Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to remove virus that opens yieldmanager popups?


  • Please log in to reply
7 replies to this topic

#1 alex200

alex200

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:37 AM

Posted 26 November 2012 - 12:31 AM

I have a virus that opens popup windows on every webpage. By viewing properties on popaps it is mostly came from “content.yieldmanager.edgesuite.net”. I've added this url to list of restricted sites, installed popup blockers, run Avast antivirus but nothing helps to block those adds.
Please could you advise how can I get rid of those pop ups?

Thank you.

BC AdBot (Login to Remove)

 


#2 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:05:37 AM

Posted 26 November 2012 - 02:48 AM

Hi, alex200! I'm going to try to help you out. :)

TDSSKiller

I need you to run a scan using TDSSKiller.

  • Download TDSSKiller from here, and save it to your desktop.
  • Double click the file to launch the program. Once the program starts, click Start Scan. Don't change any default scan settings.
  • Once the scan is finished, you'll find a log in your root drive (usually C: ) that will start with TDSS in the file name, please copy and paste it into your reply.

Malwarebytes

I need you to run a scan with Malwarebytes Anti-Malware.

  • Download MBAM from here, and save it to your desktop.
  • Double-click the installer to run it. During the installation, simply follow the prompts and let the program install. However, if you do not want to start a trial of the full version, please decline, and if offered any external toolbars/programs, feel free to uncheck to install them, unless you want them.
  • Once the program is done installing and updating, select the Perform full scan option on the main interface. The click the Scan button, hit Scan, and let the scan run.
  • Once the scan is finished, a log will pop up. If any malware was found, click the Show Results button, and make sure everything present is checked and click Remove Selected. If MBAM asks you to reboot, do so immediately. Either way, please copy and paste the log into your reply. If your PC is rebooted, you can find the log by opening up MBAM and going to the Logs tab.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#3 alex200

alex200
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:37 AM

Posted 28 November 2012 - 07:36 AM

Hello Gunto,

* Thank you very much for the response :)
* Please see attached logs:

