ok
19:46:47.0933 4004 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:46:47.0933 4004 HomeGroupProvider - ok
19:46:48.0003 4004 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:46:48.0003 4004 HP Support Assistant Service - ok
19:46:48.0043 4004 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
19:46:48.0053 4004 HPClientSvc - ok
19:46:48.0103 4004 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
19:46:48.0103 4004 HPDrvMntSvc.exe - ok
19:46:48.0143 4004 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:46:48.0153 4004 hpqwmiex - ok
19:46:48.0193 4004 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:46:48.0193 4004 HpSAMD - ok
19:46:48.0223 4004 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:46:48.0223 4004 HTTP - ok
19:46:48.0233 4004 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:46:48.0233 4004 hwpolicy - ok
19:46:48.0273 4004 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:46:48.0273 4004 i8042prt - ok
19:46:48.0303 4004 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:46:48.0313 4004 iaStorV - ok
19:46:48.0363 4004 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:46:48.0383 4004 idsvc - ok
19:46:48.0523 4004 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:46:48.0563 4004 igfx - ok
19:46:48.0583 4004 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:46:48.0583 4004 iirsp - ok
19:46:48.0613 4004 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:46:48.0613 4004 IKEEXT - ok
19:46:48.0703 4004 [ 91ED47813243B455E2D81115A8255F0E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:46:48.0733 4004 IntcAzAudAddService - ok
19:46:48.0763 4004 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:46:48.0763 4004 intelide - ok
19:46:48.0783 4004 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
19:46:48.0783 4004 intelppm - ok
19:46:48.0813 4004 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:46:48.0813 4004 IPBusEnum - ok
19:46:48.0823 4004 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:46:48.0823 4004 IpFilterDriver - ok
19:46:48.0863 4004 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:46:48.0873 4004 iphlpsvc - ok
19:46:48.0883 4004 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:46:48.0883 4004 IPMIDRV - ok
19:46:48.0903 4004 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:46:48.0903 4004 IPNAT - ok
19:46:48.0933 4004 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:46:48.0933 4004 IRENUM - ok
19:46:48.0953 4004 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:46:48.0953 4004 isapnp - ok
19:46:48.0963 4004 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:46:48.0973 4004 iScsiPrt - ok
19:46:48.0993 4004 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:46:48.0993 4004 kbdclass - ok
19:46:49.0013 4004 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:46:49.0013 4004 kbdhid - ok
19:46:49.0023 4004 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:46:49.0023 4004 KeyIso - ok
19:46:49.0043 4004 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:46:49.0043 4004 KSecDD - ok
19:46:49.0063 4004 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:46:49.0063 4004 KSecPkg - ok
19:46:49.0073 4004 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:46:49.0073 4004 ksthunk - ok
19:46:49.0103 4004 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:46:49.0103 4004 KtmRm - ok
19:46:49.0143 4004 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:46:49.0143 4004 LanmanServer - ok
19:46:49.0163 4004 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:46:49.0163 4004 LanmanWorkstation - ok
19:46:49.0183 4004 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:46:49.0193 4004 lltdio - ok
19:46:49.0203 4004 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:46:49.0203 4004 lltdsvc - ok
19:46:49.0223 4004 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:46:49.0223 4004 lmhosts - ok
19:46:49.0253 4004 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:46:49.0253 4004 LSI_FC - ok
19:46:49.0263 4004 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:46:49.0263 4004 LSI_SAS - ok
19:46:49.0283 4004 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:46:49.0283 4004 LSI_SAS2 - ok
19:46:49.0283 4004 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:46:49.0293 4004 LSI_SCSI - ok
19:46:49.0323 4004 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:46:49.0323 4004 luafv - ok
19:46:49.0363 4004 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:46:49.0363 4004 MBAMProtector - ok
19:46:49.0393 4004 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:46:49.0393 4004 MBAMScheduler - ok
19:46:49.0423 4004 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:46:49.0433 4004 MBAMService - ok
19:46:49.0503 4004 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:46:49.0503 4004 McAfee SiteAdvisor Service - ok
19:46:49.0523 4004 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:46:49.0533 4004 McMPFSvc - ok
19:46:49.0543 4004 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:46:49.0553 4004 mcmscsvc - ok
19:46:49.0553 4004 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:46:49.0563 4004 McNaiAnn - ok
19:46:49.0563 4004 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:46:49.0573 4004 McNASvc - ok
19:46:49.0603 4004 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
19:46:49.0613 4004 McODS - ok
19:46:49.0623 4004 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:46:49.0623 4004 McProxy - ok
19:46:49.0653 4004 [ D4F9C8CE2D7D5B9A1F739AADEBFFCA6F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
19:46:49.0663 4004 McShield - ok
19:46:49.0683 4004 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:46:49.0683 4004 Mcx2Svc - ok
19:46:49.0703 4004 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:46:49.0703 4004 megasas - ok
19:46:49.0743 4004 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:46:49.0743 4004 MegaSR - ok
19:46:49.0773 4004 [ C73B93FED17829F11273459DA05E1976 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
19:46:49.0773 4004 mfeapfk - ok
19:46:49.0793 4004 [ 298C065BB9E09D5F14CCD9E8244DE4A0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
19:46:49.0803 4004 mfeavfk - ok
19:46:49.0813 4004 mfeavfk01 - ok
19:46:49.0833 4004 [ AB66AF840EF1667AA73DDA6CE987D0E1 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
19:46:49.0833 4004 mfefire - ok
19:46:49.0853 4004 [ 4D604F0B85E98C5AD99B89AF72A4E28A ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
19:46:49.0853 4004 mfefirek - ok
19:46:49.0883 4004 [ 85AFDEAD1366BED11A84A5C6FC0A65D2 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
19:46:49.0893 4004 mfehidk - ok
19:46:49.0903 4004 [ 1B08579938FD72626D92F3C2219903EA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
19:46:49.0913 4004 mferkdet - ok
19:46:49.0923 4004 [ 984BBBB9BE02EF838DABDF3F3126A91B ] mfevtp C:\Windows\system32\mfevtps.exe
19:46:49.0933 4004 mfevtp - ok
19:46:49.0953 4004 [ 6251BE428073704FF1002231520C8F16 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
19:46:49.0953 4004 mfewfpk - ok
19:46:49.0973 4004 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:46:49.0973 4004 MMCSS - ok
19:46:49.0983 4004 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:46:49.0983 4004 Modem - ok
19:46:50.0013 4004 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:46:50.0013 4004 monitor - ok
19:46:50.0023 4004 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:46:50.0023 4004 mouclass - ok
19:46:50.0043 4004 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:46:50.0043 4004 mouhid - ok
19:46:50.0063 4004 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:46:50.0063 4004 mountmgr - ok
19:46:50.0083 4004 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:46:50.0093 4004 mpio - ok
19:46:50.0113 4004 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:46:50.0113 4004 mpsdrv - ok
19:46:50.0143 4004 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:46:50.0153 4004 MpsSvc - ok
19:46:50.0173 4004 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:46:50.0173 4004 MRxDAV - ok
19:46:50.0193 4004 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:46:50.0193 4004 mrxsmb - ok
19:46:50.0223 4004 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:46:50.0223 4004 mrxsmb10 - ok
19:46:50.0253 4004 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:46:50.0253 4004 mrxsmb20 - ok
19:46:50.0273 4004 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:46:50.0273 4004 msahci - ok
19:46:50.0293 4004 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:46:50.0293 4004 msdsm - ok
19:46:50.0313 4004 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:46:50.0323 4004 MSDTC - ok
19:46:50.0343 4004 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:46:50.0343 4004 Msfs - ok
19:46:50.0353 4004 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:46:50.0353 4004 mshidkmdf - ok
19:46:50.0363 4004 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:46:50.0363 4004 msisadrv - ok
19:46:50.0393 4004 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:46:50.0393 4004 MSiSCSI - ok
19:46:50.0403 4004 msiserver - ok
19:46:50.0423 4004 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:46:50.0423 4004 MSKSSRV - ok
19:46:50.0443 4004 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:46:50.0443 4004 MSPCLOCK - ok
19:46:50.0453 4004 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:46:50.0453 4004 MSPQM - ok
19:46:50.0473 4004 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:46:50.0483 4004 MsRPC - ok
19:46:50.0503 4004 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:46:50.0503 4004 mssmbios - ok
19:46:50.0523 4004 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:46:50.0523 4004 MSTEE - ok
19:46:50.0533 4004 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:46:50.0533 4004 MTConfig - ok
19:46:50.0543 4004 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:46:50.0553 4004 Mup - ok
19:46:50.0583 4004 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:46:50.0593 4004 napagent - ok
19:46:50.0613 4004 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:46:50.0613 4004 NativeWifiP - ok
19:46:50.0673 4004 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:46:50.0683 4004 NDIS - ok
19:46:50.0703 4004 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:46:50.0703 4004 NdisCap - ok
19:46:50.0733 4004 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:46:50.0733 4004 NdisTapi - ok
19:46:50.0733 4004 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:46:50.0733 4004 Ndisuio - ok
19:46:50.0753 4004 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:46:50.0753 4004 NdisWan - ok
19:46:50.0763 4004 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:46:50.0763 4004 NDProxy - ok
19:46:50.0783 4004 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:46:50.0783 4004 NetBIOS - ok
19:46:50.0793 4004 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:46:50.0803 4004 NetBT - ok
19:46:50.0813 4004 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:46:50.0813 4004 Netlogon - ok
19:46:50.0833 4004 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:46:50.0843 4004 Netman - ok
19:46:50.0863 4004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:46:50.0863 4004 NetMsmqActivator - ok
19:46:50.0873 4004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:46:50.0873 4004 NetPipeActivator - ok
