Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Ammyy scam - Aunt's computer

(In Progress)
(!)

meowtweets444's Avatar
meowtweets444 meowtweets444 is offline
Computer Specs
Member with 28 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Intermediate
07-Jul-2012, 04:26 PM #1
Ammyy scam - Aunt's computer
Hi There, I'm now posting the info on my aunt's computer. She actually allowed the person from "Ammyy" to have access to her computer. I don't know what to look for pertaining to anything that was possibly downloaded to her computer by these scam artists. You were so helpful in helping with my computer. I'm going to post all the log files and then use the same instructions you gave to me and I'll post that later.



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:32:57 PM, on 7/7/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\PlatformDependent\ProToolbarComm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\BingBar\BingBar.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Microsoft\BingBar\BingApp.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RDY958S5\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.marketamerica.com/cbeauchamp/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Carol\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [TrendSecure Remote File Lock] C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe /lock
O4 - HKCU\..\Run: [OE] "C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: MRI_DISABLED
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\aestsrv.e xe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.1.121\McCHSvc.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\STacSV.ex e
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 10222 bytes








.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_33
Run by Carol at 15:36:32 on 2012-07-07
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3061.1198 [GMT -4:00]
.
AV: Trend Micro Internet Security Pro *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Internet Security Pro *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Trend Micro Personal Firewall *Enabled* {70A91CD9-303D-A217-A80E-6DEE136EDB2B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\STacSV.ex e
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\aestsrv.e xe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\PlatformDependent\ProToolbarComm.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Microsoft\BingBar\BBSvc.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\BingBar\BingBar.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Microsoft\BingBar\BingApp.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.marketamerica.com/cbeauchamp/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uWindow Title = Internet Explorer, optimized for Bing and MSN
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: TSToolbarBHO: {43c6d902-a1c5-45c9-91f6-fd9e90337e18} - c:\program files\trend micro\trendsecure\tisprotoolbar\TSToolbar.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: Trend Micro Toolbar: {ccac5586-44d7-4c43-b64a-f042461a97d2} - c:\program files\trend micro\trendsecure\tisprotoolbar\TSToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Google Update] "c:\users\carol\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [TrendSecure Remote File Lock] c:\program files\trend micro\trendsecure\remotefilelock\FLMain.exe /lock
uRun: [OE] "c:\program files\trend micro\internet security\tmas_oe\TMAS_OEMon.exe"
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell.exe" /mode2
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [UfSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.1.121\SSScheduler.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mri_di~1\hpdigi~1.ln k - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mri_di~1\quickset.ln k - c:\program files\dell\quickset\quickset.exe
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: yahoo.com\us.mc550.mail
Trusted Zone: yahoomail.com
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{1CA2F8CF-6C85-418E-A5C5-3C8DE36F199A} : DhcpNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{CFA34EDE-DD33-4E47-B62E-EBAB07D98981} : DhcpNameServer = 68.87.77.134 68.87.72.134
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - c:\program files\trend micro\trendsecure\tisprotoolbar\TSToolbar.dll
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\carol\appdata\roaming\mozilla\firefox\profiles\rzaej8ij.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=SUN1
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q=
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\users\carol\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\users\carol\appdata\roaming\move networks\plugins\npqmp071505000010.dll
.
============= SERVICES / DRIVERS ===============
.
R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;c:\windows\system32\drivers\tmlwf.sys [2011-4-27 146448]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_238116a1\A EstSrv.exe [2008-11-17 73728]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-9-24 155648]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2011-9-6 36624]
R2 tmwfp;Trend Micro WFP Callout Driver;c:\windows\system32\drivers\tmwfp.sys [2011-4-27 283152]
R3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-11-17 111616]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2008-11-17 54784]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2008-11-17 203264]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2008-11-17 144672]
R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2008-11-17 277440]
R3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2011-4-27 51792]
R3 TmPfw;Trend Micro Personal Firewall;c:\program files\trend micro\internet security\TmPfw.exe [2011-4-28 497008]
R3 TmProxy;Trend Micro Proxy Service;c:\program files\trend micro\internet security\TmProxy.exe [2011-4-28 689416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-7-7 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-3 250056]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-7-7 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.1.121\McCHSvc.exe [2010-9-3 227232]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v040 0.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-07-07 12:44:14 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{588a7092-4253-4f99-8993-3227481c6242}\offreg.dll
2012-07-06 22:29:44 6762896 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{588a7092-4253-4f99-8993-3227481c6242}\mpengine.dll
2012-06-26 00:40:27 -------- d-----w- c:\programdata\McAfee Security Scan
2012-06-26 00:40:24 -------- d-----w- c:\program files\McAfee Security Scan
2012-06-24 21:00:42 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-24 21:00:20 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-24 21:00:08 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-24 21:00:08 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 04:17:48 -------- d-----w- c:\users\carol\appdata\local\LogMeIn Rescue Applet
2012-06-22 02:56:15 -------- d-----w- c:\windows\pss
2012-06-22 02:37:31 -------- d-----w- c:\programdata\AMMYY
2012-06-15 01:54:29 984064 ----a-w- c:\windows\system32\crypt32.dll
2012-06-15 01:54:29 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-15 01:54:29 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-15 01:54:02 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-15 01:54:01 2045440 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 03:28:02 -------- d-----w- c:\program files\iPod
2012-06-13 03:27:59 -------- d-----w- c:\program files\iTunes
.
==================== Find3M ====================
.
2012-06-24 21:23:11 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-24 21:23:11 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-17 22:45:37 1800192 ----a-w- c:\windows\system32\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-05-09 16:21:41 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-05-09 16:21:36 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-19 00:56:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-04-19 00:56:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
============= FINISH: 15:37:19.75 ===============