TDSSKiller
21:55:40.0670 4868 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:55:41.0185 4868 ============================================================
21:55:41.0185 4868 Current date / time: 2012/11/27 21:55:41.0185
21:55:41.0185 4868 SystemInfo:
21:55:41.0185 4868
21:55:41.0185 4868 OS Version: 6.1.7601 ServicePack: 1.0
21:55:41.0185 4868 Product type: Workstation
21:55:41.0185 4868 ComputerName: ALEXFR-HP
21:55:41.0185 4868 UserName: alexfr
21:55:41.0185 4868 Windows directory: C:\Windows
21:55:41.0185 4868 System windows directory: C:\Windows
21:55:41.0185 4868 Running under WOW64
21:55:41.0185 4868 Processor architecture: Intel x64
21:55:41.0185 4868 Number of processors: 8
21:55:41.0185 4868 Page size: 0x1000
21:55:41.0185 4868 Boot type: Normal boot
21:55:41.0185 4868 ============================================================
21:55:41.0903 4868 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:55:41.0949 4868 ============================================================
21:55:41.0949 4868 \Device\Harddisk0\DR0:
21:55:41.0949 4868 MBR partitions:
21:55:41.0949 4868 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:55:41.0949 4868 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72D48000
21:55:41.0949 4868 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72D7A800, BlocksNum 0x198B800
21:55:41.0949 4868 ============================================================
21:55:41.0981 4868 C: <-> \Device\Harddisk0\DR0\Partition2
21:55:42.0012 4868 D: <-> \Device\Harddisk0\DR0\Partition3
21:55:42.0043 4868 ============================================================
21:55:42.0043 4868 Initialize success
21:55:42.0043 4868 ============================================================
21:55:56.0660 7916 ============================================================
21:55:56.0660 7916 Scan started
21:55:56.0660 7916 Mode: Manual;
21:55:56.0660 7916 ============================================================
21:55:56.0863 7916 ================ Scan system memory ========================
21:55:56.0863 7916 System memory - ok
21:55:56.0863 7916 ================ Scan services =============================
21:55:57.0050 7916 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:55:57.0050 7916 1394ohci - ok
21:55:57.0066 7916 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:55:57.0066 7916 ACPI - ok
21:55:57.0081 7916 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:55:57.0097 7916 AcpiPmi - ok
21:55:57.0206 7916 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:55:57.0206 7916 AdobeFlashPlayerUpdateSvc - ok
21:55:57.0253 7916 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:55:57.0269 7916 adp94xx - ok
21:55:57.0300 7916 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:55:57.0300 7916 adpahci - ok
21:55:57.0315 7916 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:55:57.0331 7916 adpu320 - ok
21:55:57.0347 7916 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:55:57.0362 7916 AeLookupSvc - ok
21:55:57.0409 7916 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:55:57.0409 7916 AFD - ok
21:55:57.0425 7916 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:55:57.0425 7916 agp440 - ok
21:55:57.0440 7916 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:55:57.0456 7916 ALG - ok
21:55:57.0471 7916 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:55:57.0471 7916 aliide - ok
21:55:57.0503 7916 [ C6F7A4E77158AF1B937F872392FF1B13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:55:57.0503 7916 AMD External Events Utility - ok
21:55:57.0518 7916 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:55:57.0518 7916 amdide - ok
21:55:57.0534 7916 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:55:57.0534 7916 AmdK8 - ok
21:55:57.0674 7916 [ 21D749E3C8140B16C40A8273FD747899 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:55:57.0815 7916 amdkmdag - ok
21:55:57.0846 7916 [ 1AA6F50A8E7F8413377C979CEF5218A5 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:55:57.0846 7916 amdkmdap - ok
21:55:57.0846 7916 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:55:57.0861 7916 AmdPPM - ok
21:55:57.0924 7916 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:55:57.0924 7916 amdsata - ok
21:55:57.0939 7916 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:55:57.0939 7916 amdsbs - ok
21:55:57.0955 7916 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:55:57.0955 7916 amdxata - ok
21:55:58.0002 7916 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:55:58.0002 7916 AppID - ok
21:55:58.0017 7916 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:55:58.0017 7916 AppIDSvc - ok
21:55:58.0033 7916 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:55:58.0033 7916 Appinfo - ok
21:55:58.0049 7916 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:55:58.0064 7916 arc - ok
21:55:58.0080 7916 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:55:58.0080 7916 arcsas - ok
21:55:58.0111 7916 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
21:55:58.0111 7916 aswFsBlk - ok
21:55:58.0158 7916 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:55:58.0158 7916 aswMonFlt - ok
21:55:58.0173 7916 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
21:55:58.0173 7916 aswRdr - ok
21:55:58.0205 7916 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:55:58.0220 7916 aswSnx - ok
21:55:58.0267 7916 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:55:58.0267 7916 aswSP - ok
21:55:58.0283 7916 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
21:55:58.0283 7916 aswTdi - ok
21:55:58.0298 7916 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:55:58.0298 7916 AsyncMac - ok
21:55:58.0329 7916 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:55:58.0329 7916 atapi - ok
21:55:58.0361 7916 [ 637E0753BD6DEB8EA5314A5C357EC1A0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
21:55:58.0361 7916 AtiHdmiService - ok
21:55:58.0392 7916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:55:58.0407 7916 AudioEndpointBuilder - ok
21:55:58.0407 7916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:55:58.0423 7916 AudioSrv - ok
21:55:58.0532 7916 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:55:58.0532 7916 avast! Antivirus - ok
21:55:58.0579 7916 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:55:58.0595 7916 AxInstSV - ok
21:55:58.0610 7916 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:55:58.0610 7916 b06bdrv - ok
21:55:58.0641 7916 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:55:58.0641 7916 b57nd60a - ok
21:55:58.0673 7916 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:55:58.0673 7916 BDESVC - ok
21:55:58.0704 7916 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:55:58.0704 7916 Beep - ok
21:55:58.0766 7916 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:55:58.0782 7916 BFE - ok
21:55:58.0829 7916 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:55:58.0844 7916 BITS - ok
21:55:58.0875 7916 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:55:58.0891 7916 blbdrive - ok
21:55:58.0922 7916 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:55:58.0922 7916 bowser - ok
21:55:58.0938 7916 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:55:58.0938 7916 BrFiltLo - ok
21:55:58.0953 7916 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:55:58.0953 7916 BrFiltUp - ok
21:55:58.0985 7916 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:55:58.0985 7916 Browser - ok
21:55:58.0985 7916 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:55:59.0000 7916 Brserid - ok
21:55:59.0016 7916 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:55:59.0016 7916 BrSerWdm - ok
21:55:59.0031 7916 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:55:59.0031 7916 BrUsbMdm - ok
21:55:59.0047 7916 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:55:59.0047 7916 BrUsbSer - ok
21:55:59.0063 7916 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:55:59.0063 7916 BTHMODEM - ok
21:55:59.0078 7916 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:55:59.0078 7916 bthserv - ok
21:55:59.0094 7916 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:55:59.0094 7916 cdfs - ok
21:55:59.0141 7916 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:55:59.0141 7916 cdrom - ok
21:55:59.0187 7916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:55:59.0187 7916 CertPropSvc - ok
21:55:59.0187 7916 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:55:59.0187 7916 circlass - ok
21:55:59.0203 7916 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:55:59.0219 7916 CLFS - ok
21:55:59.0281 7916 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:55:59.0281 7916 clr_optimization_v2.0.50727_32 - ok
21:55:59.0328 7916 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:55:59.0328 7916 clr_optimization_v2.0.50727_64 - ok
21:55:59.0390 7916 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:55:59.0390 7916 clr_optimization_v4.0.30319_32 - ok
21:55:59.0421 7916 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:55:59.0421 7916 clr_optimization_v4.0.30319_64 - ok
21:55:59.0437 7916 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:55:59.0437 7916 CmBatt - ok
21:55:59.0453 7916 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:55:59.0453 7916 cmdide - ok
21:55:59.0484 7916 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:55:59.0499 7916 CNG - ok
21:55:59.0499 7916 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:55:59.0499 7916 Compbatt - ok
21:55:59.0515 7916 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:55:59.0515 7916 CompositeBus - ok
21:55:59.0515 7916 COMSysApp - ok
21:55:59.0546 7916 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:55:59.0546 7916 crcdisk - ok
21:55:59.0577 7916 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:55:59.0577 7916 CryptSvc - ok
21:55:59.0624 7916 [ 76E02DB615A03801D698199A2BC4A06A ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
21:55:59.0624 7916 dc3d - ok
21:55:59.0671 7916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:55:59.0687 7916 DcomLaunch - ok
21:55:59.0718 7916 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:55:59.0718 7916 defragsvc - ok
21:55:59.0749 7916 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:55:59.0765 7916 DfsC - ok
21:55:59.0796 7916 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:55:59.0796 7916 Dhcp - ok
21:55:59.0811 7916 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:55:59.0811 7916 discache - ok
21:55:59.0827 7916 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:55:59.0827 7916 Disk - ok
21:55:59.0843 7916 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:55:59.0843 7916 Dnscache - ok
21:55:59.0874 7916 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:55:59.0889 7916 dot3svc - ok
21:55:59.0921 7916 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
21:55:59.0936 7916 Dot4 - ok
21:55:59.0967 7916 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
21:55:59.0967 7916 Dot4Print - ok
21:55:59.0999 7916 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
21:55:59.0999 7916 dot4usb - ok
21:56:00.0014 7916 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:56:00.0030 7916 DPS - ok
21:56:00.0045 7916 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:56:00.0045 7916 drmkaud - ok
21:56:00.0092 7916 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:56:00.0092 7916 DXGKrnl - ok
21:56:00.0155 7916 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:56:00.0155 7916 EapHost - ok
21:56:00.0217 7916 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:56:00.0264 7916 ebdrv - ok
21:56:00.0295 7916 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:56:00.0295 7916 EFS - ok
21:56:00.0342 7916 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:56:00.0357 7916 ehRecvr - ok
21:56:00.0373 7916 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:56:00.0389 7916 ehSched - ok
21:56:00.0420 7916 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:56:00.0420 7916 elxstor - ok
21:56:00.0451 7916 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:56:00.0451 7916 ErrDev - ok
21:56:00.0498 7916 esgiguard - ok
21:56:00.0529 7916 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:56:00.0545 7916 EventSystem - ok
21:56:00.0560 7916 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:56:00.0576 7916 exfat - ok
21:56:00.0591 7916 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:56:00.0591 7916 fastfat - ok
21:56:00.0638 7916 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:56:00.0638 7916 Fax - ok
21:56:00.0654 7916 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:56:00.0654 7916 fdc - ok
21:56:00.0685 7916 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:56:00.0701 7916 fdPHost - ok
21:56:00.0732 7916 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:56:00.0732 7916 FDResPub - ok
21:56:00.0763 7916 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:56:00.0763 7916 FileInfo - ok
21:56:00.0763 7916 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:56:00.0779 7916 Filetrace - ok
21:56:00.0794 7916 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:56:00.0794 7916 flpydisk - ok
21:56:00.0825 7916 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:56:00.0825 7916 FltMgr - ok
21:56:00.0872 7916 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:56:00.0903 7916 FontCache - ok
21:56:00.0950 7916 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:56:00.0950 7916 FontCache3.0.0.0 - ok
21:56:00.0966 7916 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:56:00.0981 7916 FsDepends - ok
21:56:00.0997 7916 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:56:01.0013 7916 Fs_Rec - ok
21:56:01.0044 7916 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:56:01.0044 7916 fvevol - ok
21:56:01.0075 7916 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:56:01.0075 7916 gagp30kx - ok
21:56:01.0153 7916 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
21:56:01.0169 7916 GameConsoleService - ok
21:56:01.0200 7916 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:56:01.0215 7916 gpsvc - ok
21:56:01.0215 7916 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:56:01.0215 7916 hcw85cir - ok
21:56:01.0278 7916 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:56:01.0278 7916 HdAudAddService - ok
21:56:01.0325 7916 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:56:01.0325 7916 HDAudBus - ok
21:56:01.0356 7916 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:56:01.0371 7916 HECIx64 - ok
21:56:01.0387 7916 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:56:01.0387 7916 HidBatt - ok
21:56:01.0403 7916 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:56:01.0403 7916 HidBth - ok
21:56:01.0418 7916 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:56:01.0434 7916 HidIr - ok
21:56:01.0449 7916 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:56:01.0449 7916 hidserv - ok
21:56:01.0449 7916 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:56:01.0465 7916 HidUsb - ok
21:56:01.0496 7916 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:56:01.0496 7916 hkmsvc - ok
21:56:01.0527 7916 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:56:01.0543 7916 HomeGroupListener - ok
21:56:01.0574 7916 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:56:01.0574 7916 HomeGroupProvider - ok
21:56:01.0668 7916 [ 170233B8D743EFE35F462A5D516B93E3 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
21:56:01.0668 7916 HP Support Assistant Service - ok
21:56:01.0746 7916 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
21:56:01.0746 7916 HPDrvMntSvc.exe - ok
21:56:01.0902 7916 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:56:01.0918 7916 hpqcxs08 - ok