19:46:50.0883 4004 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:46:50.0883 4004 netprofm - ok
19:46:50.0933 4004 [ 8B5D2D7CB0EF5B1967860B8AB742A46C ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
19:46:50.0953 4004 netr28x - ok
19:46:50.0963 4004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:46:50.0963 4004 NetTcpActivator - ok
19:46:50.0963 4004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:46:50.0973 4004 NetTcpPortSharing - ok
19:46:50.0983 4004 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:46:50.0993 4004 nfrd960 - ok
19:46:51.0023 4004 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:46:51.0033 4004 NlaSvc - ok
19:46:51.0133 4004 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
19:46:51.0153 4004 NOBU - ok
19:46:51.0173 4004 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:46:51.0173 4004 Npfs - ok
19:46:51.0183 4004 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:46:51.0193 4004 nsi - ok
19:46:51.0203 4004 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:46:51.0203 4004 nsiproxy - ok
19:46:51.0253 4004 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:46:51.0263 4004 Ntfs - ok
19:46:51.0273 4004 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:46:51.0273 4004 Null - ok
19:46:51.0303 4004 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:46:51.0303 4004 nvraid - ok
19:46:51.0313 4004 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:46:51.0313 4004 nvstor - ok
19:46:51.0333 4004 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:46:51.0333 4004 nv_agp - ok
19:46:51.0353 4004 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:46:51.0353 4004 ohci1394 - ok
19:46:51.0393 4004 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:46:51.0393 4004 ose - ok
19:46:51.0523 4004 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:46:51.0553 4004 osppsvc - ok
19:46:51.0573 4004 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:46:51.0583 4004 p2pimsvc - ok
19:46:51.0603 4004 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:46:51.0613 4004 p2psvc - ok
19:46:51.0633 4004 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:46:51.0633 4004 Parport - ok
19:46:51.0663 4004 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:46:51.0673 4004 partmgr - ok
19:46:51.0693 4004 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:46:51.0693 4004 PcaSvc - ok
19:46:51.0703 4004 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:46:51.0713 4004 pci - ok
19:46:51.0723 4004 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:46:51.0723 4004 pciide - ok
19:46:51.0733 4004 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:46:51.0733 4004 pcmcia - ok
19:46:51.0753 4004 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:46:51.0753 4004 pcw - ok
19:46:51.0783 4004 pdfcDispatcher - ok
19:46:51.0803 4004 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:46:51.0803 4004 PEAUTH - ok
19:46:51.0873 4004 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:46:51.0873 4004 PerfHost - ok
19:46:51.0933 4004 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:46:51.0943 4004 pla - ok
19:46:51.0973 4004 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:46:51.0983 4004 PlugPlay - ok
19:46:51.0993 4004 PnkBstrA - ok
19:46:52.0003 4004 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:46:52.0003 4004 PNRPAutoReg - ok
19:46:52.0023 4004 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:46:52.0033 4004 PNRPsvc - ok
19:46:52.0053 4004 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:46:52.0063 4004 PolicyAgent - ok
19:46:52.0093 4004 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:46:52.0093 4004 Power - ok
19:46:52.0123 4004 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:46:52.0123 4004 PptpMiniport - ok
19:46:52.0153 4004 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:46:52.0153 4004 Processor - ok
19:46:52.0183 4004 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:46:52.0183 4004 ProfSvc - ok
19:46:52.0193 4004 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:46:52.0193 4004 ProtectedStorage - ok
19:46:52.0223 4004 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:46:52.0223 4004 Psched - ok
19:46:52.0263 4004 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:46:52.0273 4004 ql2300 - ok
19:46:52.0293 4004 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:46:52.0293 4004 ql40xx - ok
19:46:52.0313 4004 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:46:52.0323 4004 QWAVE - ok
19:46:52.0333 4004 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:46:52.0333 4004 QWAVEdrv - ok
19:46:52.0343 4004 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:46:52.0353 4004 RasAcd - ok
19:46:52.0363 4004 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:46:52.0363 4004 RasAgileVpn - ok
19:46:52.0373 4004 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:46:52.0373 4004 RasAuto - ok
19:46:52.0393 4004 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:46:52.0393 4004 Rasl2tp - ok
19:46:52.0413 4004 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:46:52.0413 4004 RasMan - ok
19:46:52.0433 4004 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:46:52.0433 4004 RasPppoe - ok
19:46:52.0443 4004 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:46:52.0443 4004 RasSstp - ok
19:46:52.0473 4004 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:46:52.0473 4004 rdbss - ok
19:46:52.0493 4004 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:46:52.0493 4004 rdpbus - ok
19:46:52.0503 4004 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:46:52.0503 4004 RDPCDD - ok
19:46:52.0523 4004 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:46:52.0523 4004 RDPENCDD - ok
19:46:52.0543 4004 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:46:52.0543 4004 RDPREFMP - ok
19:46:52.0563 4004 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:46:52.0573 4004 RDPWD - ok
19:46:52.0573 4004 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:46:52.0583 4004 rdyboost - ok
19:46:52.0603 4004 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:46:52.0603 4004 RemoteAccess - ok
19:46:52.0613 4004 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:46:52.0623 4004 RemoteRegistry - ok
19:46:52.0663 4004 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
19:46:52.0663 4004 RoxioNow Service - ok
19:46:52.0683 4004 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:46:52.0683 4004 RpcEptMapper - ok
19:46:52.0713 4004 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:46:52.0713 4004 RpcLocator - ok
19:46:52.0743 4004 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:46:52.0753 4004 RpcSs - ok
19:46:52.0783 4004 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:46:52.0783 4004 rspndr - ok
19:46:52.0823 4004 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:46:52.0823 4004 RTL8167 - ok
19:46:52.0833 4004 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:46:52.0843 4004 SamSs - ok
19:46:52.0873 4004 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:46:52.0873 4004 sbp2port - ok
19:46:52.0893 4004 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:46:52.0903 4004 SCardSvr - ok
19:46:52.0913 4004 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:46:52.0913 4004 scfilter - ok
19:46:52.0943 4004 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:46:52.0953 4004 Schedule - ok
19:46:52.0973 4004 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:46:52.0973 4004 SCPolicySvc - ok
19:46:52.0993 4004 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:46:52.0993 4004 sdbus - ok
19:46:53.0013 4004 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:46:53.0013 4004 SDRSVC - ok
19:46:53.0033 4004 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:46:53.0033 4004 SeaPort - ok
19:46:53.0053 4004 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:46:53.0053 4004 secdrv - ok
19:46:53.0063 4004 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:46:53.0063 4004 seclogon - ok
19:46:53.0073 4004 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:46:53.0083 4004 SENS - ok
19:46:53.0083 4004 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:46:53.0093 4004 SensrSvc - ok
19:46:53.0103 4004 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:46:53.0103 4004 Serenum - ok
19:46:53.0123 4004 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
19:46:53.0123 4004 Serial - ok
19:46:53.0133 4004 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:46:53.0133 4004 sermouse - ok
19:46:53.0153 4004 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:46:53.0163 4004 SessionEnv - ok
19:46:53.0173 4004 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:46:53.0173 4004 sffdisk - ok
19:46:53.0183 4004 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:46:53.0193 4004 sffp_mmc - ok
19:46:53.0193 4004 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:46:53.0203 4004 sffp_sd - ok
19:46:53.0203 4004 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:46:53.0203 4004 sfloppy - ok
19:46:53.0253 4004 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
19:46:53.0253 4004 Sftfs - ok
19:46:53.0323 4004 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:46:53.0333 4004 sftlist - ok
19:46:53.0363 4004 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:46:53.0363 4004 Sftplay - ok
19:46:53.0383 4004 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:46:53.0383 4004 Sftredir - ok
19:46:53.0403 4004 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
19:46:53.0403 4004 Sftvol - ok
19:46:53.0423 4004 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:46:53.0433 4004 sftvsa - ok
19:46:53.0453 4004 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:46:53.0453 4004 SharedAccess - ok
19:46:53.0483 4004 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:46:53.0493 4004 ShellHWDetection - ok
19:46:53.0503 4004 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:46:53.0503 4004 SiSRaid2 - ok
19:46:53.0523 4004 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:46:53.0523 4004 SiSRaid4 - ok
19:46:53.0553 4004 [ A0FD911FEEA045D4A4F5154666C76EC7 ] SIVDRIVER C:\Windows\system32\Drivers\SIVX64.sys
19:46:53.0553 4004 SIVDRIVER - ok
19:46:53.0613 4004 [ B866E8C5ED1DCBEA72285BA4107892C2 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:46:53.0613 4004 SkypeUpdate - ok
19:46:53.0633 4004 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:46:53.0643 4004 Smb - ok
19:46:53.0673 4004 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:46:53.0673 4004 SNMPTRAP - ok
19:46:53.0683 4004 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:46:53.0683 4004 spldr - ok
19:46:53.0723 4004 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:46:53.0733 4004 Spooler - ok
19:46:53.0803 4004 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:46:53.0833 4004 sppsvc - ok
19:46:53.0843 4004 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:46:53.0853 4004 sppuinotify - ok
19:46:53.0863 4004 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:46:53.0863 4004 srv - ok
19:46:53.0883 4004 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:46:53.0893 4004 srv2 - ok
19:46:53.0893 4004 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:46:53.0903 4004 srvnet - ok
19:46:53.0923 4004 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:46:53.0933 4004 SSDPSRV - ok
19:46:53.0943 4004 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:46:53.0943 4004 SstpSvc - ok