.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 11/16/2008 8:24:17 PM
System Uptime: 7/7/2012 8:19:34 AM (7 hours ago)
.
Motherboard: Dell Inc. | | 0H268K
Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz | Microprocessor | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 210.434 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 4.827 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet Pro 8500 A909g
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet Pro 8500 A909g
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e979-e325-11ce-bfc1-08002be10318}
Description: Officejet Pro 8500 A909g
Device ID: ROOT\PRINTER\0000
Manufacturer: HP
Name: Officejet Pro 8500 A909g
PNP Device ID: ROOT\PRINTER\0000
Service:
.
==== System Restore Points ===================
.
RP578: 5/27/2012 5:27:36 PM - Installed Java(TM) 6 Update 32
RP580: 5/28/2012 12:00:30 PM - Restore point created by Trend Mico [0x10001101]
RP581: 5/29/2012 9:56:37 PM - Windows Update
RP582: 6/1/2012 12:49:38 PM - Windows Update
RP583: 6/4/2012 10:52:48 AM - Scheduled Checkpoint
RP584: 6/6/2012 10:48:25 AM - Windows Update
RP585: 6/6/2012 10:55:20 AM - Windows Update
RP588: 6/12/2012 5:51:46 PM - Windows Update
RP589: 6/12/2012 11:21:50 PM - Device Driver Package Install: Apple, Inc. Universal Serial Bus controllers
RP590: 6/12/2012 11:22:10 PM - Device Driver Package Install: Apple Network adapters
RP591: 6/15/2012 2:20:59 PM - Windows Update
RP592: 6/15/2012 11:42:38 PM - Windows Update
RP593: 6/20/2012 12:35:37 PM - Windows Update
RP594: 6/22/2012 6:16:08 PM - Windows Update
RP595: 6/22/2012 7:06:07 PM - Windows Update
RP596: 6/24/2012 4:19:50 PM - 06/17/2012
RP597: 6/24/2012 4:22:12 PM - 06/17/2012
RP598: 6/24/2012 4:41:21 PM - Restore Operation
RP599: 6/24/2012 4:59:53 PM - Windows Update
RP600: 6/24/2012 5:10:50 PM - Windows Update
RP601: 6/24/2012 6:07:31 PM - Windows Backup
RP602: 6/24/2012 6:13:43 PM - Windows Backup
RP603: 6/24/2012 6:16:24 PM - Windows Backup
RP604: 6/24/2012 6:19:25 PM - Windows Backup
RP605: 6/25/2012 8:38:38 PM - Installed Java(TM) 6 Update 33
RP606: 6/25/2012 8:40:06 PM - Installed Java Runtime Environment
RP607: 7/4/2012 5:40:36 PM - Windows Update
RP608: 7/6/2012 8:52:17 PM - Scheduled Checkpoint
RP609: 7/7/2012 3:08:55 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
7300_Help
7300Trb
7400
8500A909_eDocs
8500A909_Help
8500A909g
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.1
Advanced Audio FX Engine
AIO_CDB_ProductContext
AIO_CDB_Software
AIO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bing Bar
Bonjour
BPD_DSWizards
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Copy
CustomerResearchQFolder
Dell Dock
Dell Getting Started Guide
Dell Support Center
Dell Touchpad
Dell Video Chat (remove only)
Dell Webcam Central
Dell Wireless WLAN Card Utility
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DocMgr
DocProc
DocProcQFolder
EDocs
EPSON Printer Software
eSupportQFolder
Fax
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GoToMeeting 4.1.0.366
GPBaseService2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 12.0
HP Document Manager 2.0
HP Imaging Device Functions 12.0
HP Photosmart Essential
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPDiagnosticAlert
HPProductAssistant
HPSSupply
iCloud
Integrated Webcam Driver (1.03.02.0919)
Intel(R) Matrix Storage Manager
ITECIR Driver
iTunes
Java Auto Updater
Java(TM) 6 Update 33
Java(TM) 6 Update 7
Live! Cam Avatar Creator
MarketResearch
McAfee Security Scan Plus
MediaDirect
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional 2007
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft UI Engine
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Move Media Player
Mozilla Firefox 5.0 (x86 en-US)
MPM
MSVCSetup
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network
OCR Software by I.R.I.S. 12.0
Officejet Pro 8500 A909 Series
OGA Notifier 2.0.0048.0
ProductContext
QuickSet
QuickTime
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Shop for HP Supplies
SmartWebPrinting
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 9
Status
Toolbox
TrayApp
Trend Micro Internet Security Pro
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WebReg
Windows Live ID Sign-in Assistant
.
==== End Of File ======================