21:56:01.0933 7916 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:56:01.0933 7916 hpqddsvc - ok
21:56:01.0980 7916 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
21:56:01.0980 7916 hpqwmiex - ok
21:56:02.0011 7916 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:56:02.0027 7916 HpSAMD - ok
21:56:02.0058 7916 [ D972F48D0CE396759B788693CD665926 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:56:02.0074 7916 HPSLPSVC - ok
21:56:02.0120 7916 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:56:02.0136 7916 HTTP - ok
21:56:02.0152 7916 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:56:02.0152 7916 hwpolicy - ok
21:56:02.0183 7916 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:56:02.0183 7916 i8042prt - ok
21:56:02.0214 7916 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:56:02.0230 7916 iaStor - ok
21:56:02.0276 7916 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:56:02.0276 7916 IAStorDataMgrSvc - ok
21:56:02.0308 7916 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:56:02.0308 7916 iaStorV - ok
21:56:02.0339 7916 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:56:02.0354 7916 idsvc - ok
21:56:02.0386 7916 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:56:02.0386 7916 iirsp - ok
21:56:02.0417 7916 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:56:02.0432 7916 IKEEXT - ok
21:56:02.0510 7916 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:56:02.0557 7916 IntcAzAudAddService - ok
21:56:02.0573 7916 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:56:02.0573 7916 intelide - ok
21:56:02.0604 7916 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:56:02.0604 7916 intelppm - ok
21:56:02.0651 7916 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:56:02.0651 7916 IPBusEnum - ok
21:56:02.0682 7916 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:56:02.0682 7916 IpFilterDriver - ok
21:56:02.0729 7916 [ 08C2957BB30058E663720C5606885653 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
21:56:02.0729 7916 IpHlpSvc - ok
21:56:02.0760 7916 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:56:02.0760 7916 IPMIDRV - ok
21:56:02.0776 7916 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:56:02.0776 7916 IPNAT - ok
21:56:02.0807 7916 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:56:02.0822 7916 IRENUM - ok
21:56:02.0822 7916 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:56:02.0838 7916 isapnp - ok
21:56:02.0854 7916 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:56:02.0854 7916 iScsiPrt - ok
21:56:02.0869 7916 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:56:02.0885 7916 kbdclass - ok
21:56:02.0900 7916 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:56:02.0900 7916 kbdhid - ok
21:56:02.0916 7916 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:56:02.0916 7916 KeyIso - ok
21:56:02.0963 7916 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:56:02.0963 7916 KSecDD - ok
21:56:02.0994 7916 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:56:02.0994 7916 KSecPkg - ok
21:56:03.0010 7916 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:56:03.0010 7916 ksthunk - ok
21:56:03.0041 7916 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:56:03.0056 7916 KtmRm - ok
21:56:03.0072 7916 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:56:03.0072 7916 LanmanServer - ok
21:56:03.0119 7916 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:56:03.0119 7916 LanmanWorkstation - ok
21:56:03.0181 7916 [ 7550D101BF49FDB1F92666A233EE36C4 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
21:56:03.0181 7916 LightScribeService - ok
21:56:03.0228 7916 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:56:03.0228 7916 lltdio - ok
21:56:03.0244 7916 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:56:03.0259 7916 lltdsvc - ok
21:56:03.0275 7916 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:56:03.0275 7916 lmhosts - ok
21:56:03.0353 7916 [ E38775922D4A4C05B5D96733AB4CE169 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:56:03.0353 7916 LMS - ok
21:56:03.0400 7916 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:56:03.0400 7916 LSI_FC - ok
21:56:03.0415 7916 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:56:03.0415 7916 LSI_SAS - ok
21:56:03.0431 7916 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:56:03.0431 7916 LSI_SAS2 - ok
21:56:03.0446 7916 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:56:03.0462 7916 LSI_SCSI - ok
21:56:03.0478 7916 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:56:03.0478 7916 luafv - ok
21:56:03.0509 7916 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:56:03.0509 7916 Mcx2Svc - ok
21:56:03.0524 7916 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:56:03.0524 7916 megasas - ok
21:56:03.0540 7916 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:56:03.0540 7916 MegaSR - ok
21:56:03.0618 7916 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:56:03.0618 7916 Microsoft Office Groove Audit Service - ok
21:56:03.0634 7916 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:56:03.0634 7916 MMCSS - ok
21:56:03.0649 7916 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:56:03.0665 7916 Modem - ok
21:56:03.0680 7916 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:56:03.0680 7916 monitor - ok
21:56:03.0696 7916 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:56:03.0696 7916 mouclass - ok
21:56:03.0712 7916 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:56:03.0712 7916 mouhid - ok
21:56:03.0743 7916 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:56:03.0758 7916 mountmgr - ok
21:56:03.0790 7916 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:56:03.0790 7916 MpFilter - ok
21:56:03.0805 7916 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:56:03.0821 7916 mpio - ok
21:56:03.0821 7916 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:56:03.0836 7916 mpsdrv - ok
21:56:03.0899 7916 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:56:03.0914 7916 MpsSvc - ok
21:56:03.0946 7916 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:56:03.0946 7916 MRxDAV - ok
21:56:03.0992 7916 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:56:03.0992 7916 mrxsmb - ok
21:56:04.0024 7916 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:56:04.0024 7916 mrxsmb10 - ok
21:56:04.0039 7916 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:56:04.0039 7916 mrxsmb20 - ok
21:56:04.0070 7916 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:56:04.0070 7916 msahci - ok
21:56:04.0133 7916 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
21:56:04.0133 7916 MSCamSvc - ok
21:56:04.0164 7916 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:56:04.0180 7916 msdsm - ok
21:56:04.0195 7916 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:56:04.0195 7916 MSDTC - ok
21:56:04.0211 7916 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:56:04.0211 7916 Msfs - ok
21:56:04.0258 7916 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:56:04.0258 7916 mshidkmdf - ok
21:56:04.0273 7916 [ BB590070D606AE6F008341FC9A7B2AD7 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
21:56:04.0273 7916 MSHUSBVideo - ok
21:56:04.0304 7916 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:56:04.0304 7916 msisadrv - ok
21:56:04.0320 7916 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:56:04.0336 7916 MSiSCSI - ok
21:56:04.0336 7916 msiserver - ok
21:56:04.0367 7916 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:56:04.0367 7916 MSKSSRV - ok
21:56:04.0398 7916 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:56:04.0398 7916 MsMpSvc - ok
21:56:04.0414 7916 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:56:04.0414 7916 MSPCLOCK - ok
21:56:04.0414 7916 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:56:04.0429 7916 MSPQM - ok
21:56:04.0445 7916 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:56:04.0445 7916 MsRPC - ok
21:56:04.0476 7916 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:56:04.0476 7916 mssmbios - ok
21:56:04.0507 7916 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:56:04.0507 7916 MSTEE - ok
21:56:04.0523 7916 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:56:04.0523 7916 MTConfig - ok
21:56:04.0538 7916 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:56:04.0538 7916 Mup - ok
21:56:04.0585 7916 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:56:04.0601 7916 napagent - ok
21:56:04.0632 7916 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:56:04.0648 7916 NativeWifiP - ok
21:56:04.0710 7916 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:56:04.0726 7916 NDIS - ok
21:56:04.0741 7916 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:56:04.0741 7916 NdisCap - ok
21:56:04.0757 7916 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:56:04.0757 7916 NdisTapi - ok
21:56:04.0804 7916 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:56:04.0804 7916 Ndisuio - ok
21:56:04.0850 7916 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:56:04.0850 7916 NdisWan - ok
21:56:04.0897 7916 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:56:04.0897 7916 NDProxy - ok
21:56:04.0944 7916 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:56:04.0944 7916 Net Driver HPZ12 - ok
21:56:04.0960 7916 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:56:04.0960 7916 NetBIOS - ok
21:56:04.0991 7916 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:56:04.0991 7916 NetBT - ok
21:56:05.0006 7916 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:56:05.0006 7916 Netlogon - ok
21:56:05.0053 7916 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:56:05.0069 7916 Netman - ok
21:56:05.0084 7916 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:56:05.0100 7916 netprofm - ok
21:56:05.0147 7916 [ 064AB63C9A588D2611306AE16D017E7E ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
21:56:05.0162 7916 netr28x - ok
21:56:05.0178 7916 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:56:05.0178 7916 NetTcpPortSharing - ok
21:56:05.0209 7916 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:56:05.0225 7916 nfrd960 - ok
21:56:05.0272 7916 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:56:05.0272 7916 NisDrv - ok
21:56:05.0318 7916 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
21:56:05.0318 7916 NisSrv - ok
21:56:05.0365 7916 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:56:05.0365 7916 NlaSvc - ok
21:56:05.0381 7916 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:56:05.0381 7916 Npfs - ok
21:56:05.0396 7916 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:56:05.0412 7916 nsi - ok
21:56:05.0412 7916 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:56:05.0428 7916 nsiproxy - ok
21:56:05.0474 7916 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:56:05.0521 7916 Ntfs - ok
21:56:05.0521 7916 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:56:05.0537 7916 Null - ok
21:56:05.0568 7916 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:56:05.0568 7916 nvraid - ok
21:56:05.0584 7916 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:56:05.0584 7916 nvstor - ok
21:56:05.0599 7916 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:56:05.0615 7916 nv_agp - ok
21:56:05.0677 7916 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:56:05.0677 7916 odserv - ok
21:56:05.0708 7916 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:56:05.0708 7916 ohci1394 - ok
21:56:05.0740 7916 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:56:05.0755 7916 ose - ok
21:56:05.0771 7916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:56:05.0786 7916 p2pimsvc - ok
21:56:05.0802 7916 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:56:05.0802 7916 p2psvc - ok
21:56:05.0849 7916 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:56:05.0849 7916 Parport - ok
21:56:05.0880 7916 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:56:05.0880 7916 partmgr - ok
21:56:05.0911 7916 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:56:05.0911 7916 PcaSvc - ok
21:56:05.0927 7916 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:56:05.0942 7916 pci - ok
21:56:05.0958 7916 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:56:05.0958 7916 pciide - ok
21:56:05.0974 7916 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:56:05.0974 7916 pcmcia - ok
21:56:05.0989 7916 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:56:06.0005 7916 pcw - ok
21:56:06.0036 7916 pdfcDispatcher - ok
21:56:06.0052 7916 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:56:06.0067 7916 PEAUTH - ok
21:56:06.0145 7916 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:56:06.0161 7916 PerfHost - ok
21:56:06.0239 7916 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:56:06.0270 7916 pla - ok
21:56:06.0317 7916 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:56:06.0332 7916 PlugPlay - ok
21:56:06.0348 7916 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:56:06.0348 7916 Pml Driver HPZ12 - ok
21:56:06.0364 7916 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:56:06.0364 7916 PNRPAutoReg - ok
21:56:06.0379 7916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:56:06.0395 7916 PNRPsvc - ok
21:56:06.0442 7916 [ B8D8EC78B0F9ED8E220506181274F3D3 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
21:56:06.0442 7916 Point64 - ok
21:56:06.0457 7916 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:56:06.0473 7916 PolicyAgent - ok
21:56:06.0488 7916 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:56:06.0504 7916 Power - ok
21:56:06.0535 7916 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:56:06.0551 7916 PptpMiniport - ok
21:56:06.0566 7916 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:56:06.0566 7916 Processor - ok
21:56:06.0582 7916 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:56:06.0598 7916 ProfSvc - ok
21:56:06.0613 7916 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:56:06.0613 7916 ProtectedStorage - ok
21:56:06.0660 7916 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:56:06.0676 7916 Psched - ok
21:56:06.0691 7916 PxHelp20 - ok
21:56:06.0738 7916 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:56:06.0769 7916 ql2300 - ok
21:56:06.0785 7916 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:56:06.0785 7916 ql40xx - ok
21:56:06.0816 7916 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:56:06.0816 7916 QWAVE - ok
21:56:06.0832 7916 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:56:06.0832 7916 QWAVEdrv - ok
21:56:06.0863 7916 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:56:06.0878 7916 RasAcd - ok
21:56:06.0894 7916 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:56:06.0910 7916 RasAgileVpn - ok
21:56:06.0910 7916 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:56:06.0925 7916 RasAuto - ok
21:56:06.0941 7916 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:56:06.0941 7916 Rasl2tp - ok
21:56:06.0972 7916 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:56:06.0988 7916 RasMan - ok
21:56:07.0003 7916 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:56:07.0003 7916 RasPppoe - ok
21:56:07.0019 7916 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:56:07.0019 7916 RasSstp - ok
21:56:07.0050 7916 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:56:07.0050 7916 rdbss - ok
21:56:07.0081 7916 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:56:07.0081 7916 rdpbus - ok
21:56:07.0097 7916 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:56:07.0097 7916 RDPCDD - ok
21:56:07.0112 7916 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:56:07.0112 7916 RDPENCDD - ok
21:56:07.0128 7916 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:56:07.0144 7916 RDPREFMP - ok