19:46:53.0963 4004 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:46:53.0963 4004 stexstor - ok
19:46:54.0003 4004 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:46:54.0023 4004 stisvc - ok
19:46:54.0033 4004 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:46:54.0033 4004 swenum - ok
19:46:54.0063 4004 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:46:54.0073 4004 swprv - ok
19:46:54.0113 4004 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:46:54.0123 4004 SysMain - ok
19:46:54.0143 4004 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:46:54.0143 4004 TabletInputService - ok
19:46:54.0163 4004 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:46:54.0163 4004 TapiSrv - ok
19:46:54.0173 4004 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:46:54.0173 4004 TBS - ok
19:46:54.0243 4004 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:46:54.0273 4004 Tcpip - ok
19:46:54.0313 4004 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:46:54.0333 4004 TCPIP6 - ok
19:46:54.0353 4004 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:46:54.0353 4004 tcpipreg - ok
19:46:54.0373 4004 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:46:54.0373 4004 TDPIPE - ok
19:46:54.0393 4004 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:46:54.0393 4004 TDTCP - ok
19:46:54.0413 4004 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:46:54.0413 4004 tdx - ok
19:46:54.0423 4004 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:46:54.0423 4004 TermDD - ok
19:46:54.0453 4004 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:46:54.0453 4004 TermService - ok
19:46:54.0463 4004 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:46:54.0463 4004 Themes - ok
19:46:54.0473 4004 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:46:54.0473 4004 THREADORDER - ok
19:46:54.0483 4004 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:46:54.0493 4004 TrkWks - ok
19:46:54.0523 4004 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:46:54.0533 4004 TrustedInstaller - ok
19:46:54.0543 4004 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:46:54.0543 4004 tssecsrv - ok
19:46:54.0563 4004 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:46:54.0563 4004 TsUsbFlt - ok
19:46:54.0593 4004 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:46:54.0593 4004 TsUsbGD - ok
19:46:54.0613 4004 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:46:54.0613 4004 tunnel - ok
19:46:54.0633 4004 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:46:54.0633 4004 uagp35 - ok
19:46:54.0653 4004 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:46:54.0653 4004 udfs - ok
19:46:54.0673 4004 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:46:54.0673 4004 UI0Detect - ok
19:46:54.0693 4004 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:46:54.0693 4004 uliagpkx - ok
19:46:54.0713 4004 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:46:54.0713 4004 umbus - ok
19:46:54.0723 4004 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:46:54.0723 4004 UmPass - ok
19:46:54.0743 4004 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:46:54.0743 4004 upnphost - ok
19:46:54.0783 4004 [ C85B8247FADD432FA54FE11667C8D97D ] usbbus C:\Windows\system32\DRIVERS\lgx64bus.sys
19:46:54.0783 4004 usbbus - ok
19:46:54.0813 4004 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:46:54.0813 4004 usbccgp - ok
19:46:54.0853 4004 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:46:54.0853 4004 usbcir - ok
19:46:54.0873 4004 [ D8CDC12F5429878F23DDB3785A0FDF95 ] UsbDiag C:\Windows\system32\DRIVERS\lgx64diag.sys
19:46:54.0873 4004 UsbDiag - ok
19:46:54.0893 4004 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:46:54.0893 4004 usbehci - ok
19:46:54.0903 4004 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\Windows\system32\drivers\usbfilter.sys
19:46:54.0903 4004 usbfilter - ok
19:46:54.0933 4004 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
19:46:54.0933 4004 usbhub - ok
19:46:54.0963 4004 [ 79FA7A22B0F6F0082F640CBC82A00FCE ] USBModem C:\Windows\system32\DRIVERS\lgx64modem.sys
19:46:54.0963 4004 USBModem - ok
19:46:54.0983 4004 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:46:54.0983 4004 usbohci - ok
19:46:55.0013 4004 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:46:55.0013 4004 usbprint - ok
19:46:55.0043 4004 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:46:55.0043 4004 USBSTOR - ok
19:46:55.0063 4004 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:46:55.0063 4004 usbuhci - ok
19:46:55.0083 4004 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:46:55.0093 4004 UxSms - ok
19:46:55.0093 4004 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:46:55.0103 4004 VaultSvc - ok
19:46:55.0113 4004 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:46:55.0113 4004 vdrvroot - ok
19:46:55.0123 4004 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:46:55.0133 4004 vds - ok
19:46:55.0153 4004 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:46:55.0153 4004 vga - ok
19:46:55.0163 4004 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:46:55.0163 4004 VgaSave - ok
19:46:55.0183 4004 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:46:55.0183 4004 vhdmp - ok
19:46:55.0183 4004 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:46:55.0183 4004 viaide - ok
19:46:55.0203 4004 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:46:55.0203 4004 volmgr - ok
19:46:55.0223 4004 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:46:55.0223 4004 volmgrx - ok
19:46:55.0233 4004 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:46:55.0243 4004 volsnap - ok
19:46:55.0243 4004 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:46:55.0253 4004 vsmraid - ok
19:46:55.0283 4004 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:46:55.0293 4004 VSS - ok
19:46:55.0303 4004 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:46:55.0303 4004 vwifibus - ok
19:46:55.0313 4004 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:46:55.0313 4004 vwififlt - ok
19:46:55.0333 4004 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:46:55.0333 4004 W32Time - ok
19:46:55.0343 4004 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:46:55.0343 4004 WacomPen - ok
19:46:55.0363 4004 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:46:55.0373 4004 WANARP - ok
19:46:55.0373 4004 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:46:55.0373 4004 Wanarpv6 - ok
19:46:55.0443 4004 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:46:55.0453 4004 WatAdminSvc - ok
19:46:55.0503 4004 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:46:55.0513 4004 wbengine - ok
19:46:55.0533 4004 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:46:55.0533 4004 WbioSrvc - ok
19:46:55.0553 4004 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:46:55.0553 4004 wcncsvc - ok
19:46:55.0563 4004 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:46:55.0563 4004 WcsPlugInService - ok
19:46:55.0593 4004 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:46:55.0593 4004 Wd - ok
19:46:55.0623 4004 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:46:55.0633 4004 Wdf01000 - ok
19:46:55.0633 4004 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:46:55.0643 4004 WdiServiceHost - ok
19:46:55.0643 4004 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:46:55.0643 4004 WdiSystemHost - ok
19:46:55.0663 4004 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:46:55.0663 4004 WebClient - ok
19:46:55.0673 4004 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:46:55.0683 4004 Wecsvc - ok
19:46:55.0693 4004 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:46:55.0693 4004 wercplsupport - ok
19:46:55.0713 4004 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:46:55.0723 4004 WerSvc - ok
19:46:55.0733 4004 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:46:55.0733 4004 WfpLwf - ok
19:46:55.0743 4004 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:46:55.0743 4004 WIMMount - ok
19:46:55.0753 4004 WinDefend - ok
19:46:55.0763 4004 WinHttpAutoProxySvc - ok
19:46:55.0793 4004 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:46:55.0793 4004 Winmgmt - ok
19:46:55.0833 4004 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:46:55.0853 4004 WinRM - ok
19:46:55.0883 4004 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:46:55.0883 4004 WinUsb - ok
19:46:55.0913 4004 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:46:55.0923 4004 Wlansvc - ok
19:46:55.0963 4004 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:46:55.0963 4004 wlcrasvc - ok
19:46:56.0043 4004 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:46:56.0063 4004 wlidsvc - ok
19:46:56.0083 4004 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:46:56.0083 4004 WmiAcpi - ok
19:46:56.0123 4004 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:46:56.0123 4004 wmiApSrv - ok
19:46:56.0143 4004 WMPNetworkSvc - ok
19:46:56.0153 4004 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:46:56.0153 4004 WPCSvc - ok
19:46:56.0163 4004 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:46:56.0173 4004 WPDBusEnum - ok
19:46:56.0183 4004 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:46:56.0183 4004 ws2ifsl - ok
19:46:56.0203 4004 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:46:56.0203 4004 wscsvc - ok
19:46:56.0213 4004 WSearch - ok
19:46:56.0263 4004 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:46:56.0273 4004 wuauserv - ok
19:46:56.0303 4004 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:46:56.0303 4004 WudfPf - ok
19:46:56.0313 4004 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:46:56.0313 4004 WUDFRd - ok
19:46:56.0323 4004 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:46:56.0333 4004 wudfsvc - ok
19:46:56.0353 4004 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:46:56.0353 4004 WwanSvc - ok
19:46:56.0373 4004 ================ Scan global ===============================
19:46:56.0383 4004 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:46:56.0423 4004 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:46:56.0423 4004 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:46:56.0453 4004 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:46:56.0473 4004 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:46:56.0483 4004 [Global] - ok
19:46:56.0483 4004 ================ Scan MBR ==================================
19:46:56.0493 4004 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:46:56.0903 4004 \Device\Harddisk0\DR0 - ok
19:46:56.0903 4004 ================ Scan VBR ==================================
19:46:56.0903 4004 [ FF059BF04E574887B8E7F49314B93EF8 ] \Device\Harddisk0\DR0\Partition1
19:46:56.0913 4004 \Device\Harddisk0\DR0\Partition1 - ok
19:46:56.0943 4004 [ 656BD8852AB92850EACA3484295A7A23 ] \Device\Harddisk0\DR0\Partition2
19:46:56.0953 4004 \Device\Harddisk0\DR0\Partition2 - ok
19:46:56.0983 4004 [ E44906273D2852BDB30945A70E1B8D32 ] \Device\Harddisk0\DR0\Partition3
19:46:56.0993 4004 \Device\Harddisk0\DR0\Partition3 - ok
19:46:56.0993 4004 ============================================================
19:46:56.0993 4004 Scan finished
19:46:56.0993 4004 ============================================================
19:46:57.0013 2368 Detected object count: 0
19:46:57.0013 2368 Actual detected object count: 0

