Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE doesn't show a webpage


  • Please log in to reply
6 replies to this topic

#1 mtdar

mtdar

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 05 January 2013 - 09:16 AM

Hi all,

I'm not sure if my computer is infected or not, but IE9 takes a very long time to open up and then it hangs with a blank page. My system runs on Windows 7 home 64-bit with IE9 and Microsoft Security Essentials as my antivirus scanner. Any help would be greatly appreciated.

Thanks.

BC AdBot (Login to Remove)

 


#2 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:07:21 PM

Posted 05 January 2013 - 10:07 AM

Hi, mtdar! I'm going to try to help you out. :)

TDSSKiller

I need you to run a scan using TDSSKiller.

  • Download TDSSKiller from here, and save it to your desktop.
  • Double click the file to launch the program. Once the program starts, click Start Scan. Don't change any default scan settings.
  • Once the scan is finished, you'll find a log in your root drive (usually C: ) that will start with TDSS in the file name, please copy and paste it into your reply.

Malwarebytes

I need you to run a scan with Malwarebytes Anti-Malware.

  • Download MBAM from here, and save it to your desktop.
  • Double-click the installer to run it. During the installation, simply follow the prompts and let the program install. However, if you do not want to start a trial of the full version, please decline, and if offered any external toolbars/programs, feel free to uncheck to install them, unless you want them.
  • Once the program is done installing and updating, select the Perform full scan option on the main interface. The click the Scan button, hit Scan, and let the scan run.
  • Once the scan is finished, a log will pop up. If any malware was found, click the Show Results button, and make sure everything present is checked and click Remove Selected. If MBAM asks you to reboot, do so immediately. Either way, please copy and paste the log into your reply. If your PC is rebooted, you can find the log by opening up MBAM and going to the Logs tab.

AdwCleaner

I need you to run AdwCleaner to see if it removes anything.

  • Download AdwCleaner from here, and save it to your desktop.
  • Close all open programs.
  • Open the file on your desktop, and click the Delete button. Confirm operations at every prompt. Your PC will be rebooted after the final prompt.
  • Once rebooted, a text file will open up. Please copy and paste it into your reply.

RogueKiller

I need you to run RogueKiller to see if it removes anything.

  • Download RogueKiller from here, and save it to your desktop.
  • Close all open programs.
  • Double click the file on your desktop. Once the automatic check completes, hit the Scan button.
  • Once the full scan has finished, click on the Delete button. Once it's done removing things, open the newest log on your desktop (should be called RKreport[2].txt) and copy and paste it into your reply.

Please tell me how your computer is running in your next reply.

Gunto

Edited by Gunto, 05 January 2013 - 10:13 AM.

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#3 mtdar

mtdar
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 05 January 2013 - 09:30 PM

Hi Gunto, thanks for taking the time to help me out. I've followed your instructions and the computer and IE seem a bit more responsive than before. The logs you've requested are listed below.

TDSSKiller Log:

17:50:10.0287 2980 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:50:10.0584 2980 ============================================================
17:50:10.0584 2980 Current date / time: 2013/01/05 17:50:10.0584
17:50:10.0584 2980 SystemInfo:
17:50:10.0584 2980
17:50:10.0584 2980 OS Version: 6.1.7600 ServicePack: 0.0
17:50:10.0584 2980 Product type: Workstation
17:50:10.0584 2980 ComputerName: FOWLERPEGGY-PC
17:50:10.0584 2980 UserName: fowlerpeggy
17:50:10.0584 2980 Windows directory: C:\Windows
17:50:10.0584 2980 System windows directory: C:\Windows
17:50:10.0584 2980 Running under WOW64
17:50:10.0584 2980 Processor architecture: Intel x64
17:50:10.0584 2980 Number of processors: 1
17:50:10.0584 2980 Page size: 0x1000
17:50:10.0584 2980 Boot type: Normal boot
17:50:10.0584 2980 ============================================================
17:50:12.0035 2980 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:50:12.0081 2980 ============================================================
17:50:12.0081 2980 \Device\Harddisk0\DR0:
17:50:12.0081 2980 MBR partitions:
17:50:12.0081 2980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
17:50:12.0081 2980 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x38953000
17:50:12.0081 2980 ============================================================
17:50:12.0113 2980 C: <-> \Device\Harddisk0\DR0\Partition2
17:50:12.0113 2980 ============================================================
17:50:12.0113 2980 Initialize success
17:50:12.0113 2980 ============================================================
17:50:15.0888 1572 ============================================================
17:50:15.0888 1572 Scan started
17:50:15.0888 1572 Mode: Manual;
17:50:15.0888 1572 ============================================================
17:50:16.0543 1572 ================ Scan system memory ========================
17:50:16.0543 1572 System memory - ok
17:50:16.0543 1572 ================ Scan services =============================
17:50:16.0715 1572 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:50:16.0730 1572 1394ohci - ok
17:50:16.0746 1572 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:50:16.0761 1572 ACPI - ok
17:50:16.0777 1572 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:50:16.0777 1572 AcpiPmi - ok
17:50:16.0855 1572 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:50:16.0855 1572 AdobeARMservice - ok
17:50:16.0902 1572 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:50:16.0902 1572 adp94xx - ok
17:50:16.0933 1572 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:50:16.0949 1572 adpahci - ok
17:50:16.0980 1572 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:50:16.0980 1572 adpu320 - ok
17:50:17.0027 1572 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:50:17.0027 1572 AeLookupSvc - ok
17:50:17.0089 1572 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
17:50:17.0604 1572 AFD - ok
17:50:17.0666 1572 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:50:17.0697 1572 agp440 - ok
17:50:17.0760 1572 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:50:17.0760 1572 ALG - ok
17:50:17.0807 1572 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:50:17.0807 1572 aliide - ok
17:50:17.0838 1572 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:50:17.0838 1572 amdide - ok
17:50:17.0869 1572 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:50:17.0869 1572 AmdK8 - ok
17:50:17.0885 1572 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:50:17.0900 1572 AmdPPM - ok
17:50:17.0947 1572 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:50:17.0947 1572 amdsata - ok
17:50:17.0978 1572 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:50:17.0978 1572 amdsbs - ok
17:50:17.0994 1572 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:50:17.0994 1572 amdxata - ok
17:50:18.0056 1572 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
17:50:18.0056 1572 AppID - ok
17:50:18.0087 1572 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:50:18.0087 1572 AppIDSvc - ok
17:50:18.0103 1572 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
17:50:18.0103 1572 Appinfo - ok
17:50:18.0134 1572 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:50:18.0134 1572 arc - ok
17:50:18.0181 1572 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:50:18.0181 1572 arcsas - ok
17:50:18.0306 1572 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:50:18.0306 1572 aspnet_state - ok
17:50:18.0353 1572 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:50:18.0353 1572 AsyncMac - ok
17:50:18.0384 1572 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:50:18.0384 1572 atapi - ok
17:50:18.0415 1572 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:50:18.0431 1572 AudioEndpointBuilder - ok
17:50:18.0462 1572 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:50:18.0462 1572 AudioSrv - ok
17:50:18.0493 1572 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:50:18.0509 1572 AxInstSV - ok
17:50:18.0540 1572 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:50:18.0555 1572 b06bdrv - ok
17:50:18.0587 1572 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:50:18.0602 1572 b57nd60a - ok
17:50:18.0649 1572 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:50:18.0665 1572 BDESVC - ok
17:50:18.0680 1572 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:50:18.0680 1572 Beep - ok
17:50:18.0727 1572 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
17:50:18.0743 1572 BFE - ok
17:50:18.0789 1572 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
17:50:18.0805 1572 BITS - ok
17:50:18.0821 1572 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:50:18.0821 1572 blbdrive - ok
17:50:18.0867 1572 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:50:18.0867 1572 bowser - ok
17:50:18.0899 1572 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:50:18.0899 1572 BrFiltLo - ok
17:50:18.0914 1572 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:50:18.0914 1572 BrFiltUp - ok
17:50:18.0961 1572 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
17:50:18.0961 1572 Browser - ok
17:50:19.0008 1572 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:50:19.0008 1572 Brserid - ok
17:50:19.0023 1572 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:50:19.0039 1572 BrSerWdm - ok
17:50:19.0055 1572 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:50:19.0086 1572 BrUsbMdm - ok
17:50:19.0133 1572 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:50:19.0133 1572 BrUsbSer - ok
17:50:19.0164 1572 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:50:19.0164 1572 BTHMODEM - ok
17:50:19.0211 1572 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:50:19.0211 1572 bthserv - ok
17:50:19.0242 1572 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:50:19.0242 1572 cdfs - ok
17:50:19.0257 1572 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:50:19.0273 1572 cdrom - ok
17:50:19.0304 1572 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
17:50:19.0304 1572 CertPropSvc - ok
17:50:19.0335 1572 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:50:19.0335 1572 circlass - ok
17:50:19.0367 1572 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:50:19.0382 1572 CLFS - ok
17:50:19.0429 1572 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:50:19.0429 1572 clr_optimization_v2.0.50727_32 - ok
17:50:19.0491 1572 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:50:19.0491 1572 clr_optimization_v2.0.50727_64 - ok
17:50:19.0554 1572 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:50:19.0554 1572 clr_optimization_v4.0.30319_32 - ok
17:50:19.0569 1572 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:50:19.0585 1572 clr_optimization_v4.0.30319_64 - ok
17:50:19.0616 1572 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:50:19.0616 1572 CmBatt - ok
17:50:19.0647 1572 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:50:19.0647 1572 cmdide - ok
17:50:19.0694 1572 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
17:50:19.0710 1572 CNG - ok
17:50:19.0725 1572 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:50:19.0741 1572 Compbatt - ok
17:50:19.0757 1572 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:50:19.0757 1572 CompositeBus - ok
17:50:19.0772 1572 COMSysApp - ok
17:50:19.0803 1572 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:50:19.0803 1572 crcdisk - ok
17:50:19.0850 1572 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:50:19.0897 1572 CryptSvc - ok
17:50:19.0928 1572 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:50:19.0944 1572 DcomLaunch - ok
17:50:19.0975 1572 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:50:19.0991 1572 defragsvc - ok
17:50:20.0022 1572 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:50:20.0022 1572 DfsC - ok
17:50:20.0053 1572 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
17:50:20.0053 1572 Dhcp - ok
17:50:20.0084 1572 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:50:20.0084 1572 discache - ok
17:50:20.0115 1572 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:50:20.0115 1572 Disk - ok
17:50:20.0147 1572 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:50:20.0162 1572 Dnscache - ok
17:50:20.0178 1572 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
17:50:20.0193 1572 dot3svc - ok
17:50:20.0240 1572 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
17:50:20.0240 1572 Dot4 - ok
17:50:20.0271 1572 [ 85135AD27E79B689335C08167D917CDE ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:50:20.0287 1572 Dot4Print - ok
17:50:20.0318 1572 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
17:50:20.0318 1572 dot4usb - ok
17:50:20.0365 1572 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
17:50:20.0365 1572 DPS - ok
17:50:20.0396 1572 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:50:20.0396 1572 drmkaud - ok
17:50:20.0443 1572 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:50:20.0459 1572 DXGKrnl - ok
17:50:20.0490 1572 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:50:20.0505 1572 EapHost - ok
17:50:20.0583 1572 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:50:20.0646 1572 ebdrv - ok
17:50:20.0677 1572 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
17:50:20.0677 1572 EFS - ok
17:50:20.0755 1572 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:50:20.0771 1572 ehRecvr - ok
17:50:20.0786 1572 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:50:20.0786 1572 ehSched - ok
17:50:20.0849 1572 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:50:20.0849 1572 elxstor - ok
17:50:20.0880 1572 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
17:50:20.0880 1572 ErrDev - ok
17:50:20.0927 1572 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:50:20.0927 1572 EventSystem - ok
17:50:20.0958 1572 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:50:20.0973 1572 exfat - ok
17:50:20.0989 1572 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:50:21.0005 1572 fastfat - ok
17:50:21.0051 1572 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
17:50:21.0067 1572 Fax - ok
17:50:21.0098 1572 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:50:21.0098 1572 fdc - ok
17:50:21.0129 1572 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:50:21.0129 1572 fdPHost - ok
17:50:21.0145 1572 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:50:21.0161 1572 FDResPub - ok
17:50:21.0192 1572 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:50:21.0192 1572 FileInfo - ok
17:50:21.0223 1572 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:50:21.0223 1572 Filetrace - ok
17:50:21.0239 1572 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:50:21.0239 1572 flpydisk - ok