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-07-07 16:14:30
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0
Running: 9h1bm6nw.exe; Driver: C:\Users\Carol\AppData\Local\Temp\kwlirpog.sys

---- System - GMER 1.0.15 ----
SSDT 8A5DC0A0 ZwCreateKey
SSDT 8A5DD3E0 ZwCreateMutant
SSDT 8A5DB2E0 ZwCreateProcess
SSDT 8A5DB5A0 ZwCreateProcessEx
SSDT 8A5DCF00 ZwCreateThread
SSDT 8A5DC620 ZwDeleteKey
SSDT 8A5DC8E0 ZwDeleteValueKey
SSDT 8A5DD240 ZwLoadDriver
SSDT 8A5DBB20 ZwOpenProcess
SSDT 8A5DD580 ZwSetSystemInformation
SSDT 8A5DC360 ZwSetValueKey
SSDT 8A5DBDE0 ZwTerminateProcess
SSDT 8A5DCD60 ZwWriteVirtualMemory
SSDT 8A5DD0A0 ZwCreateThreadEx
SSDT 8A5DB860 ZwCreateUserProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 1E9 824C08AC 4 Bytes [A0, C0, 5D, 8A]
.text ntkrnlpa.exe!KeSetEvent + 1F5 824C08B8 4 Bytes [E0, D3, 5D, 8A]
.text ntkrnlpa.exe!KeSetEvent + 209 824C08CC 8 Bytes [E0, B2, 5D, 8A, A0, B5, 5D, ...]
.text ntkrnlpa.exe!KeSetEvent + 221 824C08E4 4 Bytes [00, CF, 5D, 8A]
.text ntkrnlpa.exe!KeSetEvent + 2D5 824C0998 4 Bytes [20, C6, 5D, 8A]
.text ...
? C:\Users\Carol\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[2420] kernel32.dll!SetUnhandledExceptionFilter 766FA8C5 5 Bytes JMP 609B50B8 C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation)
.text C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[2420] ole32.dll!OleLoadFromStream 779D1E80 5 Bytes JMP 6147EAC8 C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] kernel32.dll!CreateThread 7671CB2E 5 Bytes JMP 6BA375CB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!CreateDialogParamW 764D72A2 5 Bytes JMP 6BBC90F0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!GetAsyncKeyState 764D863C 5 Bytes JMP 6BA1DEAD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!SetWindowsHookExW 764D87AD 5 Bytes JMP 6BA725AC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!CallNextHookEx 764D8E3B 5 Bytes JMP 6BA97FDF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!UnhookWindowsHookEx 764D98DB 5 Bytes JMP 6BABECE0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!EnableWindow 764DCD8B 5 Bytes JMP 6BA79EAC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!DefWindowProcA 764DDB88 7 Bytes JMP 6BA397F5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!CreateWindowExA 764DDC2A 5 Bytes JMP 6BA4362B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!CreateWindowExW 764E1305 5 Bytes JMP 6BAA03B7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!GetKeyState 764E8CB1 5 Bytes JMP 6BA1DD87 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!DefWindowProcW 764F03B4 7 Bytes JMP 6BA98042 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!IsDialogMessageW 764F0745 5 Bytes JMP 6BBC9855 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!CreateDialogParamA 764F17AA 5 Bytes JMP 6BBC90B8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!IsDialogMessage 764F1847 5 Bytes JMP 6BBC982D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!CreateDialogIndirectParamA 764F26F1 5 Bytes JMP 6BBC9128 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!CreateDialogIndirectParamW 764F9A62 5 Bytes JMP 6BBC9160 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!SetKeyboardState 76500987 5 Bytes JMP 6BBCA11D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!DialogBoxParamW 765010B0 5 Bytes JMP 