============= *** MBAM *** =================================

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.19.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Alonzo :: HP [administrator]

11/19/2012 7:49:52 PM
mbam-log-2012-11-19 (19-49-52).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203918
Time elapsed: 4 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

=========== *** Super Spyware *** ===================
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/19/2012 at 08:03 PM

Application Version : 5.6.1014

Core Rules Database Version : 9614
Trace Rules Database Version: 7426

Scan type : Quick Scan
Total Scan Time : 00:05:42

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 774
Memory threats detected : 0
Registry items scanned : 60629
Registry threats detected : 43
File items scanned : 12005
File threats detected : 180

Adware.Yontoo
(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\InprocServer32
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\InprocServer32#ThreadingModel
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ProgID
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\Programmable
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\TypeLib
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\VersionIndependentProgID
(x86) HKCR\YontooIEClient.Layers.1
(x86) HKCR\YontooIEClient.Layers.1\CLSID
(x86) HKCR\YontooIEClient.Layers
(x86) HKCR\YontooIEClient.Layers\CLSID
(x86) HKCR\YontooIEClient.Layers\CurVer
(x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
(x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0
(x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\0
(x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\0\win32
(x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\FLAGS
(x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\HELPDIR
C:\PROGRAM FILES (X86)\YONTOO\YONTOOIECLIENT.DLL
(x86) HKU\S-1-5-21-3446859653-769177064-202415724-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
(x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
(x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
(x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\InprocServer32
(x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\InprocServer32#ThreadingModel
(x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\ProgID
(x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\Programmable
(x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\TypeLib
(x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\VersionIndependentProgID
(x86) HKCR\YontooIEClient.Api.1
(x86) HKCR\YontooIEClient.Api.1\CLSID
(x86) HKCR\YontooIEClient.Api
(x86) HKCR\YontooIEClient.Api\CLSID
(x86) HKCR\YontooIEClient.Api\CurVer
(x86) HKU\S-1-5-21-3446859653-769177064-202415724-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
(x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
(x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ProxyStubClsid32
(x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\TypeLib
(x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\TypeLib#Version
(x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
(x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ProxyStubClsid32
(x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\TypeLib
(x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\TypeLib#Version