17:50:21.0301 1572 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:50:21.0301 1572 FltMgr - ok
17:50:21.0363 1572 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
17:50:21.0379 1572 FontCache - ok
17:50:21.0426 1572 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:50:21.0426 1572 FontCache3.0.0.0 - ok
17:50:21.0457 1572 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:50:21.0457 1572 FsDepends - ok
17:50:21.0488 1572 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:50:21.0488 1572 Fs_Rec - ok
17:50:21.0551 1572 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:50:21.0566 1572 fvevol - ok
17:50:21.0597 1572 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:50:21.0597 1572 gagp30kx - ok
17:50:21.0660 1572 [ 1FDA0DF739234C4023851A282DD28704 ] GameConsoleService C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe
17:50:21.0660 1572 GameConsoleService - ok
17:50:21.0816 1572 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
17:50:21.0816 1572 gpsvc - ok
17:50:22.0034 1572 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
17:50:22.0097 1572 Greg_Service - ok
17:50:22.0175 1572 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:50:22.0175 1572 gupdate - ok
17:50:22.0221 1572 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:50:22.0237 1572 gupdatem - ok
17:50:22.0268 1572 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:50:22.0315 1572 gusvc - ok
17:50:22.0362 1572 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:50:22.0377 1572 hcw85cir - ok
17:50:22.0409 1572 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:50:22.0440 1572 HdAudAddService - ok
17:50:22.0487 1572 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:50:22.0487 1572 HDAudBus - ok
17:50:22.0518 1572 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:50:22.0533 1572 HidBatt - ok
17:50:22.0549 1572 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:50:22.0596 1572 HidBth - ok
17:50:22.0627 1572 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:50:22.0658 1572 HidIr - ok
17:50:22.0689 1572 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:50:22.0689 1572 hidserv - ok
17:50:22.0721 1572 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:50:22.0783 1572 HidUsb - ok
17:50:22.0830 1572 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:50:22.0923 1572 hkmsvc - ok
17:50:22.0939 1572 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:50:23.0001 1572 HomeGroupListener - ok
17:50:23.0033 1572 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:50:23.0033 1572 HomeGroupProvider - ok
17:50:23.0157 1572 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:50:23.0157 1572 hpqcxs08 - ok
17:50:23.0173 1572 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:50:23.0189 1572 hpqddsvc - ok
17:50:23.0235 1572 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
17:50:23.0267 1572 HpSAMD - ok
17:50:23.0360 1572 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:50:23.0391 1572 HTTP - ok
17:50:23.0438 1572 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:50:23.0469 1572 hwpolicy - ok
17:50:23.0516 1572 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:50:23.0532 1572 i8042prt - ok
17:50:23.0547 1572 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:50:23.0610 1572 iaStorV - ok
17:50:23.0688 1572 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:50:23.0735 1572 IDriverT - ok
17:50:23.0781 1572 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:50:23.0813 1572 idsvc - ok
17:50:23.0875 1572 [ 5CAB9D1AB5C9384D28DFF89DBE7A72BB ] IHA_MessageCenter C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
17:50:23.0891 1572 IHA_MessageCenter - ok
17:50:23.0922 1572 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:50:23.0937 1572 iirsp - ok
17:50:23.0984 1572 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
17:50:24.0031 1572 IKEEXT - ok
17:50:24.0109 1572 [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:50:24.0140 1572 IntcAzAudAddService - ok
17:50:24.0171 1572 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:50:24.0218 1572 intelide - ok
17:50:24.0249 1572 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:50:24.0249 1572 intelppm - ok
17:50:24.0281 1572 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:50:24.0312 1572 IPBusEnum - ok
17:50:24.0327 1572 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:50:24.0359 1572 IpFilterDriver - ok
17:50:24.0405 1572 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:50:24.0405 1572 iphlpsvc - ok
17:50:24.0437 1572 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:50:24.0468 1572 IPMIDRV - ok
17:50:24.0483 1572 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:50:24.0530 1572 IPNAT - ok
17:50:24.0561 1572 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:50:24.0593 1572 IRENUM - ok
17:50:24.0608 1572 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
17:50:24.0639 1572 isapnp - ok
17:50:24.0671 1572 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:50:24.0686 1572 iScsiPrt - ok
17:50:24.0717 1572 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:50:24.0749 1572 kbdclass - ok
17:50:24.0780 1572 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:50:24.0842 1572 kbdhid - ok
17:50:24.0873 1572 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
17:50:24.0873 1572 KeyIso - ok
17:50:24.0905 1572 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:50:24.0951 1572 KSecDD - ok
17:50:24.0998 1572 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:50:24.0998 1572 KSecPkg - ok
17:50:25.0045 1572 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:50:25.0123 1572 ksthunk - ok
17:50:25.0170 1572 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:50:25.0310 1572 KtmRm - ok
17:50:25.0373 1572 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:50:25.0404 1572 LanmanServer - ok
17:50:25.0451 1572 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:50:25.0482 1572 LanmanWorkstation - ok
17:50:25.0529 1572 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:50:25.0560 1572 lltdio - ok
17:50:25.0607 1572 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:50:25.0622 1572 lltdsvc - ok
17:50:25.0638 1572 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:50:25.0685 1572 lmhosts - ok
17:50:25.0716 1572 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:50:25.0747 1572 LSI_FC - ok
17:50:25.0794 1572 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:50:25.0825 1572 LSI_SAS - ok
17:50:25.0856 1572 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:50:25.0872 1572 LSI_SAS2 - ok
17:50:25.0903 1572 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:50:25.0997 1572 LSI_SCSI - ok
17:50:26.0028 1572 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:50:26.0059 1572 luafv - ok
17:50:26.0106 1572 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:50:26.0137 1572 Mcx2Svc - ok
17:50:26.0168 1572 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:50:26.0199 1572 megasas - ok
17:50:26.0277 1572 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:50:26.0324 1572 MegaSR - ok
17:50:26.0371 1572 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:50:26.0371 1572 MMCSS - ok
17:50:26.0402 1572 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:50:26.0418 1572 Modem - ok
17:50:26.0465 1572 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:50:26.0465 1572 monitor - ok
17:50:26.0496 1572 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:50:26.0527 1572 mouclass - ok
17:50:26.0558 1572 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:50:26.0652 1572 mouhid - ok
17:50:26.0683 1572 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:50:26.0730 1572 mountmgr - ok
17:50:26.0777 1572 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
17:50:26.0777 1572 MpFilter - ok
17:50:26.0808 1572 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
17:50:26.0855 1572 mpio - ok
17:50:26.0886 1572 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:50:26.0933 1572 mpsdrv - ok
17:50:26.0995 1572 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:50:27.0011 1572 MpsSvc - ok
17:50:27.0042 1572 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:50:27.0042 1572 MRxDAV - ok
17:50:27.0104 1572 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:50:27.0104 1572 mrxsmb - ok
17:50:27.0151 1572 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:50:27.0151 1572 mrxsmb10 - ok
17:50:27.0198 1572 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:50:27.0198 1572 mrxsmb20 - ok
17:50:27.0260 1572 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:50:27.0260 1572 msahci - ok
17:50:27.0323 1572 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
17:50:27.0323 1572 msdsm - ok
17:50:27.0369 1572 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:50:27.0369 1572 MSDTC - ok
17:50:27.0447 1572 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:50:27.0447 1572 Msfs - ok
17:50:27.0479 1572 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:50:27.0479 1572 mshidkmdf - ok
17:50:27.0494 1572 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
17:50:27.0510 1572 msisadrv - ok
17:50:27.0557 1572 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:50:27.0557 1572 MSiSCSI - ok
17:50:27.0572 1572 msiserver - ok
17:50:27.0603 1572 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:50:27.0603 1572 MSKSSRV - ok
17:50:27.0666 1572 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:50:27.0666 1572 MsMpSvc - ok
17:50:27.0713 1572 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:50:27.0713 1572 MSPCLOCK - ok
17:50:27.0728 1572 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:50:27.0728 1572 MSPQM - ok
17:50:27.0775 1572 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:50:27.0806 1572 MsRPC - ok
17:50:27.0869 1572 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:50:27.0869 1572 mssmbios - ok
17:50:27.0900 1572 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:50:27.0900 1572 MSTEE - ok
17:50:27.0931 1572 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:50:27.0931 1572 MTConfig - ok
17:50:27.0978 1572 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:50:27.0978 1572 Mup - ok
17:50:28.0025 1572 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
17:50:28.0025 1572 napagent - ok
17:50:28.0087 1572 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:50:28.0087 1572 NativeWifiP - ok
17:50:28.0134 1572 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:50:28.0149 1572 NDIS - ok
17:50:28.0181 1572 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:50:28.0181 1572 NdisCap - ok
17:50:28.0243 1572 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:50:28.0243 1572 NdisTapi - ok
17:50:28.0274 1572 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:50:28.0274 1572 Ndisuio - ok
17:50:28.0305 1572 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:50:28.0305 1572 NdisWan - ok
17:50:28.0337 1572 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:50:28.0337 1572 NDProxy - ok
17:50:28.0430 1572 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
17:50:28.0461 1572 Nero BackItUp Scheduler 4.0 - ok
17:50:28.0508 1572 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:50:28.0508 1572 Net Driver HPZ12 - ok
17:50:28.0539 1572 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:50:28.0539 1572 NetBIOS - ok
17:50:28.0571 1572 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:50:28.0571 1572 NetBT - ok
17:50:28.0602 1572 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
17:50:28.0602 1572 Netlogon - ok
17:50:28.0649 1572 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:50:28.0649 1572 Netman - ok
17:50:28.0680 1572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:28.0680 1572 NetMsmqActivator - ok