21:56:07.0175 7916 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:56:07.0175 7916 RDPWD - ok
21:56:07.0206 7916 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:56:07.0206 7916 rdyboost - ok
21:56:07.0237 7916 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:56:07.0237 7916 RemoteAccess - ok
21:56:07.0284 7916 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:56:07.0284 7916 RemoteRegistry - ok
21:56:07.0315 7916 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:56:07.0331 7916 RpcEptMapper - ok
21:56:07.0331 7916 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:56:07.0331 7916 RpcLocator - ok
21:56:07.0362 7916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:56:07.0362 7916 RpcSs - ok
21:56:07.0378 7916 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:56:07.0378 7916 rspndr - ok
21:56:07.0424 7916 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:56:07.0424 7916 RTL8167 - ok
21:56:07.0440 7916 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:56:07.0440 7916 SamSs - ok
21:56:07.0471 7916 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:56:07.0471 7916 sbp2port - ok
21:56:07.0487 7916 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:56:07.0502 7916 SCardSvr - ok
21:56:07.0549 7916 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:56:07.0549 7916 scfilter - ok
21:56:07.0580 7916 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:56:07.0596 7916 Schedule - ok
21:56:07.0627 7916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:56:07.0627 7916 SCPolicySvc - ok
21:56:07.0674 7916 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:56:07.0674 7916 SDRSVC - ok
21:56:07.0690 7916 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:56:07.0690 7916 secdrv - ok
21:56:07.0721 7916 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:56:07.0736 7916 seclogon - ok
21:56:07.0768 7916 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:56:07.0768 7916 SENS - ok
21:56:07.0783 7916 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:56:07.0783 7916 SensrSvc - ok
21:56:07.0814 7916 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:56:07.0814 7916 Serenum - ok
21:56:07.0830 7916 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:56:07.0830 7916 Serial - ok
21:56:07.0877 7916 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:56:07.0877 7916 sermouse - ok
21:56:07.0924 7916 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:56:07.0924 7916 SessionEnv - ok
21:56:07.0955 7916 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:56:07.0955 7916 sffdisk - ok
21:56:07.0970 7916 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:56:07.0970 7916 sffp_mmc - ok
21:56:07.0986 7916 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:56:07.0986 7916 sffp_sd - ok
21:56:08.0002 7916 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:56:08.0002 7916 sfloppy - ok
21:56:08.0033 7916 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:56:08.0048 7916 SharedAccess - ok
21:56:08.0064 7916 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:56:08.0064 7916 ShellHWDetection - ok
21:56:08.0095 7916 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:56:08.0111 7916 SiSRaid2 - ok
21:56:08.0126 7916 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:56:08.0126 7916 SiSRaid4 - ok
21:56:08.0220 7916 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:56:08.0220 7916 SkypeUpdate - ok
21:56:08.0251 7916 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:56:08.0251 7916 Smb - ok
21:56:08.0267 7916 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:56:08.0267 7916 SNMPTRAP - ok
21:56:08.0282 7916 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:56:08.0282 7916 spldr - ok
21:56:08.0298 7916 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:56:08.0314 7916 Spooler - ok
21:56:08.0407 7916 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:56:08.0485 7916 sppsvc - ok
21:56:08.0516 7916 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:56:08.0516 7916 sppuinotify - ok
21:56:08.0563 7916 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:56:08.0563 7916 srv - ok
21:56:08.0579 7916 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:56:08.0594 7916 srv2 - ok
21:56:08.0610 7916 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:56:08.0610 7916 srvnet - ok
21:56:08.0641 7916 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:56:08.0657 7916 SSDPSRV - ok
21:56:08.0672 7916 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:56:08.0688 7916 SstpSvc - ok
21:56:08.0704 7916 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:56:08.0704 7916 stexstor - ok
21:56:08.0735 7916 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:56:08.0735 7916 StillCam - ok
21:56:08.0766 7916 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:56:08.0782 7916 stisvc - ok
21:56:08.0813 7916 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:56:08.0813 7916 swenum - ok
21:56:08.0828 7916 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:56:08.0844 7916 swprv - ok
21:56:08.0906 7916 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:56:08.0969 7916 SysMain - ok
21:56:08.0984 7916 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:56:08.0984 7916 TabletInputService - ok
21:56:09.0016 7916 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:56:09.0031 7916 TapiSrv - ok
21:56:09.0047 7916 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:56:09.0047 7916 TBS - ok
21:56:09.0109 7916 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:56:09.0172 7916 Tcpip - ok
21:56:09.0234 7916 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:56:09.0250 7916 TCPIP6 - ok
21:56:09.0281 7916 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:56:09.0281 7916 tcpipreg - ok
21:56:09.0281 7916 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:56:09.0296 7916 TDPIPE - ok
21:56:09.0312 7916 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:56:09.0312 7916 TDTCP - ok
21:56:09.0343 7916 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:56:09.0359 7916 tdx - ok
21:56:09.0359 7916 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:56:09.0374 7916 TermDD - ok
21:56:09.0390 7916 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:56:09.0406 7916 TermService - ok
21:56:09.0437 7916 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:56:09.0437 7916 Themes - ok
21:56:09.0452 7916 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:56:09.0452 7916 THREADORDER - ok
21:56:09.0468 7916 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:56:09.0484 7916 TrkWks - ok
21:56:09.0515 7916 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:56:09.0530 7916 TrustedInstaller - ok
21:56:09.0530 7916 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:56:09.0546 7916 tssecsrv - ok
21:56:09.0577 7916 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:56:09.0577 7916 TsUsbFlt - ok
21:56:09.0624 7916 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:56:09.0624 7916 tunnel - ok
21:56:09.0640 7916 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:56:09.0640 7916 uagp35 - ok
21:56:09.0655 7916 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:56:09.0671 7916 udfs - ok
21:56:09.0686 7916 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:56:09.0702 7916 UI0Detect - ok
21:56:09.0749 7916 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:56:09.0749 7916 uliagpkx - ok
21:56:09.0780 7916 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
21:56:09.0796 7916 umbus - ok
21:56:09.0842 7916 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:56:09.0842 7916 UmPass - ok
21:56:09.0920 7916 [ 02C298382359653BEC4C737C2AB7F9C5 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:56:09.0983 7916 UNS - ok
21:56:10.0030 7916 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:56:10.0045 7916 upnphost - ok
21:56:10.0061 7916 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:56:10.0061 7916 usbaudio - ok
21:56:10.0076 7916 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:56:10.0092 7916 usbccgp - ok
21:56:10.0123 7916 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:56:10.0123 7916 usbcir - ok
21:56:10.0139 7916 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:56:10.0139 7916 usbehci - ok
21:56:10.0154 7916 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:56:10.0170 7916 usbhub - ok
21:56:10.0186 7916 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:56:10.0186 7916 usbohci - ok
21:56:10.0201 7916 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:56:10.0217 7916 usbprint - ok
21:56:10.0232 7916 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:56:10.0232 7916 usbscan - ok
21:56:10.0264 7916 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:56:10.0264 7916 USBSTOR - ok
21:56:10.0279 7916 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:56:10.0279 7916 usbuhci - ok
21:56:10.0295 7916 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:56:10.0295 7916 usbvideo - ok
21:56:10.0310 7916 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:56:10.0326 7916 UxSms - ok
21:56:10.0326 7916 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:56:10.0326 7916 VaultSvc - ok
21:56:10.0342 7916 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:56:10.0342 7916 vdrvroot - ok
21:56:10.0388 7916 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:56:10.0388 7916 vds - ok
21:56:10.0420 7916 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:56:10.0420 7916 vga - ok
21:56:10.0435 7916 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:56:10.0451 7916 VgaSave - ok
21:56:10.0482 7916 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:56:10.0482 7916 vhdmp - ok
21:56:10.0513 7916 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:56:10.0513 7916 viaide - ok
21:56:10.0529 7916 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:56:10.0529 7916 volmgr - ok
21:56:10.0560 7916 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:56:10.0560 7916 volmgrx - ok
21:56:10.0607 7916 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:56:10.0607 7916 volsnap - ok
21:56:10.0638 7916 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:56:10.0638 7916 vsmraid - ok
21:56:10.0685 7916 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:56:10.0716 7916 VSS - ok
21:56:10.0732 7916 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:56:10.0747 7916 vwifibus - ok
21:56:10.0747 7916 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:56:10.0747 7916 vwififlt - ok
21:56:10.0778 7916 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:56:10.0794 7916 W32Time - ok
21:56:10.0810 7916 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:56:10.0810 7916 WacomPen - ok
21:56:10.0825 7916 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:56:10.0825 7916 WANARP - ok
21:56:10.0825 7916 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:56:10.0825 7916 Wanarpv6 - ok
21:56:10.0888 7916 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:56:10.0919 7916 WatAdminSvc - ok
21:56:10.0950 7916 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:56:10.0997 7916 wbengine - ok
21:56:11.0012 7916 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:56:11.0028 7916 WbioSrvc - ok
21:56:11.0059 7916 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:56:11.0075 7916 wcncsvc - ok
21:56:11.0090 7916 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:56:11.0090 7916 WcsPlugInService - ok
21:56:11.0122 7916 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:56:11.0122 7916 Wd - ok
21:56:11.0153 7916 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
21:56:11.0153 7916 WDC_SAM - ok
21:56:11.0200 7916 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:56:11.0200 7916 Wdf01000 - ok
21:56:11.0246 7916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:56:11.0246 7916 WdiServiceHost - ok
21:56:11.0262 7916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:56:11.0262 7916 WdiSystemHost - ok
21:56:11.0293 7916 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:56:11.0293 7916 WebClient - ok
21:56:11.0309 7916 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:56:11.0324 7916 Wecsvc - ok
21:56:11.0340 7916 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:56:11.0340 7916 wercplsupport - ok
21:56:11.0371 7916 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:56:11.0371 7916 WerSvc - ok
21:56:11.0387 7916 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:56:11.0387 7916 WfpLwf - ok
21:56:11.0418 7916 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:56:11.0434 7916 WIMMount - ok
21:56:11.0465 7916 WinDefend - ok
21:56:11.0465 7916 WinHttpAutoProxySvc - ok
21:56:11.0496 7916 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:56:11.0512 7916 Winmgmt - ok
21:56:11.0574 7916 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:56:11.0621 7916 WinRM - ok
21:56:11.0699 7916 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:56:11.0699 7916 WinUsb - ok
21:56:11.0730 7916 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:56:11.0746 7916 Wlansvc - ok
21:56:11.0964 7916 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:56:12.0011 7916 wlidsvc - ok
21:56:12.0011 7916 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:56:12.0011 7916 WmiAcpi - ok
21:56:12.0042 7916 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:56:12.0042 7916 wmiApSrv - ok
21:56:12.0058 7916 WMPNetworkSvc - ok
21:56:12.0089 7916 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:56:12.0089 7916 WPCSvc - ok
21:56:12.0104 7916 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:56:12.0104 7916 WPDBusEnum - ok
21:56:12.0120 7916 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:56:12.0136 7916 ws2ifsl - ok
21:56:12.0151 7916 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:56:12.0151 7916 wscsvc - ok
21:56:12.0167 7916 WSearch - ok
21:56:12.0245 7916 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:56:12.0292 7916 wuauserv - ok
21:56:12.0323 7916 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:56:12.0338 7916 WudfPf - ok
21:56:12.0385 7916 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:56:12.0385 7916 WUDFRd - ok
21:56:12.0401 7916 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:56:12.0416 7916 wudfsvc - ok
21:56:12.0432 7916 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:56:12.0448 7916 WwanSvc - ok
21:56:12.0448 7916 ================ Scan global ===============================
21:56:12.0479 7916 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:56:12.0494 7916 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:56:12.0510 7916 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:56:12.0541 7916 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:56:12.0572 7916 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:56:12.0572 7916 [Global] - ok
21:56:12.0572 7916 ================ Scan MBR ==================================
21:56:12.0588 7916 [ 78045E78027FF734B842091B43E0F2F1 ] \Device\Harddisk0\DR0
21:56:12.0744 7916 \Device\Harddisk0\DR0 - ok
21:56:12.0744 7916 ================ Scan VBR ==================================
21:56:12.0744 7916 [ 1627B49FDFA2898D15849041FA341CD4 ] \Device\Harddisk0\DR0\Partition1
21:56:12.0744 7916 \Device\Harddisk0\DR0\Partition1 - ok
21:56:12.0775 7916 [ 155662E5F7671E41BCD161D96FD7EBB8 ] \Device\Harddisk0\DR0\Partition2
21:56:12.0775 7916 \Device\Harddisk0\DR0\Partition2 - ok
21:56:12.0806 7916 [ 90A05C82FBB19C3F88E912AA4A23FC6A ] \Device\Harddisk0\DR0\Partition3
21:56:12.0806 7916 \Device\Harddisk0\DR0\Partition3 - ok
21:56:12.0806 7916 ============================================================
21:56:12.0806 7916 Scan finished
21:56:12.0806 7916 ============================================================
21:56:12.0822 2580 Detected object count: 0
21:56:12.0822 2580 Actual detected object count: 0