Adware.Tracking Cookie
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Cookies\O9QBWYKY.txt [ /synacor.112.2o7.net ]
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Cookies\99BXZACP.txt [ /apmebf.com ]
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Cookies\L9WDI7BX.txt [ /c.atdmt.com ]
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Cookies\XG3LD6W2.txt [ /fastclick.net ]
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Cookies\4NSZRDFN.txt [ /adlegend.com ]
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Cookies\4F42S81Q.txt [ /account.suddenlink.net ]
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Cookies\Z9SAF842.txt [ /ru4.com ]
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Cookies\ZOK6D2RM.txt [ /at.atwola.com ]
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Cookies\36Q8EBH9.txt [ /intermundomedia.com ]
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Cookies\AAF3P670.txt [ /accounts.google.com ]
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Cookies\0200TKNL.txt [ /doubleclick.net ]
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Cookies\D470E5E9.txt [ /collective-media.net ]
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Cookies\FCYYJBFQ.txt [ /ad.yieldmanager.com ]
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Cookies\L6IGEMO9.txt [ /mediaplex.com ]
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Cookies\AGPUHZ5Z.txt [ /advertising.com ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\A5C5IPCR.txt [ Cookie:alonzo@apmebf.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\8CYQZ7FQ.txt [ Cookie:alonzo@www.pornrabbit.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\ARAV0NNF.txt [ Cookie:alonzo@www.xyztraffic.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\XGB4SZIF.txt [ Cookie:alonzo@verizontelecom.112.2o7.net/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\MV8JEL6R.txt [ Cookie:alonzo@tracking.offersconvert.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\QPO6GDI2.txt [ Cookie:alonzo@ads.bridgetrack.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\9E5R4KMG.txt [ Cookie:alonzo@ads.pointroll.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\M42I30QG.txt [ Cookie:alonzo@statse.webtrendslive.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\WGQ3JCCG.txt [ Cookie:alonzo@t.afftrackr.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\DNKP99T2.txt [ Cookie:alonzo@xxxymovies.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\VQ9ZDH7R.txt [ Cookie:alonzo@harrenmedianetwork.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\12RG5RJ7.txt [ Cookie:alonzo@fastclick.net/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\QJ05ESV3.txt [ Cookie:alonzo@www.pornhub.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\HYMMSC32.txt [ Cookie:alonzo@ads.crakmedia.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\HOO86DHV.txt [ Cookie:alonzo@edge.jeetyetmedia.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\9K41Q3E4.txt [ Cookie:alonzo@www.pornup.me/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\2GMSYLF9.txt [ Cookie:alonzo@www.popuptraffic.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\316I8OX0.txt [ Cookie:alonzo@adlegend.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\TRAA8I66.txt [ Cookie:alonzo@ads.ventivmedia.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\YK0B3ZAF.txt [ Cookie:alonzo@www.xxxkinky.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\JYPXUPIH.txt [ Cookie:alonzo@amazon-adsystem.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\SK8DLOCF.txt [ Cookie:alonzo@alotporn.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\TFQW5GMM.txt [ Cookie:alonzo@www.adxpansion.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\T29QIW53.txt [ Cookie:alonzo@legolas-media.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q82DH6OA.txt [ Cookie:alonzo@jeetyetmedia.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\LMEN0H0F.txt [ Cookie:alonzo@openx.jeetyetmedia.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\8WXHGV7H.txt [ Cookie:alonzo@www.mofosex.com/videos/26477/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\8OA5ZSC0.txt [ Cookie:alonzo@pornerbros.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\B0NASA71.txt [ Cookie:alonzo@fidelity.rotator.hadj7.adjuggler.net/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\D5S2I6QJ.txt [ Cookie:alonzo@account.suddenlink.net/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\V42OS2B4.txt [ Cookie:alonzo@yieldmanager.net/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\5X5R72PG.txt [ Cookie:alonzo@at.atwola.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\L33XWCNI.txt [ Cookie:alonzo@revsci.net/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\AG3DXX1J.txt [ Cookie:alonzo@ru4.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\3X5TKGLZ.txt [ Cookie:alonzo@sales.liveperson.net/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\CVMNKCQM.txt [ Cookie:alonzo@kanoodle.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\2INSQ8U8.txt [ Cookie:alonzo@toplist.cz/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\2EMGX29S.txt [ Cookie:alonzo@www.pornoxo.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\VE2B3YZP.txt [ Cookie:alonzo@mofosex.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\XSN37DTJ.txt [ Cookie:alonzo@auto-price-finder.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\DU2ILLFB.txt [ Cookie:alonzo@hardsextube.com/video/442300/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\P0LDDRQO.txt [ Cookie:alonzo@interclick.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\HAUIT09D.txt [ Cookie:alonzo@pornper.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\IQX7XLMF.txt [ Cookie:alonzo@go.trafficshop.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\LQQ5HIOL.txt [ Cookie:alonzo@zedo.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\82S81374.txt [ Cookie:alonzo@pointroll.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\9UTZ2R38.txt [ Cookie:alonzo@ads2.zeusclicks.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\FGAW9FHM.txt [ Cookie:alonzo@ar.atwola.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\1BK1Q4X3.txt [ Cookie:alonzo@exoclick.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\39YPVFVK.txt [ Cookie:alonzo@intermundomedia.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\MJ414JRO.txt [ Cookie:alonzo@pads1.go2cloud.org/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\0EYUNRYK.txt [ Cookie:alonzo@doubleclick.net/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\4K93RAVY.txt [ Cookie:alonzo@ad.mlnadvertising.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\QHP9P4VQ.txt [ Cookie:alonzo@media6degrees.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\LW5MXBKJ.txt [ Cookie:alonzo@micklemedia.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\EK9WXVHM.txt [ Cookie:alonzo@clkads.com/adServe ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\UKSTQE5Y.txt [ Cookie:alonzo@questionmarket.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\5VOI11QJ.txt [ Cookie:alonzo@www.hdporn.in/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\WE9T76S2.txt [ Cookie:alonzo@ad.yieldmanager.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\32OCR5ST.txt [ Cookie:alonzo@collective-media.net/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\OXNVES6U.txt [ Cookie:alonzo@www.pornper.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\FZBN9PBV.txt [ Cookie:alonzo@adultfriendfinder.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\M0M7RWA8.txt [ Cookie:alonzo@clkads.com/adServe/banners ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\YTO9SRWB.txt [ Cookie:alonzo@hitbox.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\CUMHXJMF.txt [ Cookie:alonzo@mediaplex.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\NYR9E5KC.txt [ Cookie:alonzo@adxpose.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\LICX59IM.txt [ Cookie:alonzo@serving-sys.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\TJC4S2EK.txt [ Cookie:alonzo@adbrite.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\VDYJ7CMM.txt [ Cookie:alonzo@atdmt.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\NIGUEMTC.txt [ Cookie:alonzo@pornoxo.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\J4ER75VZ.txt [ Cookie:alonzo@themis-media.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\M24J73XZ.txt [ Cookie:alonzo@www.pornerbros.com/118295/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\K4AMRGL7.txt [ Cookie:alonzo@invitemedia.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\VIJPCLZ7.txt [ Cookie:alonzo@xyztraffic.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\PLGB6A1P.txt [ Cookie:alonzo@advertising.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\YQBEITYX.txt [ Cookie:alonzo@www.sexoncube.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\KW7SOUKT.txt [ Cookie:alonzo@casalemedia.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y76PAQFF.txt [ Cookie:alonzo@ehg-verizon.hitbox.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\T21TO5P5.txt [ Cookie:alonzo@statcounter.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\91TU4ZAG.txt [ Cookie:alonzo@tracking.hostgator.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\EKSJDBM9.txt [ Cookie:alonzo@www.burstnet.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\LYP219P3.txt [ Cookie:alonzo@insightexpressai.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\AOCF31HP.txt [ Cookie:alonzo@alphaporno.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\7UVDHPGX.txt [ Cookie:alonzo@adnet.affinity.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\5JS7TB2Y.txt [ Cookie:alonzo@yadro.ru/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y8Z4BSV7.txt [ Cookie:alonzo@media-servers.net/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\49WY9ZQP.txt [ Cookie:alonzo@1click-downloader.net/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z2FQTMFJ.txt [ Cookie:alonzo@liveperson.net/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\T5IPK8CG.txt [ Cookie:alonzo@cpvtrack202.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\VCHI1HTC.txt [ Cookie:alonzo@panzertraffic.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\PA38FGUL.txt [ Cookie:alonzo@www.hardsextube.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\A9JBM9PI.txt [ Cookie:alonzo@xxxdating.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\32J5EADT.txt [ Cookie:alonzo@www.xxxdating.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\8YMDE8QT.txt [ Cookie:alonzo@h2porn.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\RFSOL7XA.txt [ Cookie:alonzo@www.googleadservices.com/pagead/conversion/999261356/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\WFSOVPAL.txt [ Cookie:alonzo@traveladvertising.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\TV0P3VG4.txt [ Cookie:alonzo@cyberporn.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\RO9E40RY.txt [ Cookie:alonzo@www.pornyeah.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\ULRHAVAJ.txt [ Cookie:alonzo@bestporntube.me/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\ACZDLGXA.txt [ Cookie:alonzo@www.mofosex.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\TO0A5GIJ.txt [ Cookie:alonzo@adultadworld.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\42FPBO8I.txt [ Cookie:alonzo@media.adfrontiers.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\QSVN85UH.txt [ Cookie:alonzo@saymedia.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\A60I8KGQ.txt [ Cookie:alonzo@www.freeporn.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZGNM3RVQ.txt [ Cookie:alonzo@ees.rotator.hadj1.adjuggler.net/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\V1M3F6PC.txt [ Cookie:alonzo@2o7.net/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\CKJZV4CF.txt [ Cookie:alonzo@pornbanana.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\9BIX3018.txt [ Cookie:alonzo@www.xxxymovies.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\2CYAYQNB.txt [ Cookie:alonzo@myroitracking.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\R3X0FH73.txt [ Cookie:alonzo@sunporno.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\LIZJA7Z0.txt [ Cookie:alonzo@click.searchnation.net/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\66U4NAS2.txt [ Cookie:alonzo@adserver.hardsextube.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\3TJZURMY.txt [ Cookie:alonzo@sexoncube.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\9PM7CDMS.txt [ Cookie:alonzo@freeporn.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\53Y29JGL.txt [ Cookie:alonzo@ads.pornerbros.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\MO6R0QTK.txt [ Cookie:alonzo@www.freecamsexposed.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\BUMZ62ST.txt [ Cookie:alonzo@www.autobrokersexpress.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\XDORVXYA.txt [ Cookie:alonzo@hardsextube.com/video/1037843/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\X6JRK4JU.txt [ Cookie:alonzo@hardsextube.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\LQQLZNCV.txt [ Cookie:alonzo@traffic.prod.cobaltgroup.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\NK2BPFS6.txt [ Cookie:alonzo@www.mediafire.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\8G1CA4C9.txt [ Cookie:alonzo@findology.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\BYMS285A.txt [ Cookie:alonzo@xxxhdtube.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y388N3RZ.txt [ Cookie:alonzo@sexytube.me/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\ERHSJSWB.txt [ Cookie:alonzo@ptbmediabuys.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\I3W8LA19.txt [ Cookie:alonzo@service.clicksvenue.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\VSYV31SJ.txt [ Cookie:alonzo@videos.xxxdating.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\3BJ6AVTF.txt [ Cookie:alonzo@acrossmainsex.org/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\QBC9X5NI.txt [ Cookie:alonzo@trafficholder.com/cgi-bin/traffic/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\YDT4EZPC.txt [ Cookie:alonzo@realmedia.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\R622NDOG.txt [ Cookie:alonzo@burstnet.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\PBR01AC0.txt [ Cookie:alonzo@www.qsstats.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\MAPZDQOS.txt [ Cookie:alonzo@www.hdporn.in/content/17707/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\SSOV51ZX.txt [ Cookie:alonzo@www.youporn.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\TMT75FGW.txt [ Cookie:alonzo@aff.attractiontracker.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\6ZGPR10C.txt [ Cookie:alonzo@www.freepornsite.me/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\RS2J8N1M.txt [ Cookie:alonzo@www.bestporntube.me/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\BJ6AAOJA.txt [ Cookie:alonzo@steelhousemedia.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\KITORBQC.txt [ Cookie:alonzo@pu.trafficshop.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\21N8SNZH.txt [ Cookie:alonzo@hdporn.in/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\P9THV10H.txt [ Cookie:alonzo@media.charter.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\N28TF14L.txt [ Cookie:alonzo@tag.admeld.com/ad/iframe/676/petfinder/728x90/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZSXT2KXJ.txt [ Cookie:alonzo@bleepmates.mobi/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\2G1HTGRL.txt [ Cookie:alonzo@pornyeah.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\HKAY3B0T.txt [ Cookie:alonzo@in.getclicky.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\T8UI0NOO.txt [ Cookie:alonzo@sexvideoshub.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\3SQ868EK.txt [ Cookie:alonzo@www.socialsex.biz/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZF7G28IN.txt [ Cookie:alonzo@freepornvs.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\KZN2CHMV.txt [ Cookie:alonzo@petfinder.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\JEE231TV.txt [ Cookie:alonzo@autobrokersexpress.com/ ]
C:\USERS\ALONZO\AppData\Roaming\Microsoft\Windows\Cookies\Low\AYTOEBBU.txt [ Cookie:alonzo@tag.admeld.com/ad/iframe/676/petfinder/160x600/ ]
C:\USERS\ALONZO\Cookies\99BXZACP.txt [ Cookie:alonzo@apmebf.com/ ]
C:\USERS\ALONZO\Cookies\L9WDI7BX.txt [ Cookie:alonzo@c.atdmt.com/ ]
C:\USERS\ALONZO\Cookies\XG3LD6W2.txt [ Cookie:alonzo@fastclick.net/ ]
C:\USERS\ALONZO\Cookies\4NSZRDFN.txt [ Cookie:alonzo@adlegend.com/ ]
C:\USERS\ALONZO\Cookies\4F42S81Q.txt [ Cookie:alonzo@account.suddenlink.net/ ]
C:\USERS\ALONZO\Cookies\Z9SAF842.txt [ Cookie:alonzo@ru4.com/ ]
C:\USERS\ALONZO\Cookies\ZOK6D2RM.txt [ Cookie:alonzo@at.atwola.com/ ]
C:\USERS\ALONZO\Cookies\36Q8EBH9.txt [ Cookie:alonzo@intermundomedia.com/ ]
C:\USERS\ALONZO\Cookies\0200TKNL.txt [ Cookie:alonzo@doubleclick.net/ ]
C:\USERS\ALONZO\Cookies\D470E5E9.txt [ Cookie:alonzo@collective-media.net/ ]
C:\USERS\ALONZO\Cookies\FCYYJBFQ.txt [ Cookie:alonzo@ad.yieldmanager.com/ ]
C:\USERS\ALONZO\Cookies\L6IGEMO9.txt [ Cookie:alonzo@mediaplex.com/ ]
C:\USERS\ALONZO\Cookies\AGPUHZ5Z.txt [ Cookie:alonzo@advertising.com/ ]