17:50:28.0711 1572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:28.0711 1572 NetPipeActivator - ok
17:50:28.0758 1572 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:50:28.0758 1572 netprofm - ok
17:50:28.0820 1572 [ 883269C1CA478658F1334F3C39B0C7AC ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
17:50:28.0867 1572 netr28ux - ok
17:50:28.0898 1572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:28.0898 1572 NetTcpActivator - ok
17:50:28.0929 1572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:50:28.0929 1572 NetTcpPortSharing - ok
17:50:28.0961 1572 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:50:28.0961 1572 nfrd960 - ok
17:50:29.0007 1572 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:50:29.0007 1572 NisDrv - ok
17:50:29.0070 1572 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
17:50:29.0085 1572 NisSrv - ok
17:50:29.0117 1572 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:50:29.0132 1572 NlaSvc - ok
17:50:29.0163 1572 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:50:29.0163 1572 Npfs - ok
17:50:29.0179 1572 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:50:29.0195 1572 nsi - ok
17:50:29.0210 1572 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:50:29.0226 1572 nsiproxy - ok
17:50:29.0288 1572 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:50:29.0319 1572 Ntfs - ok
17:50:29.0351 1572 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:50:29.0351 1572 Null - ok
17:50:29.0631 1572 [ E55CAB397F77D5208DB18A78B1B7C0D5 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:50:29.0756 1572 nvlddmkm - ok
17:50:29.0803 1572 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:50:29.0803 1572 nvraid - ok
17:50:29.0850 1572 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:50:29.0850 1572 nvstor - ok
17:50:29.0881 1572 [ 7C7EEF51979658CE15BBC04F96A77D56 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
17:50:29.0897 1572 nvstor64 - ok
17:50:29.0928 1572 [ 43BC8151893AE6AFE42E149D663C2221 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:50:29.0928 1572 nvsvc - ok
17:50:29.0959 1572 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
17:50:29.0959 1572 nv_agp - ok
17:50:29.0990 1572 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:50:29.0990 1572 ohci1394 - ok
17:50:30.0068 1572 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:50:30.0068 1572 ose - ok
17:50:30.0115 1572 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:50:30.0131 1572 p2pimsvc - ok
17:50:30.0162 1572 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:50:30.0177 1572 p2psvc - ok
17:50:30.0224 1572 [ D61B764B27BF05CCCADCC5E1E7B73A21 ] PAC7302 C:\Windows\system32\DRIVERS\PAC7302.SYS
17:50:30.0271 1572 PAC7302 - ok
17:50:30.0302 1572 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:50:30.0302 1572 Parport - ok
17:50:30.0349 1572 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:50:30.0349 1572 partmgr - ok
17:50:30.0365 1572 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:50:30.0380 1572 PcaSvc - ok
17:50:30.0411 1572 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
17:50:30.0427 1572 pci - ok
17:50:30.0443 1572 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
17:50:30.0443 1572 pciide - ok
17:50:30.0474 1572 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:50:30.0489 1572 pcmcia - ok
17:50:30.0552 1572 [ 1171C834C5E6515765684C6938B609A1 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
17:50:30.0552 1572 PCToolsSSDMonitorSvc - ok
17:50:30.0583 1572 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:50:30.0583 1572 pcw - ok
17:50:30.0630 1572 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:50:30.0630 1572 PEAUTH - ok
17:50:30.0723 1572 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:50:30.0739 1572 PerfHost - ok
17:50:30.0833 1572 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
17:50:30.0864 1572 pla - ok
17:50:30.0911 1572 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:50:30.0911 1572 PlugPlay - ok
17:50:30.0957 1572 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:50:30.0973 1572 Pml Driver HPZ12 - ok
17:50:30.0989 1572 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:50:30.0989 1572 PNRPAutoReg - ok
17:50:31.0020 1572 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:50:31.0035 1572 PNRPsvc - ok
17:50:31.0082 1572 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:50:31.0082 1572 PolicyAgent - ok
17:50:31.0145 1572 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:50:31.0160 1572 Power - ok
17:50:31.0191 1572 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:50:31.0207 1572 PptpMiniport - ok
17:50:31.0238 1572 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:50:31.0238 1572 Processor - ok
17:50:31.0285 1572 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
17:50:31.0301 1572 ProfSvc - ok
17:50:31.0316 1572 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:50:31.0316 1572 ProtectedStorage - ok
17:50:31.0347 1572 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:50:31.0363 1572 Psched - ok
17:50:31.0394 1572 [ A6BF0A9B5A30D743623CA0D3BE35DF05 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
17:50:31.0394 1572 PxHlpa64 - ok
17:50:31.0457 1572 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:50:31.0503 1572 ql2300 - ok
17:50:31.0519 1572 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:50:31.0519 1572 ql40xx - ok
17:50:31.0566 1572 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:50:31.0581 1572 QWAVE - ok
17:50:31.0597 1572 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:50:31.0597 1572 QWAVEdrv - ok
17:50:31.0628 1572 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:50:31.0628 1572 RasAcd - ok
17:50:31.0659 1572 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:50:31.0659 1572 RasAgileVpn - ok
17:50:31.0691 1572 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:50:31.0691 1572 RasAuto - ok
17:50:31.0722 1572 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:50:31.0722 1572 Rasl2tp - ok
17:50:31.0769 1572 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
17:50:31.0769 1572 RasMan - ok
17:50:31.0800 1572 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:50:31.0800 1572 RasPppoe - ok
17:50:31.0831 1572 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:50:31.0831 1572 RasSstp - ok
17:50:31.0878 1572 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:50:31.0878 1572 rdbss - ok
17:50:31.0893 1572 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:50:31.0909 1572 rdpbus - ok
17:50:31.0940 1572 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:50:31.0940 1572 RDPCDD - ok
17:50:31.0987 1572 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:50:31.0987 1572 RDPENCDD - ok
17:50:32.0034 1572 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:50:32.0034 1572 RDPREFMP - ok
17:50:32.0065 1572 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:50:32.0081 1572 RDPWD - ok
17:50:32.0112 1572 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:50:32.0112 1572 rdyboost - ok
17:50:32.0143 1572 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:50:32.0159 1572 RemoteAccess - ok
17:50:32.0174 1572 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:50:32.0174 1572 RemoteRegistry - ok
17:50:32.0221 1572 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
17:50:32.0221 1572 RimUsb - ok
17:50:32.0252 1572 [ 0DE22421179D5A8440B68517DDF2B051 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
17:50:32.0268 1572 RimVSerPort - ok
17:50:32.0283 1572 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
17:50:32.0283 1572 ROOTMODEM - ok
17:50:32.0346 1572 [ AFD61A7C48A3E15C86A6FADF0B69A2E4 ] Roxio UPnP Renderer 9 C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
17:50:32.0346 1572 Roxio UPnP Renderer 9 - ok
17:50:32.0377 1572 [ EFBB36E2BB02169D26E9980778FC20D3 ] Roxio Upnp Server 9 C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe
17:50:32.0377 1572 Roxio Upnp Server 9 - ok
17:50:32.0424 1572 [ 6BD6D7EFEC6ECED723F186E3BFCC74E9 ] RoxLiveShare9 C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
17:50:32.0439 1572 RoxLiveShare9 - ok
17:50:32.0486 1572 [ 7F2C88BCC5EF2A896E4827F33CCCA843 ] RoxMediaDB9 C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
17:50:32.0502 1572 RoxMediaDB9 - ok
17:50:32.0533 1572 [ 26C4A8AD3E75679B66FC0A6D3BB6BE2A ] RoxWatch9 C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
17:50:32.0533 1572 RoxWatch9 - ok
17:50:32.0580 1572 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:50:32.0580 1572 RpcEptMapper - ok
17:50:32.0627 1572 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:50:32.0627 1572 RpcLocator - ok
17:50:32.0658 1572 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
17:50:32.0673 1572 RpcSs - ok
17:50:32.0705 1572 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:50:32.0705 1572 rspndr - ok
17:50:32.0751 1572 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:50:32.0767 1572 RTL8167 - ok
17:50:32.0783 1572 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
17:50:32.0783 1572 SamSs - ok
17:50:32.0814 1572 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
17:50:32.0814 1572 sbp2port - ok
17:50:32.0861 1572 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:50:32.0861 1572 SCardSvr - ok
17:50:32.0892 1572 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:50:32.0907 1572 scfilter - ok
17:50:32.0970 1572 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
17:50:32.0985 1572 Schedule - ok
17:50:33.0032 1572 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:50:33.0032 1572 SCPolicySvc - ok
17:50:33.0048 1572 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:50:33.0063 1572 SDRSVC - ok
17:50:33.0110 1572 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:50:33.0110 1572 secdrv - ok
17:50:33.0157 1572 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
17:50:33.0173 1572 seclogon - ok
17:50:33.0204 1572 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:50:33.0204 1572 SENS - ok
17:50:33.0235 1572 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:50:33.0235 1572 SensrSvc - ok
17:50:33.0282 1572 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:50:33.0282 1572 Serenum - ok
17:50:33.0297 1572 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:50:33.0297 1572 Serial - ok
17:50:33.0329 1572 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:50:33.0329 1572 sermouse - ok
17:50:33.0375 1572 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
17:50:33.0391 1572 SessionEnv - ok
17:50:33.0422 1572 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:50:33.0422 1572 sffdisk - ok
17:50:33.0453 1572 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:50:33.0453 1572 sffp_mmc - ok
17:50:33.0485 1572 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:50:33.0485 1572 sffp_sd - ok
17:50:33.0516 1572 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:50:33.0516 1572 sfloppy - ok
17:50:33.0547 1572 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:50:33.0563 1572 SharedAccess - ok
17:50:33.0594 1572 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:50:33.0594 1572 ShellHWDetection - ok
17:50:33.0625 1572 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:50:33.0625 1572 SiSRaid2 - ok
17:50:33.0656 1572 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:50:33.0656 1572 SiSRaid4 - ok
17:50:33.0734 1572 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:50:33.0734 1572 SkypeUpdate - ok
17:50:33.0765 1572 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:50:33.0765 1572 Smb - ok
17:50:33.0812 1572 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:50:33.0812 1572 SNMPTRAP - ok