Malwarebytes

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.28.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
alexfr :: ALEXFR-HP [administrator]

Protection: Enabled

27/11/2012 10:04:55 PM
mbam-log-2012-11-27 (22-04-55).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 451589
Time elapsed: 1 hour(s), 18 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Thanks again.
-Alex

#4 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:05:37 AM

Posted 28 November 2012 - 08:51 AM

Hi,

Nothing found yet, but there's still other stuff to try.

SUPERAntiSpyware

I need you to run a scan with SUPERAntiSpyware.

  • Download SAS from here, and save it to your desktop.
  • Double click the installer to start the installation. If you do not want to start the trial of the full version, please decline, and feel free to uncheck options to install external toolbars/software, unless you want them. Otherwise, follow the prompts and let the program install.
  • Once the program is done installing and updating, tick the Complete Scan option on the interface, and press the big Scan your Computer... button. Ensure that the options Activate Scan Boost™ > Low boost and Scan inside .ZIP archives are selected and Start Complete Scan.
  • After scanning, be sure to remove all detected threats if any were detected. If asked to reboot to remove threats, do so immediately.
  • Once finished, return to the main interface, go to View Scan Logs and view the newest log. Copy and paste it into your reply.

ESET Online Scanner

I need you to run a scan with ESET Online Scanner.

  • Download the scanner from here, and save it to your desktop.
  • Double click the file to install the program. Once it's done, accept the terms of use and click Start. Be sure the following settings are checked before beginning:
    Scan archives
    Remove found threats
    Scan potentially unwanted applications
    Scan for potentially unsafe applications
    Enable Anti-Stealth technology
  • Once the scan is done, if anything was found, click List of found threats, and then Export to text file..., and save the log to your desktop.
  • Click << Back, and then Finish. If you have to reboot, do so immediately.
  • After ESET finishes scanning and removing threats, copy and paste the log into your reply.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#5 alex200

alex200
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:37 AM

Posted 29 November 2012 - 01:01 AM

Hello,

ESET Online Scanner hasn't found any threats. (I actually didn't find the way to see the log, I don't know if it necessary in case nothing found).

SUPERAntiSpyware detected 320 threats. Please see the log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/28/2012 at 09:00 PM

Application Version : 5.6.1014

Core Rules Database Version : 9655
Trace Rules Database Version: 7467

Scan type : Complete Scan
Total Scan Time : 01:03:08

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 757
Memory threats detected : 0
Registry items scanned : 73028
Registry threats detected : 0
File items scanned : 78794
File threats detected : 320