Rebooting and posting next steps

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:06 AM

Posted 19 November 2012 - 09:07 PM

:thumbup2:

#5 dbteepo

dbteepo
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 20 November 2012 - 12:24 AM

C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\Alonzo\AppData\Local\Temp\YontooSetup-S.exe multiple threats cleaned by deleting - quarantined


MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Alonzo (administrator) on 19-11-2012 at 23:03:42
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
802.11n Wireless LAN Card = Wireless Network Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : 802.11n Wireless LAN Card
Physical Address. . . . . . . . . : AC-81-12-88-8C-8D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8caa:954d:3b29:4459%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, November 19, 2012 8:06:50 PM
Lease Expires . . . . . . . . . . : Friday, December 27, 2148 5:32:09 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 262963474
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-35-21-5D-38-60-77-3E-00-65
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 38-60-77-3E-00-65
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5d1c:4809:3f4b:1179%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.9(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, November 19, 2012 8:06:44 PM
Lease Expires . . . . . . . . . . : Friday, December 27, 2148 5:32:09 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 272130167
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-35-21-5D-38-60-77-3E-00-65
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:30ae:3075:b53d:aa26(Preferred)
Link-local IPv6 Address . . . . . : fe80::30ae:3075:b53d:aa26%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 2607:f8b0:4000:800::1003
74.125.227.98
74.125.227.99
74.125.227.100
74.125.227.101
74.125.227.102
74.125.227.103
74.125.227.104
74.125.227.105
74.125.227.110
74.125.227.96
74.125.227.97


Pinging google.com [74.125.227.100] with 32 bytes of data:
Reply from 74.125.227.100: bytes=32 time=473ms TTL=47
Reply from 74.125.227.100: bytes=32 time=53ms TTL=47

Ping statistics for 74.125.227.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 53ms, Maximum = 473ms, Average = 263ms
Server: UnKnown
Address: 192.168.2.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=277ms TTL=53
Reply from 72.30.38.140: bytes=32 time=110ms TTL=53

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 110ms, Maximum = 277ms, Average = 193ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...ac 81 12 88 8c 8d ......802.11n Wireless LAN Card
13...38 60 77 3e 00 65 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
12...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.9 20
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.10 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.9 276
192.168.2.0 255.255.255.0 On-link 192.168.2.10 281
192.168.2.9 255.255.255.255 On-link 192.168.2.9 276
192.168.2.10 255.255.255.255 On-link 192.168.2.10 281
192.168.2.255 255.255.255.255 On-link 192.168.2.9 276
192.168.2.255 255.255.255.255 On-link 192.168.2.10 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.9 276
224.0.0.0 240.0.0.0 On-link 192.168.2.10 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.9 276
255.255.255.255 255.255.255.255 On-link 192.168.2.10 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:9d38:6ab8:30ae:3075:b53d:aa26/128
On-link
13 276 fe80::/64 On-link
14 281 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::30ae:3075:b53d:aa26/128
On-link
13 276 fe80::5d1c:4809:3f4b:1179/128
On-link
14 281 fe80::8caa:954d:3b29:4459/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
13 276 ff00::/8 On-link
14 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/19/2012 03:45:15 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16455 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 7b8