17:50:33.0828 1572 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:50:33.0828 1572 spldr - ok
17:50:33.0890 1572 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
17:50:33.0906 1572 Spooler - ok
17:50:33.0984 1572 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
17:50:34.0062 1572 sppsvc - ok
17:50:34.0093 1572 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:50:34.0093 1572 sppuinotify - ok
17:50:34.0140 1572 sprtsvc_verizondm - ok
17:50:34.0171 1572 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:50:34.0187 1572 srv - ok
17:50:34.0233 1572 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:50:34.0233 1572 srv2 - ok
17:50:34.0280 1572 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:50:34.0296 1572 srvnet - ok
17:50:34.0327 1572 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:50:34.0343 1572 SSDPSRV - ok
17:50:34.0358 1572 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:50:34.0374 1572 SstpSvc - ok
17:50:34.0405 1572 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:50:34.0405 1572 stexstor - ok
17:50:34.0436 1572 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
17:50:34.0452 1572 stisvc - ok
17:50:34.0483 1572 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:50:34.0483 1572 swenum - ok
17:50:34.0530 1572 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:50:34.0530 1572 swprv - ok
17:50:34.0577 1572 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
17:50:34.0623 1572 SysMain - ok
17:50:34.0655 1572 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:50:34.0655 1572 TabletInputService - ok
17:50:34.0686 1572 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
17:50:34.0701 1572 TapiSrv - ok
17:50:34.0717 1572 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:50:34.0717 1572 TBS - ok
17:50:34.0779 1572 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:50:34.0826 1572 Tcpip - ok
17:50:34.0873 1572 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:50:34.0889 1572 TCPIP6 - ok
17:50:34.0920 1572 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:50:34.0920 1572 tcpipreg - ok
17:50:34.0967 1572 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:50:34.0982 1572 TDPIPE - ok
17:50:35.0013 1572 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:50:35.0013 1572 TDTCP - ok
17:50:35.0060 1572 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:50:35.0060 1572 tdx - ok
17:50:35.0076 1572 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:50:35.0076 1572 TermDD - ok
17:50:35.0123 1572 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
17:50:35.0138 1572 TermService - ok
17:50:35.0154 1572 tgsrvc_verizondm - ok
17:50:35.0185 1572 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:50:35.0185 1572 Themes - ok
17:50:35.0216 1572 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:50:35.0216 1572 THREADORDER - ok
17:50:35.0247 1572 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:50:35.0263 1572 TrkWks - ok
17:50:35.0310 1572 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:50:35.0325 1572 TrustedInstaller - ok
17:50:35.0357 1572 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:50:35.0357 1572 tssecsrv - ok
17:50:35.0403 1572 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:50:35.0403 1572 tunnel - ok
17:50:35.0435 1572 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:50:35.0450 1572 uagp35 - ok
17:50:35.0481 1572 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:50:35.0497 1572 udfs - ok
17:50:35.0544 1572 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:50:35.0544 1572 UI0Detect - ok
17:50:35.0575 1572 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
17:50:35.0622 1572 uliagpkx - ok
17:50:35.0653 1572 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:50:35.0684 1572 umbus - ok
17:50:35.0715 1572 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:50:35.0731 1572 UmPass - ok
17:50:35.0793 1572 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
17:50:35.0856 1572 Updater Service - ok
17:50:35.0887 1572 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:50:35.0903 1572 upnphost - ok
17:50:35.0934 1572 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:50:36.0074 1572 usbccgp - ok
17:50:36.0137 1572 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
17:50:36.0168 1572 usbcir - ok
17:50:36.0199 1572 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:50:36.0215 1572 usbehci - ok
17:50:36.0261 1572 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:50:36.0293 1572 usbhub - ok
17:50:36.0324 1572 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:50:36.0355 1572 usbohci - ok
17:50:36.0386 1572 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:50:36.0417 1572 usbprint - ok
17:50:36.0449 1572 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:50:36.0480 1572 usbscan - ok
17:50:36.0511 1572 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:50:36.0542 1572 USBSTOR - ok
17:50:36.0558 1572 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:50:36.0605 1572 usbuhci - ok
17:50:36.0620 1572 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:50:36.0667 1572 UxSms - ok
17:50:36.0683 1572 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
17:50:36.0683 1572 VaultSvc - ok
17:50:36.0714 1572 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
17:50:36.0745 1572 vdrvroot - ok
17:50:36.0776 1572 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
17:50:36.0823 1572 vds - ok
17:50:36.0854 1572 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:50:36.0901 1572 vga - ok
17:50:36.0948 1572 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:50:36.0979 1572 VgaSave - ok
17:50:37.0010 1572 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
17:50:37.0057 1572 vhdmp - ok
17:50:37.0088 1572 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
17:50:37.0119 1572 viaide - ok
17:50:37.0135 1572 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
17:50:37.0182 1572 volmgr - ok
17:50:37.0213 1572 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:50:37.0275 1572 volmgrx - ok
17:50:37.0307 1572 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:50:37.0322 1572 volsnap - ok
17:50:37.0353 1572 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:50:37.0385 1572 vsmraid - ok
17:50:37.0431 1572 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
17:50:39.0303 1572 VSS - ok
17:50:39.0350 1572 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:50:39.0381 1572 vwifibus - ok
17:50:39.0397 1572 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:50:39.0413 1572 vwififlt - ok
17:50:39.0444 1572 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:50:39.0459 1572 W32Time - ok
17:50:39.0491 1572 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:50:39.0491 1572 WacomPen - ok
17:50:39.0522 1572 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:50:39.0522 1572 WANARP - ok
17:50:39.0553 1572 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:50:39.0553 1572 Wanarpv6 - ok
17:50:39.0631 1572 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:50:39.0647 1572 WatAdminSvc - ok
17:50:39.0693 1572 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
17:50:39.0740 1572 wbengine - ok
17:50:39.0756 1572 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:50:39.0771 1572 WbioSrvc - ok
17:50:39.0818 1572 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:50:39.0834 1572 wcncsvc - ok
17:50:39.0849 1572 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:50:39.0865 1572 WcsPlugInService - ok
17:50:39.0881 1572 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:50:39.0881 1572 Wd - ok
17:50:39.0927 1572 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:50:39.0943 1572 Wdf01000 - ok
17:50:39.0974 1572 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:50:39.0974 1572 WdiServiceHost - ok
17:50:40.0005 1572 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:50:40.0005 1572 WdiSystemHost - ok
17:50:40.0052 1572 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
17:50:40.0068 1572 WebClient - ok
17:50:40.0099 1572 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:50:40.0115 1572 Wecsvc - ok
17:50:40.0130 1572 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:50:40.0130 1572 wercplsupport - ok
17:50:40.0177 1572 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:50:40.0177 1572 WerSvc - ok
17:50:40.0208 1572 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:50:40.0208 1572 WfpLwf - ok
17:50:40.0239 1572 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:50:40.0239 1572 WIMMount - ok
17:50:40.0271 1572 WinDefend - ok
17:50:40.0302 1572 WinHttpAutoProxySvc - ok
17:50:40.0380 1572 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:50:40.0380 1572 Winmgmt - ok
17:50:40.0442 1572 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
17:50:40.0489 1572 WinRM - ok
17:50:40.0567 1572 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:50:40.0567 1572 WinUsb - ok
17:50:40.0629 1572 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:50:40.0645 1572 Wlansvc - ok
17:50:40.0754 1572 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:50:40.0801 1572 wlidsvc - ok
17:50:40.0832 1572 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:50:40.0832 1572 WmiAcpi - ok
17:50:40.0895 1572 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:50:40.0895 1572 wmiApSrv - ok
17:50:40.0926 1572 WMPNetworkSvc - ok
17:50:40.0957 1572 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:50:40.0957 1572 WPCSvc - ok
17:50:40.0988 1572 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:50:40.0988 1572 WPDBusEnum - ok
17:50:41.0019 1572 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:50:41.0019 1572 ws2ifsl - ok
17:50:41.0066 1572 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
17:50:41.0082 1572 wscsvc - ok
17:50:41.0097 1572 WSearch - ok
17:50:41.0191 1572 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:50:41.0238 1572 wuauserv - ok
17:50:41.0285 1572 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:50:41.0300 1572 WudfPf - ok
17:50:41.0331 1572 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:50:41.0347 1572 WUDFRd - ok
17:50:41.0394 1572 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:50:41.0425 1572 wudfsvc - ok
17:50:41.0456 1572 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:50:41.0472 1572 WwanSvc - ok
17:50:41.0519 1572 ================ Scan global ===============================
17:50:41.0534 1572 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:50:41.0581 1572 [ 4343295C52C8B1ADD906F1A37B940AA1 ] C:\Windows\system32\winsrv.dll
17:50:41.0628 1572 [ 4343295C52C8B1ADD906F1A37B940AA1 ] C:\Windows\system32\winsrv.dll
17:50:41.0675 1572 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:50:41.0721 1572 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:50:41.0721 1572 [Global] - ok
17:50:41.0721 1572 ================ Scan MBR ==================================
17:50:41.0737 1572 [ 70E629B51C16B3C007730C6AE57144C9 ] \Device\Harddisk0\DR0
17:50:44.0358 1572 \Device\Harddisk0\DR0 - ok
17:50:44.0358 1572 ================ Scan VBR ==================================
17:50:44.0358 1572 [ 034B1AC14ABDB0D822B98FA7D10521EB ] \Device\Harddisk0\DR0\Partition1
17:50:44.0373 1572 \Device\Harddisk0\DR0\Partition1 - ok
17:50:44.0389 1572 [ B8BBF7394978661ECA3CC30DDC314C23 ] \Device\Harddisk0\DR0\Partition2
17:50:44.0405 1572 \Device\Harddisk0\DR0\Partition2 - ok
17:50:44.0420 1572 ============================================================
17:50:44.0420 1572 Scan finished
17:50:44.0420 1572 ============================================================
17:50:44.0451 3308 Detected object count: 0
17:50:44.0451 3308 Actual detected object count: 0
17:50:52.0751 3264 Deinitialize success