Adware.Tracking Cookie
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\LG6PEH6U.txt [ /atdmt.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\K52HQHNV.txt [ /zedo.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\A12R1C1B.txt [ /www.googleadservices.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\01KJDLGR.txt [ /saymedia.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\R980K33P.txt [ /2o7.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\GZR3KD4D.txt [ /www.rambler.ru ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\M00XRAX1.txt [ /ru4.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\WYIEW0IE.txt [ /ads.undertone.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\2GXX3RXY.txt [ /ads.networldmedia.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\J2LVOEUE.txt [ /nextag.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\15UDXAT8.txt [ /www2.findbest-games.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\ZGZXXABM.txt [ /c.atdmt.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\E6XLE7XH.txt [ /bs.serving-sys.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\TAO7HKNY.txt [ /ads.pubmatic.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\4B1JFL2P.txt [ /openstat.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\U2KTXKR2.txt [ /xiti.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\L70VSUQE.txt [ /tacoda.at.atwola.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\3HI8GNQR.txt [ /invitemedia.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\WXO3NKC5.txt [ /ads.pointroll.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\VTTFIQOY.txt [ /rutracker.org ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\5DB0PP1U.txt [ /tns-counter.ru ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\1KL1QGDB.txt [ /server.iad.liveperson.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\BG4BUX48.txt [ /media2.legacy.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\AZ4JRRYG.txt [ /www.burstnet.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\U74GMABR.txt [ /adtech.de ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\SFGH8TK1.txt [ /at.atwola.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\YFAWI5VY.txt [ /hotlog.ru ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\3AO708GG.txt [ /mshakers.rotator.hadj7.adjuggler.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\ADBSPIFI.txt [ /ads.eqads.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\HAAX3OP4.txt [ /ads.betweendigital.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\RYXJYXFK.txt [ /lucidmedia.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\BIL32J9Y.txt [ /realmedia.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\22VN3MQ4.txt [ /gsimedia.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\Y7R0LFY5.txt [ /adfarm1.adition.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\WV5MBKP2.txt [ /pro-market.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\4I3WOZ1A.txt [ /traveladvertising.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\EE3FB15Z.txt [ /stats.royalbank.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\UCYLVDMW.txt [ /yadro.ru ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\KNS3KGGR.txt [ /clickfuse.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\RQ6CF1TN.txt [ /spylog.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\EF3JK711.txt [ /liveperson.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\ZE27MFYN.txt [ /legolas-media.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\3JVQX5C3.txt [ /apmebf.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\YKXTUCSU.txt [ /ad.mlnadvertising.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\CR110LW1.txt [ /tribalfusion.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\7FU4DCS8.txt [ /accounts.google.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\AM79YQG3.txt [ /serving-sys.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\RD2J8IRV.txt [ /burstnet.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\9AOSF7PI.txt [ /pointroll.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\8OJ1Z8D0.txt [ /fastclick.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\FU15TO9X.txt [ /validclick.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\O8E8UOGO.txt [ /specificclick.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\52L11A95.txt [ /rambler.ru ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\JVYPK7AL.txt [ /interclick.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\3GO80373.txt [ /s.clickability.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\WJZXO2WW.txt [ /mediaplex.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\KIX4G6SO.txt [ /lfstmedia.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\XALBV1MC.txt [ /adbrite.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\IRM1F99K.txt [ /ads.adk2.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\NF2GZCYA.txt [ /counter.hitmir.ru ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\3ERB82FI.txt [ /cdmedia.rotator.hadj7.adjuggler.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\TB2ABKLX.txt [ /adxpansion.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\1AZFBUAO.txt [ /ads.movpod.in ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\QB9641CU.txt [ /adxpose.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\Q0NUXP0N.txt [ /news.rambler.ru ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\G26KSQ8Q.txt [ /mediaforge.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\GL2YR4PG.txt [ /questionmarket.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\D2DU7E6B.txt [ /revsci.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\MTNNCSQV.txt [ /media6degrees.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\I48M2ZVB.txt [ /imrworldwide.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\G0UE4Y3X.txt [ /directadvert.ru ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\INY23RPI.txt [ /rbc.bridgetrack.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\3T50TNEM.txt [ /ar.atwola.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\3GUV8E2X.txt [ /liveperson.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\Q9IGGCV2.txt [ /casalemedia.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\BE26S6K3.txt [ /atwola.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\H7WOCZZJ.txt [ /ads.pennlive.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\NLWGXRA0.txt [ /yieldmanager.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\IFUL31RF.txt [ /adserver.adtechus.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\1NRIA09P.txt [ /srv1.okramedia.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\N16AF6GL.txt [ /collective-media.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\R5IZG3F4.txt [ /ad.yieldmanager.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\MJZIMUYB.txt [ /insightexpressai.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\T8SL93HO.txt [ /www.googleadservices.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\4N09J8A8.txt [ /autorambler.ru ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\66SG66RQ.txt [ /admarketplace.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\FKMKYWBQ.txt [ /rogersmedia.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\73MEEO5V.txt [ /goclicker.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\WKM56OLT.txt [ /ww251.smartadserver.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\9BW7KSV2.txt [ /ads.bleepingcomputer.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\6DOSAUL5.txt [ /www.googleadservices.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\TJ4L3D04.txt [ /www.googleadservices.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\47C00YF8.txt [ /ad.360yield.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\B7I999X6.txt [ /banners.adcontrol.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\GZE51G6Q.txt [ /www.clicker.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\H97NVSRM.txt [ /7.rotator.wigetmedia.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\R9W5XXJI.txt [ /liveperson.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\UEBES8VR.txt [ /horoscopes.rambler.ru ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\Y8FB6VRZ.txt [ /www.googleadservices.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\MV1B5PPZ.txt [ /www.googleadservices.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\F6IN0DEI.txt [ /brownshoe.112.2o7.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\SWLO8C7H.txt [ /vitamine.networldmedia.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\T2AOC10B.txt [ /kaspersky.122.2o7.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\AW05C2TU.txt [ /advertising.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\1H1HTJQI.txt [ /click.searchwebresults.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\PMJRWIO2.txt [ /247realmedia.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\DTIWD22R.txt [ /bridge.sf.admarketplace.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\WZ3746O3.txt [ /mm.chitika.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\UBMM110W.txt [ /www.googleadservices.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\FGHLPTS0.txt [ /liveperson.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\FW52KGJB.txt [ /ad1.adfarm1.adition.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\BDMGS8RL.txt [ /statse.webtrendslive.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\N65D5HTY.txt [ /estat.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\T8PREWVC.txt [ /media.adfrontiers.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\X13X65DH.txt [ /smartadserver.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\SN0O3WZ3.txt [ /www.mmtracking.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\9FIRMA46.txt [ /doubleclick.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\FEGWAHFQ.txt [ /westernunionglobal.112.2o7.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\YWRF0HA5.txt [ /dmtracker.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\VJ4Q7IUQ.txt [ /adtechus.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\A7TBR24A.txt [ /ads.intergi.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\Y02589OE.txt [ /kontera.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\S8ALWEWG.txt [ /clickbooth.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\3U10XACN.txt [ /networldmedia.net ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\4IZDDMO2.txt [ /nextag.mootlie.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\AA3LZ31Q.txt [ /www.googleadservices.com ]
C:\Users\alexfr\AppData\Roaming\Microsoft\Windows\Cookies\LMR1X0YK.txt [ /videos.mediaite.com ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\1GZ1CNG8.txt [ Cookie:alexfr@www.google.co.il/accounts ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\BHTYDP8F.txt [ Cookie:alexfr@www.google.ca/accounts ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\5Q4PMW22.txt [ Cookie:alexfr@adsonar.com/adserving ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\PPJRCGYR.txt [ Cookie:alexfr@ad.yieldmanager.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\GVY36U8W.txt [ Cookie:alexfr@dobry.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\M21LMJKE.txt [ Cookie:alexfr@zedo.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\A1OKY0XE.txt [ Cookie:alexfr@www.googleadservices.com/pagead/conversion/1072723507/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\R2PGYMZ2.txt [ Cookie:alexfr@olymp2012.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\OQKQA10C.txt [ Cookie:alexfr@ru4.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\G3P32G1G.txt [ Cookie:alexfr@www.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\PYAFQW8A.txt [ Cookie:alexfr@nextag.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\88U48GD7.txt [ Cookie:alexfr@top100.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZMBJTCRB.txt [ Cookie:alexfr@liveclicker.net/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\4JNHZJWW.txt [ Cookie:alexfr@xiti.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\W92FDWGW.txt [ Cookie:alexfr@invitemedia.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\JLWFQ3H3.txt [ Cookie:alexfr@accounts.google.com/accounts/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\EWOKY8QA.txt [ Cookie:alexfr@rutracker.org/forum/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZTFHK1R9.txt [ Cookie:alexfr@tns-counter.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\G42G0U3N.txt [ Cookie:alexfr@server.iad.liveperson.net/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\AEKLCMCT.txt [ Cookie:alexfr@darkorbit.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\2SD82MH2.txt [ Cookie:alexfr@adtech.de/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\3KVQ0I3U.txt [ Cookie:alexfr@mshakers.rotator.hadj7.adjuggler.net/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\X2104J2H.txt [ Cookie:alexfr@statcounter.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\9Q1KT9J3.txt [ Cookie:alexfr@pro-market.net/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\NFEMONSC.txt [ Cookie:alexfr@traveladvertising.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\OWTJCZ56.txt [ Cookie:alexfr@www.google.ca/accounts ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\9SHGO7H0.txt [ Cookie:alexfr@stats.royalbank.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\YRES4WDJ.txt [ Cookie:alexfr@prnewswire.122.2o7.net/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\WLHAWOX3.txt [ Cookie:alexfr@clickfuse.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\YF18JNW2.txt [ Cookie:alexfr@mediaservices-d.openxenterprise.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\5LJ88SPV.txt [ Cookie:alexfr@nova.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\KAE1JSR2.txt [ Cookie:alexfr@apmebf.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\2V0I3PCW.txt [ Cookie:alexfr@accounts.google.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\47CBLC0C.txt [ Cookie:alexfr@serving-sys.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexfr@finance.rambler[2].txt [ Cookie:alexfr@finance.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\BGGR5GUL.txt [ Cookie:alexfr@pointroll.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\QO3NDOB6.txt [ Cookie:alexfr@specificclick.net/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\GXSRF5TE.txt [ Cookie:alexfr@id.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\DW0BL5LU.txt [ Cookie:alexfr@mediaplex.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\PJR632JE.txt [ Cookie:alexfr@adbrite.com/ ]