Start Time: 01cdc69eefc1bc9a

Termination Time: 25

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (11/18/2012 03:22:39 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16455, time stamp: 0x507284ba
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x726ce294
Faulting process id: 0x169c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/12/2012 11:20:57 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 -- Error 1935.An error occurred during the installation of assembly 'Microsoft.VC90.ATL,version="9.0.30729.6161",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32"'. Please refer to Help and Support for more information. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, component: {74C57B6B-FF6E-3825-BED2-78E14E3E0E3C}

Error: (11/07/2012 11:15:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0x12c4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/05/2012 06:25:09 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {624f63f1-f448-40a9-a730-954225d4b23b}

Error: (11/04/2012 02:18:49 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6
Faulting module name: YontooIEClient.dll_unloaded, version: 0.0.0.0, time stamp: 0x50259122
Exception code: 0xc0000005
Fault offset: 0x6818e6f1
Faulting process id: 0x14a8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/03/2012 08:35:29 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6
Faulting module name: YontooIEClient.dll_unloaded, version: 0.0.0.0, time stamp: 0x50259122
Exception code: 0xc0000005
Fault offset: 0x693fe36b
Faulting process id: 0x11a4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/03/2012 03:02:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0xf40
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (10/21/2012 05:07:51 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6
Faulting module name: webplayer_win.dll_unloaded, version: 0.0.0.0, time stamp: 0x50603b19
Exception code: 0xc0000005
Fault offset: 0x1fb1f01c
Faulting process id: 0x1140
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (10/18/2012 05:12:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16450, time stamp: 0x503723f6
Faulting module name: YontooIEClient.dll, version: 1.10.1.0, time stamp: 0x50259122
Exception code: 0xc0000005
Fault offset: 0x00008fff
Faulting process id: 0xec4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3


System errors:
=============
Error: (11/19/2012 03:39:57 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:37:36 PM on ?11/?19/?2012 was unexpected.

Error: (11/17/2012 09:02:46 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (11/17/2012 09:02:37 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (11/17/2012 09:02:27 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (11/17/2012 09:02:18 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (11/17/2012 09:02:11 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (11/17/2012 09:02:02 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (11/17/2012 09:01:53 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (11/17/2012 09:01:45 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (11/17/2012 09:01:38 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.


Microsoft Office Sessions:
=========================
Error: (11/19/2012 03:45:15 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.164557b801cdc69eefc1bc9a25C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (11/18/2012 03:22:39 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16455507284baunknown0.0.0.000000000c0000005726ce294169c01cdc56e3dc2a66bC:\Program Files (x86)\Internet Explorer\iexplore.exeunknown7ebff3e5-3161-11e2-b205-3860773e0065

Error: (11/12/2012 11:20:57 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 -- Error 1935.An error occurred during the installation of assembly 'Microsoft.VC90.ATL,version="9.0.30729.6161",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32"'. Please refer to Help and Support for more information. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, component: {74C57B6B-FF6E-3825-BED2-78E14E3E0E3C}(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/07/2012 11:15:16 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16450503723f6ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c312c401cdbd6f79fedb86C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll47c62cae-2963-11e2-9c64-3860773e0065

Error: (11/05/2012 06:25:09 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {624f63f1-f448-40a9-a730-954225d4b23b}

Error: (11/04/2012 02:18:49 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16450503723f6YontooIEClient.dll_unloaded0.0.0.050259122c00000056818e6f114a801cdba650254e7b7C:\Program Files (x86)\Internet Explorer\iexplore.exeYontooIEClient.dll423ab1b6-2658-11e2-85e3-3860773e0065

Error: (11/03/2012 08:35:29 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16450503723f6YontooIEClient.dll_unloaded0.0.0.050259122c0000005693fe36b11a401cdba350a184f24C:\Program Files (x86)\Internet Explorer\iexplore.exeYontooIEClient.dll4ba6f6bc-2628-11e2-85e3-3860773e0065

Error: (11/03/2012 03:02:59 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16450503723f6ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c3f4001cdba05780bf311C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dlld8a76fb8-25f9-11e2-85e3-3860773e0065

Error: (10/21/2012 05:07:51 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16450503723f6webplayer_win.dll_unloaded0.0.0.050603b19c00000051fb1f01c114001cdafddd6391f88C:\Program Files (x86)\Internet Explorer\iexplore.exewebplayer_win.dll228002bb-1bd4-11e2-9a98-3860773e0065

Error: (10/18/2012 05:12:06 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16450503723f6YontooIEClient.dll1.10.1.050259122c000000500008fffec401cdad800acaa7e4C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Yontoo\YontooIEClient.dll3bd3694b-1979-11e2-a6f3-3860773e0065


CodeIntegrity Errors:
===================================
Date: 2012-11-16 01:47:23.121
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 01:47:23.121
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-16 01:47:23.121
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

1ClickDownloader (Version: 2.7 Build 26473)
802.11n Wireless LAN Card (Version: 3.01.18.0)
Adobe AIR (Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.110)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Media Foundation Decoders (Version: 1.0.60629.2348)
AMD VISION Engine Control Center (Version: 2011.0630.16.41755)
APB Reloaded (Version: 1.5.3.598547)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Bejeweled 3 (Version: 2.2.0.97)
Bing Bar (Version: 7.0.610.0)
BitLord 2.1 (Version: 2.1.1-91)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.97)
Blio (Version: 3.2.9594)
Bounce Symphony (Version: 2.2.0.97)
Cake Mania (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0630.16.41755)
Catalyst Control Center InstallProxy (Version: 2011.0630.16.41755)
Catalyst Control Center Localization All (Version: 2011.0630.16.41755)
ccc-utility64 (Version: 2011.0630.16.41755)
CCC Help Chinese Standard (Version: 2011.0630.0015.41755)
CCC Help Chinese Traditional (Version: 2011.0630.0015.41755)
CCC Help Czech (Version: 2011.0630.0015.41755)
CCC Help Danish (Version: 2011.0630.0015.41755)
CCC Help Dutch (Version: 2011.0630.0015.41755)
CCC Help English (Version: 2011.0630.0015.41755)
CCC Help Finnish (Version: 2011.0630.0015.41755)
CCC Help French (Version: 2011.0630.0015.41755)
CCC Help German (Version: 2011.0630.0015.41755)
CCC Help Greek (Version: 2011.0630.0015.41755)
CCC Help Hungarian (Version: 2011.0630.0015.41755)
CCC Help Italian (Version: 2011.0630.0015.41755)
CCC Help Japanese (Version: 2011.0630.0015.41755)
CCC Help Korean (Version: 2011.0630.0015.41755)
CCC Help Norwegian (Version: 2011.0630.0015.41755)
CCC Help Polish (Version: 2011.0630.0015.41755)
CCC Help Portuguese (Version: 2011.0630.0015.41755)
CCC Help Russian (Version: 2011.0630.0015.41755)
CCC Help Spanish (Version: 2011.0630.0015.41755)
CCC Help Swedish (Version: 2011.0630.0015.41755)
CCC Help Thai (Version: 2011.0630.0015.41755)
CCC Help Turkish (Version: 2011.0630.0015.41755)
Chronicles of Albian (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
Cradle of Rome 2 (Version: 2.2.0.95)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.4.0316)
Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.17.01.801 (Version: 01.17.01.8018)
ESET Online Scanner v3
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.97)
GamersFirst LIVE!
Google Chrome (Version: 23.0.1271.64)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Games (Version: 1.0.2.5)
HP LinkUp (Version: 2.01.028)
HP MovieStore (Version: 1.0.057)
HP MovieStore (Version: 2.0)
HP Odometer (Version: 2.10.0000)
HP Setup (Version: 8.7.4747.3786)
HP Setup Manager (Version: 1.1.13880.3792)
HP Support Assistant (Version: 6.1.12.1)
HP Support Information (Version: 10.1.1000)
HP Update (Version: 5.003.001.001)
HP Vision Hardware Diagnostics (Version: 2.9.0.0)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Jewel Quest: The Sleepless Star - Collector's Edition (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Kobo (Version: 1.6)
LabelPrint (Version: 2.5.3925)
League of Legends (Version: 1.3)
LG Verizon United Drivers (Version: 2.7.1)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
McAfee SecurityCenter (Version: 11.6.435)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mathematics (Version: 4.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery of Mortlake Mansion (Version: 2.2.0.97)
Namco All-Stars: PAC-MAN (Version: 2.2.0.95)
Norton Online Backup (Version: 2.1.17869)
NVIDIA PhysX (Version: 9.10.0129)
Pando Media Booster (Version: 2.6.0.8)
PDF Complete Special Edition (Version: 4.0.54)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.5331)
PressReader (Version: 5.10.1217.0)
PunkBuster Services (Version: 0.993)
Realtek High Definition Audio Driver (Version: 6.0.1.6531)
Recovery Manager (Version: 5.5.0.4320)
Remote Graphics Receiver (Version: 5.4.5)
RoxioNow Player (Version: 1.9.5.103)
Shared C Run-time for x64 (Version: 10.0.0)
Skype™ 6.0 (Version: 6.0.120)
Slingo Supreme (Version: 2.2.0.97)
SUPERAntiSpyware (Version: 5.6.1014)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Vacation Quest - The Hawaiian Islands (Version: 2.2.0.97)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
WildTangent Games App (Version: 4.0.9.7)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
World of Warcraft (Version: 5.0.5.16057)
Xfire (remove only)
Yontoo 1.10.02 (Version: 1.10.02)
Zinio Reader 4 (Version: 4.2.4164)
Zuma Deluxe (Version: 2.2.0.95)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 7666.81 MB
Available physical RAM: 5637.9 MB
Total Pagefile: 15331.81 MB
Available Pagefile: 12358.97 MB
Total Virtual: 4095.88 MB
Available Virtual: 3960.43 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:919.71 GB) (Free:826.58 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.71 GB) (Free:1.43 GB) NTFS
3 Drive e: (FORGETTING_SARAH_MARSHALL) (CDROM) (Total:7.88 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\HP