Malwarebytes Log:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.05.09

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
fowlerpeggy :: FOWLERPEGGY-PC [administrator]

1/5/2013 5:56:30 PM
mbam-log-2013-01-05 (17-56-30).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 403869
Time elapsed: 2 hour(s), 6 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

AdwCleaner Log:

# AdwCleaner v2.104 - Logfile created 01/05/2013 at 20:09:59
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : fowlerpeggy - FOWLERPEGGY-PC
# Boot Mode : Normal
# Running from : C:\Users\fowlerpeggy\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml
File Deleted : C:\Users\fowlerpeggy\AppData\Roaming\Mozilla\Firefox\Profiles\3y2imwel.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\IncrediMail_MediaBar_2
Folder Deleted : C:\Program Files (x86)\SelectRebates
Folder Deleted : C:\Program Files (x86)\verizontb
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\FOWLER~1\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\fowlerpeggy\AppData\Local\APN
Folder Deleted : C:\Users\fowlerpeggy\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\fowlerpeggy\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\fowlerpeggy\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\fowlerpeggy\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\fowlerpeggy\AppData\LocalLow\IncrediMail_MediaBar_2
Folder Deleted : C:\Users\fowlerpeggy\AppData\LocalLow\Mp3Tube Toolbar
Folder Deleted : C:\Users\fowlerpeggy\AppData\LocalLow\verizontb
Folder Deleted : C:\Users\fowlerpeggy\AppData\Roaming\Mozilla\Firefox\Profiles\3y2imwel.default\extensions\toolbar@ask.com
Folder Deleted : C:\Users\fowlerpeggy\AppData\Roaming\Mozilla\Firefox\Profiles\3y2imwel.default\verizontb
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_2
Key Deleted : HKCU\Software\AppDataLow\Software\Mp3Tube
Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{96673559-E653-4CDC-8923-F89347A952C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F8D96645-337C-419B-8792-B6C126145811}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96673559-E653-4CDC-8923-F89347A952C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8D96645-337C-419B-8792-B6C126145811}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2559647
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2724386
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\Software\IncrediMail_MediaBar_2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5C6270A6-AF1A-4890-ABBD-74A2688E4744}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5C6270A6-AF1A-4890-ABBD-74A2688E4744}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96673559-E653-4CDC-8923-F89347A952C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F8D96645-337C-419B-8792-B6C126145811}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4EA67831-D1EA-44C9-AC42-8B3469934CE6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96673559-E653-4CDC-8923-F89347A952C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8D96645-337C-419B-8792-B6C126145811}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IncrediMail_MediaBar_2 Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F8D96645-337C-419B-8792-B6C126145811}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F8D96645-337C-419B-8792-B6C126145811}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4 --> hxxp://www.google.com