ad.yieldmanager.com [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\X5NLXF0B.txt [ Cookie:alexfr@adxpose.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\56S816QO.txt [ Cookie:alexfr@questionmarket.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\J01JG4AK.txt [ Cookie:alexfr@revsci.net/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\YJ685651.txt [ Cookie:alexfr@media6degrees.com/ ]
.adtech.de [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\AE8JEDYO.txt [ Cookie:alexfr@doubleclick.net/ ]
.adtech.de [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\KQOFMK22.txt [ Cookie:alexfr@imrworldwide.com/cgi-bin ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\2QJAWJKN.txt [ Cookie:alexfr@rbc.bridgetrack.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\B3SRE772.txt [ Cookie:alexfr@ar.atwola.com/ ]
.apmebf.com [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\9EA9LF2G.txt [ Cookie:alexfr@macromedia.com/ ]
.mediaplex.com [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\9D00F15J.txt [ Cookie:alexfr@casalemedia.com/ ]
.invitemedia.com [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALEXFR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\DJ4BDBJK.txt [ Cookie:alexfr@adserver.adtechus.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\TGOF0UO7.txt [ Cookie:alexfr@saymedia.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\SOHA7MAI.txt [ Cookie:alexfr@www.google.co.il/accounts ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\YWJXL3WU.txt [ Cookie:alexfr@hotdownloads2.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\HNRQHQP5.txt [ Cookie:alexfr@kontera.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\2WB9V0EY.txt [ Cookie:alexfr@clickbooth.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\I4TRNKRX.txt [ Cookie:alexfr@ads.pointroll.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\G0LTSJAF.txt [ Cookie:alexfr@mail.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\8XFG1U6F.txt [ Cookie:alexfr@networldmedia.net/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\1LOM9NKX.txt [ Cookie:alexfr@liveperson.net/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\O3N62RDM.txt [ Cookie:alexfr@vitamine.networldmedia.net/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\M46R6F3Q.txt [ Cookie:alexfr@ad.mlnadvertising.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\3OKFJE7J.txt [ Cookie:alexfr@server.cpmstar.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\VF6JU61Q.txt [ Cookie:alexfr@media-vertex.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\EUCWBMAB.txt [ Cookie:alexfr@seafight.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\TWLDET1D.txt [ Cookie:alexfr@estat.com/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\6HK5ZF09.txt [ Cookie:alexfr@support.google.com/accounts/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\XWUMFUPX.txt [ Cookie:alexfr@google.com/adsense/support/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\XJETMDY2.txt [ Cookie:alexfr@yieldmanager.net/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\EIAVX00A.txt [ Cookie:alexfr@games.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\2XWU5PIT.txt [ Cookie:alexfr@accounts.youtube.com/accounts ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexfr@kw.rambler[1].txt [ Cookie:alexfr@kw.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexfr@orsn.rambler[2].txt [ Cookie:alexfr@orsn.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexfr@vision.rambler[1].txt [ Cookie:alexfr@vision.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\MJCFBXAB.txt [ Cookie:alexfr@foto.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\IMYWAHJF.txt [ Cookie:alexfr@horoscopes.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\AZH6NDVQ.txt [ Cookie:alexfr@support.google.com/adsense/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\5E2F0M8O.txt [ Cookie:alexfr@help.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\V4C2KQ6D.txt [ Cookie:alexfr@farmerama.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\GVPVK5A6.txt [ Cookie:alexfr@google.com/accounts/recovery/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\ROSY6CZL.txt [ Cookie:alexfr@love.rambler.ru/ ]
C:\USERS\ALEXFR\AppData\Roaming\Microsoft\Windows\Cookies\Low\GFB60U1I.txt [ Cookie:alexfr@audio.rambler.ru/ ]
C:\USERS\ALEXFR\Cookies\K52HQHNV.txt [ Cookie:alexfr@zedo.com/ ]
C:\USERS\ALEXFR\Cookies\A12R1C1B.txt [ Cookie:alexfr@www.googleadservices.com/pagead/conversion/1068706797/ ]
C:\USERS\ALEXFR\Cookies\1GZ1CNG8.txt [ Cookie:alexfr@www.google.co.il/accounts ]
C:\USERS\ALEXFR\Cookies\01KJDLGR.txt [ Cookie:alexfr@saymedia.com/ ]
C:\USERS\ALEXFR\Cookies\GZR3KD4D.txt [ Cookie:alexfr@www.rambler.ru/ ]
C:\USERS\ALEXFR\Cookies\M00XRAX1.txt [ Cookie:alexfr@ru4.com/ ]
C:\USERS\ALEXFR\Cookies\J2LVOEUE.txt [ Cookie:alexfr@nextag.com/ ]
C:\USERS\ALEXFR\Cookies\15UDXAT8.txt [ Cookie:alexfr@www2.findbest-games.net/ ]
C:\USERS\ALEXFR\Cookies\E6XLE7XH.txt [ Cookie:alexfr@bs.serving-sys.com/ ]
C:\USERS\ALEXFR\Cookies\U2KTXKR2.txt [ Cookie:alexfr@xiti.com/ ]
C:\USERS\ALEXFR\Cookies\3HI8GNQR.txt [ Cookie:alexfr@invitemedia.com/ ]
C:\USERS\ALEXFR\Cookies\WXO3NKC5.txt [ Cookie:alexfr@ads.pointroll.com/ ]
C:\USERS\ALEXFR\Cookies\VTTFIQOY.txt [ Cookie:alexfr@rutracker.org/forum/ ]
C:\USERS\ALEXFR\Cookies\5DB0PP1U.txt [ Cookie:alexfr@tns-counter.ru/ ]
C:\USERS\ALEXFR\Cookies\1KL1QGDB.txt [ Cookie:alexfr@server.iad.liveperson.net/ ]
C:\USERS\ALEXFR\Cookies\AZ4JRRYG.txt [ Cookie:alexfr@www.burstnet.com/ ]
C:\USERS\ALEXFR\Cookies\U74GMABR.txt [ Cookie:alexfr@adtech.de/ ]
C:\USERS\ALEXFR\Cookies\YFAWI5VY.txt [ Cookie:alexfr@hotlog.ru/ ]
C:\USERS\ALEXFR\Cookies\3AO708GG.txt [ Cookie:alexfr@mshakers.rotator.hadj7.adjuggler.net/ ]
C:\USERS\ALEXFR\Cookies\22VN3MQ4.txt [ Cookie:alexfr@gsimedia.net/ ]
C:\USERS\ALEXFR\Cookies\Y7R0LFY5.txt [ Cookie:alexfr@adfarm1.adition.com/ ]
C:\USERS\ALEXFR\Cookies\WV5MBKP2.txt [ Cookie:alexfr@pro-market.net/ ]
C:\USERS\ALEXFR\Cookies\4I3WOZ1A.txt [ Cookie:alexfr@traveladvertising.com/ ]
C:\USERS\ALEXFR\Cookies\BHTYDP8F.txt [ Cookie:alexfr@www.google.ca/accounts ]
C:\USERS\ALEXFR\Cookies\EE3FB15Z.txt [ Cookie:alexfr@stats.royalbank.com/ ]
C:\USERS\ALEXFR\Cookies\KNS3KGGR.txt [ Cookie:alexfr@clickfuse.com/ ]
C:\USERS\ALEXFR\Cookies\EF3JK711.txt [ Cookie:alexfr@liveperson.net/ ]
C:\USERS\ALEXFR\Cookies\3JVQX5C3.txt [ Cookie:alexfr@apmebf.com/ ]
C:\USERS\ALEXFR\Cookies\YKXTUCSU.txt [ Cookie:alexfr@ad.mlnadvertising.com/ ]
C:\USERS\ALEXFR\Cookies\7FU4DCS8.txt [ Cookie:alexfr@accounts.google.com/ ]
C:\USERS\ALEXFR\Cookies\AM79YQG3.txt [ Cookie:alexfr@serving-sys.com/ ]
C:\USERS\ALEXFR\Cookies\9AOSF7PI.txt [ Cookie:alexfr@pointroll.com/ ]
C:\USERS\ALEXFR\Cookies\FU15TO9X.txt [ Cookie:alexfr@validclick.net/ ]
C:\USERS\ALEXFR\Cookies\O8E8UOGO.txt [ Cookie:alexfr@specificclick.net/ ]
C:\USERS\ALEXFR\Cookies\JVYPK7AL.txt [ Cookie:alexfr@interclick.com/ ]
C:\USERS\ALEXFR\Cookies\WJZXO2WW.txt [ Cookie:alexfr@mediaplex.com/ ]
C:\USERS\ALEXFR\Cookies\KIX4G6SO.txt [ Cookie:alexfr@lfstmedia.com/ ]
C:\USERS\ALEXFR\Cookies\XALBV1MC.txt [ Cookie:alexfr@adbrite.com/ ]
C:\USERS\ALEXFR\Cookies\NF2GZCYA.txt [ Cookie:alexfr@counter.hitmir.ru/ ]
C:\USERS\ALEXFR\Cookies\3ERB82FI.txt [ Cookie:alexfr@cdmedia.rotator.hadj7.adjuggler.net/ ]
C:\USERS\ALEXFR\Cookies\QB9641CU.txt [ Cookie:alexfr@adxpose.com/ ]
C:\USERS\ALEXFR\Cookies\GL2YR4PG.txt [ Cookie:alexfr@questionmarket.com/ ]
C:\USERS\ALEXFR\Cookies\D2DU7E6B.txt [ Cookie:alexfr@revsci.net/ ]
C:\USERS\ALEXFR\Cookies\MTNNCSQV.txt [ Cookie:alexfr@media6degrees.com/ ]
C:\USERS\ALEXFR\Cookies\I48M2ZVB.txt [ Cookie:alexfr@imrworldwide.com/cgi-bin ]
C:\USERS\ALEXFR\Cookies\INY23RPI.txt [ Cookie:alexfr@rbc.bridgetrack.com/ ]
C:\USERS\ALEXFR\Cookies\3T50TNEM.txt [ Cookie:alexfr@ar.atwola.com/ ]
C:\USERS\ALEXFR\Cookies\3GUV8E2X.txt [ Cookie:alexfr@liveperson.net/hc/37457093 ]
C:\USERS\ALEXFR\Cookies\Q9IGGCV2.txt [ Cookie:alexfr@casalemedia.com/ ]
C:\USERS\ALEXFR\Cookies\BE26S6K3.txt [ Cookie:alexfr@atwola.com/ ]
C:\USERS\ALEXFR\Cookies\NLWGXRA0.txt [ Cookie:alexfr@yieldmanager.net/ ]
C:\USERS\ALEXFR\Cookies\IFUL31RF.txt [ Cookie:alexfr@adserver.adtechus.com/ ]
C:\USERS\ALEXFR\Cookies\1NRIA09P.txt [ Cookie:alexfr@srv1.okramedia.com/ ]
C:\USERS\ALEXFR\Cookies\R5IZG3F4.txt [ Cookie:alexfr@ad.yieldmanager.com/ ]
C:\USERS\ALEXFR\Cookies\4N09J8A8.txt [ Cookie:alexfr@autorambler.ru/ ]
C:\USERS\ALEXFR\Cookies\FKMKYWBQ.txt [ Cookie:alexfr@rogersmedia.com/ ]
C:\USERS\ALEXFR\Cookies\73MEEO5V.txt [ Cookie:alexfr@goclicker.com/ ]
C:\USERS\ALEXFR\Cookies\WKM56OLT.txt [ Cookie:alexfr@ww251.smartadserver.com/ ]
C:\USERS\ALEXFR\Cookies\6DOSAUL5.txt [ Cookie:alexfr@www.googleadservices.com/pagead/conversion/1025314660/ ]
C:\USERS\ALEXFR\Cookies\TJ4L3D04.txt [ Cookie:alexfr@www.googleadservices.com/pagead/conversion/1006081641/ ]
C:\USERS\ALEXFR\Cookies\B7I999X6.txt [ Cookie:alexfr@banners.adcontrol.com/ ]
C:\USERS\ALEXFR\Cookies\GZE51G6Q.txt [ Cookie:alexfr@www.clicker.com/ ]
C:\USERS\ALEXFR\Cookies\R9W5XXJI.txt [ Cookie:alexfr@liveperson.net/hc/19452074 ]
C:\USERS\ALEXFR\Cookies\UEBES8VR.txt [ Cookie:alexfr@horoscopes.rambler.ru/ ]
C:\USERS\ALEXFR\Cookies\Y8FB6VRZ.txt [ Cookie:alexfr@www.googleadservices.com/pagead/conversion/955728656/ ]
C:\USERS\ALEXFR\Cookies\F6IN0DEI.txt [ Cookie:alexfr@brownshoe.112.2o7.net/ ]
C:\USERS\ALEXFR\Cookies\SWLO8C7H.txt [ Cookie:alexfr@vitamine.networldmedia.net/ ]
C:\USERS\ALEXFR\Cookies\T2AOC10B.txt [ Cookie:alexfr@kaspersky.122.2o7.net/ ]
C:\USERS\ALEXFR\Cookies\1H1HTJQI.txt [ Cookie:alexfr@click.searchwebresults.com/ads-clicktrack/click/ ]
C:\USERS\ALEXFR\Cookies\PMJRWIO2.txt [ Cookie:alexfr@247realmedia.com/ ]
C:\USERS\ALEXFR\Cookies\DTIWD22R.txt [ Cookie:alexfr@bridge.sf.admarketplace.net/ ]
C:\USERS\ALEXFR\Cookies\WZ3746O3.txt [ Cookie:alexfr@mm.chitika.net/ ]
C:\USERS\ALEXFR\Cookies\FGHLPTS0.txt [ Cookie:alexfr@liveperson.net/hc/49932843 ]
C:\USERS\ALEXFR\Cookies\FW52KGJB.txt [ Cookie:alexfr@ad1.adfarm1.adition.com/ ]
C:\USERS\ALEXFR\Cookies\BDMGS8RL.txt [ Cookie:alexfr@statse.webtrendslive.com/ ]
C:\USERS\ALEXFR\Cookies\N65D5HTY.txt [ Cookie:alexfr@estat.com/ ]
C:\USERS\ALEXFR\Cookies\T8PREWVC.txt [ Cookie:alexfr@media.adfrontiers.com/ ]
C:\USERS\ALEXFR\Cookies\9FIRMA46.txt [ Cookie:alexfr@doubleclick.net/ ]
C:\USERS\ALEXFR\Cookies\FEGWAHFQ.txt [ Cookie:alexfr@westernunionglobal.112.2o7.net/ ]
C:\USERS\ALEXFR\Cookies\5Q4PMW22.txt [ Cookie:alexfr@adsonar.com/adserving ]
C:\USERS\ALEXFR\Cookies\Y02589OE.txt [ Cookie:alexfr@kontera.com/ ]
C:\USERS\ALEXFR\Cookies\S8ALWEWG.txt [ Cookie:alexfr@clickbooth.com/ ]
C:\USERS\ALEXFR\Cookies\3U10XACN.txt [ Cookie:alexfr@networldmedia.net/ ]
C:\USERS\ALEXFR\Cookies\4IZDDMO2.txt [ Cookie:alexfr@nextag.mootlie.com/pixels/ ]
C:\USERS\ALEXFR\Cookies\AA3LZ31Q.txt [ Cookie:alexfr@www.googleadservices.com/pagead/conversion/1070601377/ ]
C:\USERS\ALEXFR\Cookies\LMR1X0YK.txt [ Cookie:alexfr@videos.mediaite.com/ ]
core.saymedia.com [ C:\USERS\ALEXFR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\SR2WRD2X ]
counter.rambler.ru [ C:\USERS\ALEXFR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\SR2WRD2X ]
hiro-media-eu.s3.amazonaws.com [ C:\USERS\ALEXFR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\SR2WRD2X ]
ia.media-imdb.com [ C:\USERS\ALEXFR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\SR2WRD2X ]
media.mtvnservices.com [ C:\USERS\ALEXFR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\SR2WRD2X ]
mediadownload.ynet.co.il [ C:\USERS\ALEXFR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\SR2WRD2X ]
secure-us.imrworldwide.com [ C:\USERS\ALEXFR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\SR2WRD2X ]
tag.mediashakers.hiro.tv [ C:\USERS\ALEXFR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\SR2WRD2X ]
videos.mediaite.com [ C:\USERS\ALEXFR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\SR2WRD2X ]