Administrator Alonzo ASPNET
Guest


**** End of log ****

Ad aware after this.

#6 dbteepo

dbteepo
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 20 November 2012 - 12:36 AM

# AdwCleaner v2.008 - Logfile created 11/19/2012 at 23:26:23
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Alonzo - HP
# Boot Mode : Normal
# Running from : C:\Users\Alonzo\Desktop\Infections\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Alonzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Alonzo\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [2705 octets] - [19/11/2012 23:26:23]

########## EOF - C:\AdwCleaner[S2].txt - [2765 octets] ##########

Thanks for the help bud.

#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:06 AM

Posted 20 November 2012 - 07:23 PM

Run the Hosts Fix it.
http://support.microsoft.com/kb/972034


Download Norman Malware Cleaner Run it Go to options then put a tick next to Enable rootkit cleaning. Hit the Full Scan>>>>>>>>Let it finish>>>>>>>>Go to the quarantine Tab>>>>>>> Tick the Select All>>>>>Then the Delete>>>>>>Quit
http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe
A log will appear on your desktop post that here in your next reply.


REBoot after Norman.

Run the program below as admin hit the scan button allow it to finish then hit the delete button.

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe


Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe



Download Hitman Pro .

http://dl.surfright.nl/HitmanPro36.exe 32 bit

http://dl.surfright.nl/HitmanPro36_x64.exe 64 bit

Start the scan Go to setings.
Un-tick Scan for tracking Cookies.
Go back to scan Tab
Select ok
Then Next
No I only want to perform a one time scan to check this computer.
Enter your email to register.
Next.
After the scan make sure to select quarantine found threats.
Then select activate free license then follow the prompts.
Reboot your machine.

Download the Emsisoft Emergency Kit
http://download1.emsisoft.com/EmsisoftEmergencyKit.zip

Boot Into Safe Mode With Networking.

Right click it and extract to your desktop.Double click the New Folder that is created on your desktop
Then right click and run as admin xp users double click on the Start.exe button to launch the program Click on the Emergency Scanner Option
if you see a Windows message asking if you would like EmergencyScanner.bat to run, please allow it to do so by clicking on the Run or Yes buttons.
proceed with the updates,
When it is done, click on the Back to Security Status link.
Then Select the Deep Scan button. Then hit the Scan Button.
After the scan is finished quarantine any found threats and then reboot your machine.
Post the log.

#8 dbteepo

dbteepo
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 21 November 2012 - 07:30 PM

Sorry about the delay, Emsisoft Emergency Kit took awhile.



==============*** Norman ***==================
Norman Malware Cleaner v2.06.01
Copyright © 1990 - 2012, Norman ASA.

Norman Scanner Engine Version: 7.00.16
nvcbin.def: Version: 7.00.1959, Date: 2012/11/20 07:28:12, Variants: 15679442
nvcmacro.def: Version: 7.00.1959, Date: 2012/11/20 07:28:12, Variants: 0

Operating System: Windows 7 Service Pack 1 x64

Switches: /iagree /cleanrootkit /nosb

Scan started: 2012/11/21 00:00:39

Running pre-scan cleanup routine...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s

Scanning running processes and process memory...

Number of objects found: 901
Number of objects scanned: 901
Number of objects not scanned: 0
Number of malicious memory objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 17s

Scanning system for FakeAV...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s

Running full scan...
C:\ProgramData\Microsoft\Application Virtualization Client\SoftGrid Client\AppFS Storage\140066.ENU-90140011-66-409\GlblVol_sftfs_v1_S-1-5-20.tmp: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Application Virtualization Client\SoftGrid Client\AppFS Storage\140066.ENU-90140011-66-409\GlblVol_sftfs_v1_S-1-5-21-3446859653-769177064-202415724-1000.tmp: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Application Virtualization Client\SoftGrid Client\AppFS Storage\140066.ENU-90140011-66-409\UsrVol_sftfs_v1.tmp: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Application Virtualization Client\SoftGrid Client\sftfs.fsd: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Application Virtualization Client\SoftGrid Client\sftfs.fsG: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve.LOG1: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve.LOG2: Error opening file for read: 0x00000020
C:\Users\Alonzo\AppData\Local\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020
C:\Users\Alonzo\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2: Error opening file for read: 0x00000020

=====================*** JRT ***===========================

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.4.0 (11.21.2012)
OS: Windows 7 Home Premium x64
Ran by Alonzo on Wed 11/21/2012 at 9:31:20.65
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\sweetim"



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Alonzo\appdata\local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\pmlghpafmmnmmkjdhacccolfgnkiboco



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/21/2012 at 9:33:18.26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

=================*** Emsisoft Emergency Kit ***======================

Emsisoft Emergency Kit - Version 3.0
Last update: 11/21/2012 11:31:35 AM

Scan settings:

Scan type: Deep Scan
Objects: Rootkits, Memory, Traces, C:\, D:\

Detect Riskware: Off
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start: 11/21/2012 12:08:30 PM

C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord detected: Trace.File.BitLord 1.1 (A)
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord\BitLord.lnk detected: Trace.File.BitLord 1.1 (A)
C:\Users\Alonzo\Desktop\BitLord.lnk detected: Trace.File.BitLord 1.1 (A)

Scanned 455036
Found 3

Scan end: 11/21/2012 5:53:07 PM
Scan time: 5:44:37

C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord Quarantined Trace.File.BitLord 1.1 (A)
C:\Users\Alonzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord\BitLord.lnk Quarantined Trace.File.BitLord 1.1 (A)
C:\Users\Alonzo\Desktop\BitLord.lnk Quarantined Trace.File.BitLord 1.1 (A)

Quarantined 3

#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:06 AM

Posted 22 November 2012 - 10:43 AM

Anymore issues if so which browser?

#10 dbteepo

dbteepo
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 23 November 2012 - 11:40 AM

Nothing else has happened that I've noticed. Thanks for the help, I hope your thanksgiving went well. I would say that McAfee picked up a trojan it called Artemis!(letters and number) yesterday evening - Would anything I saved and downloaded for this cleanup process be what was detected?

#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:06 AM

Posted 23 November 2012 - 05:31 PM

Most likely a false positive but before we clean up here update and do a full scan with malwarebytes and post the log. :thumbup2:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users