-\\ Mozilla Firefox v5.0.1 (en-US)

File : C:\Users\fowlerpeggy\AppData\Roaming\Mozilla\Firefox\Profiles\3y2imwel.default\prefs.js

Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Deleted : user_pref("browser.startup.homepage", "hxxp://www.ask.com/?l=dis&o=2159&gct=hp");
Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Deleted : user_pref("extensions.asktb.abar-war-timeout", "4000");
Deleted : user_pref("extensions.asktb.apn_dbr", "ie_9.0.8112.16421");
Deleted : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Deleted : user_pref("extensions.asktb.cbid", "^A2E");
Deleted : user_pref("extensions.asktb.config-updated", false);
Deleted : user_pref("extensions.asktb.cr-o", "2159cr");
Deleted : user_pref("extensions.asktb.crumb", "2012.05.10+16.10.43-toolbar014iad-US-Q2hpY2FnbyxJTCxVbml0ZWQgU3[...]
Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Deleted : user_pref("extensions.asktb.displaybehavior", "");
Deleted : user_pref("extensions.asktb.displaytext", "");
Deleted : user_pref("extensions.asktb.dtid", "^YYYYYY^U7^US");
Deleted : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Deleted : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "USIL0225");
Deleted : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "F");
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Deleted : user_pref("extensions.asktb.fresh-install", false);
Deleted : user_pref("extensions.asktb.guid", "50472716-85ea-404c-89b4-cd15a70475a8");
Deleted : user_pref("extensions.asktb.hpr", "YES");
Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Deleted : user_pref("extensions.asktb.if", "first");
Deleted : user_pref("extensions.asktb.l", "dis");
Deleted : user_pref("extensions.asktb.last-config-req", "1338208036855");
Deleted : user_pref("extensions.asktb.locale", "en_US");
Deleted : user_pref("extensions.asktb.location", "Chicago,IL,United States");
Deleted : user_pref("extensions.asktb.lstation", "");
Deleted : user_pref("extensions.asktb.new-tab-enabled", true);
Deleted : user_pref("extensions.asktb.news-native-on", true);
Deleted : user_pref("extensions.asktb.nthp", "YES");
Deleted : user_pref("extensions.asktb.nthp_prev", "2");
Deleted : user_pref("extensions.asktb.o", "2159");
Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Deleted : user_pref("extensions.asktb.pstate", "");
Deleted : user_pref("extensions.asktb.qsrc", "2871");
Deleted : user_pref("extensions.asktb.r", "2");
Deleted : user_pref("extensions.asktb.sa", "YES");
Deleted : user_pref("extensions.asktb.saguid", "2197F493-1302-4BE1-AF81-23422ACA5C6D");
Deleted : user_pref("extensions.asktb.search-plugin-suggestions-url", "hxxp://ss.websearch.ask.com/query?qsrc=[...]
Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Deleted : user_pref("extensions.asktb.socialmini-first", true);
Deleted : user_pref("extensions.asktb.socialmini-interval", "1200000");
Deleted : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Deleted : user_pref("extensions.asktb.socialmini-max-items", "30");
Deleted : user_pref("extensions.asktb.socialmini-native-on", true);
Deleted : user_pref("extensions.asktb.socialmini-speed", "10000");
Deleted : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Deleted : user_pref("extensions.asktb.themeid", "");
Deleted : user_pref("extensions.asktb.timeinstalled", "5/10/2012 7:11:25 PM");
Deleted : user_pref("extensions.asktb.to", "");
Deleted : user_pref("extensions.asktb.version", "5.15.2.23037");
Deleted : user_pref("extensions.asktb.volume", "");
Deleted : user_pref("extensions.enabledAddons", "{81E1B5E7-6AC0-4403-94AB-C955E2EB0176}:1.9.1,toolbar@ask.com:[...]
Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=OVO2&o=2159&locale=e[...]

-\\ Google Chrome v23.0.1271.97

File : C:\Users\fowlerpeggy\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.9] : homepage = "hxxp://www.ask.com/?l=dis&o=2159cr&gct=hp",
Deleted [l.13] : urls_to_restore_on_startup = [ "hxxp://www.ask.com/?l=dis&o=2159cr&gct=hp" ]
Deleted [l.45] : icon_url = "hxxp://www.ask.com/favicon.ico",
Deleted [l.48] : keyword = "ask.com",
Deleted [l.51] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=OVO2&o=2159&locale=en_US&[...]
Deleted [l.52] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]
Deleted [l.832] : homepage = "hxxp://www.ask.com/?l=dis&o=2159cr&gct=hp",
Deleted [l.1414] : urls_to_restore_on_startup = [ "hxxp://www.ask.com/?l=dis&o=2159cr&gct=hp" ]

*************************

AdwCleaner[S1].txt - [17689 octets] - [05/01/2013 20:09:59]

########## EOF - C:\AdwCleaner[S1].txt - [17750 octets] ##########

RogueKiller Log:

RogueKiller V8.4.2 [Dec 31 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : fowlerpeggy [Admin rights]
Mode : Remove -- Date : 01/05/2013 21:21:38

Bad processes : 0

Registry Entries : 2
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Particular Files / Folders:

Driver : [NOT LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts



MBR Check:

+++++ PhysicalDrive0: WDC WD50 00AAKS-00V1A SCSI Disk Device +++++
--- User ---
[MBR] 54d64c359727af815ec323f7b9f0cf82
[BSP] 9f922c7f2f7d82ac204461cac3a1f88f : Acer tatooed MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27265024 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27469824 | Size: 463526 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2]_D_01052013_02d2121.txt >>
RKreport[1]_S_01052013_02d2120.txt ; RKreport[2]_D_01052013_02d2121.txt

#4 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:07:21 PM

Posted 05 January 2013 - 11:33 PM

Hi,

Very good that IE is running better! :) Let's run a few more scans to find any leftovers and hopefully make IE work as it should.

SUPERAntiSpyware

I need you to run a scan with SUPERAntiSpyware.

  • Download SAS from here, and save it to your desktop.
  • Double click the installer to start the installation. If you do not want to start the trial of the full version, please decline, and feel free to uncheck options to install external toolbars/software, unless you want them. Otherwise, follow the prompts and let the program install.
  • Once the program is done installing and updating, tick the Complete Scan option on the interface, and press the big Scan your Computer... button. Ensure that the options Activate Scan Boost™ > Low boost and Scan inside .ZIP archives are selected and Start Complete Scan.
  • After scanning, be sure to remove all detected threats if any were detected. If asked to reboot to remove threats, do so immediately.
  • Once finished, return to the main interface, go to View Scan Logs and view the newest log. Copy and paste it into your reply.

ESET Online Scanner

I need you to run a scan with ESET Online Scanner.

  • Download the scanner from here, and save it to your desktop.
  • Double click the file to install the program. Once it's done, accept the terms of use and click Start. Be sure the following settings are checked before beginning:
    Scan archives
    Remove found threats
    Scan potentially unwanted applications
    Scan for potentially unsafe applications
    Enable Anti-Stealth technology
  • Once the scan is done, if anything was found, click List of found threats, and then Export to text file..., and save the log to your desktop.
  • Click << Back, and then Finish. If you have to reboot, do so immediately.
  • After ESET finishes scanning and removing threats, copy and paste the log into your reply.