Thanks,
Alex

#6 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:05:37 AM

Posted 29 November 2012 - 05:05 AM

Hi,

Are you still getting ads? Any other problems?

I've got a couple other things to run, as well. :)

AdwCleaner

I need you to run AdwCleaner to see if it removes anything.

  • Download AdwCleaner from here, and save it to your desktop.
  • Close all open programs.
  • Open the file on your desktop, and click the Delete button. Confirm operations at every prompt. Your PC will be rebooted after the final prompt.
  • Once rebooted, a text file will open up. Please copy and paste it into your reply.

RogueKiller

I need you to run RogueKiller to see if it removes anything.

  • Download RogueKiller from here, and save it to your desktop.
  • Close all open programs.
  • Double click the file on your desktop. Once the automatic check completes, hit the Scan button.
  • Once the full scan has finished, click on the Delete button. Once it's done removing things, open the newest log on your desktop (should be called RKreport[2].txt) and copy and paste it into your reply.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#7 alex200

alex200
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:37 AM

Posted 02 December 2012 - 12:52 PM

Hello,
I run both AdwCleaner and RogueKiller , and still getting those adds. :(

Please see the logs:

AdwCleaner

# AdwCleaner v2.010 - Logfile created 11/29/2012 at 18:45:00
# Updated 29/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : alexfr - ALEXFR-HP
# Boot Mode : Normal
# Running from : C:\Users\alexfr\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\alexfr\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\Program Files (x86)\Babylon
Folder Deleted : C:\Users\alexfr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Folder Deleted : C:\Users\alexfr\AppData\LocalLow\BabylonToolbar

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\alexfr\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2447 octets] - [29/11/2012 18:45:00]

########## EOF - C:\AdwCleaner[S1].txt - [2507 octets] ##########


RogueKiller

RogueKiller V8.3.1 [Nov 29 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : alexfr [Admin rights]
Mode : Remove -- Date : 11/29/2012 20:23:21

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : MaxDownloadMgr ("C:\Users\alexfr\AppData\Local\Temp\Stp1723_TMP.EXE") -> DELETED
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] @ : C:\Windows\Installer\{fe1fb8fe-0691-a8b8-0a19-4f719aac8496}\@ --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\Windows\Installer\{fe1fb8fe-0691-a8b8-0a19-4f719aac8496}\U --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\Windows\Installer\{fe1fb8fe-0691-a8b8-0a19-4f719aac8496}\L\00000004.@ --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\Windows\Installer\{fe1fb8fe-0691-a8b8-0a19-4f719aac8496}\L --> REMOVED

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost
78.46.61.26 www.google-analytics.com.
78.46.61.26 ad-emea.doubleclick.net.
78.46.61.26 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST31000528AS +++++
--- User ---
[MBR] 37ac7d1d7e88479ff6b2ceb89f0fcd8f
[BSP] a79287d10dfe078f31494ed03ac52f08 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 940688 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1926735872 | Size: 13079 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_11292012_02d2023.txt >>
RKreport[1]_S_11292012_02d2022.txt ; RKreport[2]_D_11292012_02d2023.txt

Thanks,
Alex.

#8 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:05:37 AM

Posted 04 December 2012 - 02:55 AM

Hi,

Ok, I definitely see signs this will require more advanced help.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users