Junkware Removal Tool

I need you to run a scan with Junkware Removal Tool.

  • Download JRT from here, and save it to your desktop.
  • Double click the file to open it, and hit any key as per the instructions of the popped up window.
  • Once the scan is done, copy and paste the contents of the resulting log into your reply.

Please tell me how the PC is running in your next reply.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#5 mtdar

mtdar
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 06 January 2013 - 10:48 PM

Hi Gunto,

OK IE is running about the same, but when the computer starts after the welcome screen there is about 1-2 minutes of a black screen and then the desktop comes in.

I had a problem with the SAS scan as well. I didn't realize my computer was set for auto updates and the update process interrupted the scanning/cleaning process.

I've included all the logs as requested.

SUPERAntiSpyware Log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/06/2013 at 01:31 AM

Application Version : 5.6.1014

Core Rules Database Version : 9829
Trace Rules Database Version: 7641

Scan type : Complete Scan
Total Scan Time : 01:26:26

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 556
Memory threats detected : 0
Registry items scanned : 72578
Registry threats detected : 0
File items scanned : 52495
File threats detected : 191

Adware.Tracking Cookie
C:\Users\fowlerpeggy\AppData\Roaming\Microsoft\Windows\Cookies\APBWPAWN.txt [ /revsci.net ]
C:\Users\fowlerpeggy\AppData\Roaming\Microsoft\Windows\Cookies\12T4BC07.txt [ /doubleclick.net ]
C:\Users\fowlerpeggy\AppData\Roaming\Microsoft\Windows\Cookies\T370YLAE.txt [ /advertising.com ]
C:\Users\fowlerpeggy\AppData\Roaming\Microsoft\Windows\Cookies\0TIYE628.txt [ /tribalfusion.com ]
C:\Users\fowlerpeggy\AppData\Roaming\Microsoft\Windows\Cookies\AI1Q5B0V.txt [ /collective-media.net ]
C:\Users\fowlerpeggy\AppData\Roaming\Microsoft\Windows\Cookies\ZMS0YUW1.txt [ /ad.yieldmanager.com ]
C:\Users\fowlerpeggy\AppData\Roaming\Microsoft\Windows\Cookies\EENC78V0.txt [ /invitemedia.com ]
C:\USERS\FOWLERPEGGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\GKFPG1QT.txt [ Cookie:fowlerpeggy@collective-media.net/ ]
C:\USERS\FOWLERPEGGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\9JTSP2MC.txt [ Cookie:fowlerpeggy@casalemedia.com/ ]
C:\USERS\FOWLERPEGGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\P89WO6DO.txt [ Cookie:fowlerpeggy@imrworldwide.com/cgi-bin ]
C:\USERS\FOWLERPEGGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\MP9QV06B.txt [ Cookie:fowlerpeggy@atdmt.com/ ]
C:\USERS\FOWLERPEGGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\PRWFONEH.txt [ Cookie:fowlerpeggy@apmebf.com/ ]
C:\USERS\FOWLERPEGGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\WA8FCNOO.txt [ Cookie:fowlerpeggy@kontera.com/ ]
C:\USERS\FOWLERPEGGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\6Y2Y912F.txt [ Cookie:fowlerpeggy@ad.yieldmanager.com/ ]
C:\USERS\FOWLERPEGGY\AppData\Roaming\Microsoft\Windows\Cookies\Low\F79SAZFQ.txt [ Cookie:fowlerpeggy@invitemedia.com/ ]
C:\USERS\FOWLERPEGGY\Cookies\APBWPAWN.txt [ Cookie:fowlerpeggy@revsci.net/ ]
C:\USERS\FOWLERPEGGY\Cookies\T370YLAE.txt [ Cookie:fowlerpeggy@advertising.com/ ]
C:\USERS\FOWLERPEGGY\Cookies\0TIYE628.txt [ Cookie:fowlerpeggy@tribalfusion.com/ ]
C:\USERS\FOWLERPEGGY\Cookies\AI1Q5B0V.txt [ Cookie:fowlerpeggy@collective-media.net/ ]
C:\USERS\FOWLERPEGGY\Cookies\ZMS0YUW1.txt [ Cookie:fowlerpeggy@ad.yieldmanager.com/ ]
C:\USERS\FOWLERPEGGY\Cookies\EENC78V0.txt [ Cookie:fowlerpeggy@invitemedia.com/ ]
.doubleclick.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.247realmedia.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.premiumtv.122.2o7.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.r1-ads.ace.advertising.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getclicky.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.static.getclicky.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
hpi.rotator.hadj7.adjuggler.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
hpi.rotator.hadj7.adjuggler.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rotator.hadj7.adjuggler.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
hpi.rotator.hadj7.adjuggler.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.akamai.interclickproxy.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.click360.sitescout.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.myroitracking.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.weborama.fr [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.weborama.fr [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.weborama.fr [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.weboramapublishertrackinguk2.solution.weborama.fr [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.weboramapublishertrackinguk2.solution.weborama.fr [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
dc.tremormedia.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.youtube.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\FOWLERPEGGY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
a.media.global.go.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
ad.insightexpressai.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
cdn.complexmedianetwork.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
cdn.media.abc.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
cdn.tremormedia.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
core.insightexpressai.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
core.saymedia.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
ia.media-imdb.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
macromedia.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
media.mtvnservices.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
media.y8.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
media1.break.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
media1.clubpenguin.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
mufsdmedia.manhasset.k12.ny.us [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
objects.tremormedia.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
s0.2mdn.net [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
secure-uk.imrworldwide.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
secure-us.imrworldwide.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
spe.atdmt.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
speed.pointroll.com [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]
www.media.gov.on.ca [ C:\USERS\FOWLERPEGGY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DRMS5YCX ]

Adware.Trymedia
C:\USERS\PUBLIC\DOWNLOADS\5THGRADER_AOL-DM[1].EXE

ESET Online Scanner Log:

C:\Users\All Users\YouTube Downloader\ytd_installer.exe a variant of Win32/Toolbar.Widgi application unable to clean
C:\ProgramData\YouTube Downloader\ytd_installer.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Users\fowlerpeggy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\c2dc25f-59aa6336 multiple threats deleted - quarantined
C:\Users\Public\Downloads\5thGrader_AOL-dm[1].exe a variant of Win32/Adware.Trymedia.A application cleaned by deleting - quarantined


Junk Removal Tool Log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.1 (01.06.2013:2)
OS: Windows 7 Home Premium x64
Ran by fowlerpeggy on Sun 01/06/2013 at 22:23:02.03
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\selectrebates



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{59c6f12b-f004-43e5-9997-08f2123119b6}



~~~ Files

Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"
Successfully deleted: [File] "C:\Windows\couponprinter.ocx"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\fowlerpeggy\appdata\locallow\oovootoolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\oovootoolbar"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 01/06/2013 at 22:38:44.49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


I appreciate the help. Please let me know what's next. Thanks.

#6 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:07:21 PM

Posted 06 January 2013 - 11:52 PM

Hi,

You seem to be pretty badly infected, so you'll need some advanced help.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#7 mtdar

mtdar
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 07 January 2013 - 10:04 PM

Hi Gunto,

Thanks for all of your help. I've taken your suggestion and opened a new topic in the forum you suggested.

Thanks again.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users