6B9D187B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!DialogBoxIndirectParamW 76502EF5 5 Bytes JMP 6BBC8D86 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!SendInput 76502F75 5 Bytes JMP 6BBCA0C5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!EndDialog 7650326E 5 Bytes JMP 6BBC9B01 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!SetCursorPos 76516FB2 5 Bytes JMP 6BBCA19E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!DialogBoxParamA 76518152 5 Bytes JMP 6BBC8D21 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!DialogBoxIndirectParamA 7651847D 5 Bytes JMP 6BBC8DEB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!MessageBoxIndirectA 7652D4D9 5 Bytes JMP 6BBC8CA8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!MessageBoxIndirectW 7652D5D3 5 Bytes JMP 6BBC8C2F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!MessageBoxExA 7652D639 5 Bytes JMP 6BBC8BCB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!MessageBoxExW 7652D65D 5 Bytes JMP 6BBC8B67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!keybd_event 7652D972 5 Bytes JMP 6BBCA082 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] SHELL32.dll!SHRestricted + D95 76BD89A8 4 Bytes [CF, 01, 07, 6A]
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] SHELL32.dll!SHRestricted + D9D 76BD89B0 8 Bytes [E0, 61, 06, 6A, 79, F7, 06, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] ole32.dll!OleLoadFromStream 779D1E80 5 Bytes JMP 6BBC955F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] WININET.dll!HttpOpenRequestA 76815761 5 Bytes JMP 68F7F983 C:\Program Files\Microsoft\BingBar\BingExt.dll (Bing Client Extensions/Microsoft Corporation.)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] WININET.dll!HttpOpenRequestW 76815FEF 5 Bytes JMP 68F7FAE7 C:\Program Files\Microsoft\BingBar\BingExt.dll (Bing Client Extensions/Microsoft Corporation.)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] WS2_32.dll!closesocket 77E4330C 5 Bytes JMP 694F6378 C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] WS2_32.dll!recv 77E4343A 5 Bytes JMP 694F667C C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] WS2_32.dll!socket 77E436D1 5 Bytes JMP 694F5683 C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] WS2_32.dll!connect 77E440D9 5 Bytes JMP 694F5713 C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] WS2_32.dll!getaddrinfo 77E4418A 5 Bytes JMP 694F583B C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3064] WS2_32.dll!send 77E4659B 5 Bytes JMP 694F5C8E C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3976] USER32.dll!EnableWindow 764DCD8B 5 Bytes JMP 6BA79EAC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3976] USER32.dll!DialogBoxParamW 765010B0 5 Bytes JMP 6B9D187B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3976] USER32.dll!DialogBoxIndirectParamW 76502EF5 5 Bytes JMP 6BBC8D86 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3976] USER32.dll!DialogBoxParamA 76518152 5 Bytes JMP 6BBC8D21 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3976] USER32.dll!DialogBoxIndirectParamA 7651847D 5 Bytes JMP 6BBC8DEB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3976] USER32.dll!MessageBoxIndirectA 7652D4D9 5 Bytes JMP 6BBC8CA8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3976] USER32.dll!MessageBoxIndirectW 7652D5D3 5 Bytes JMP 6BBC8C2F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3976] USER32.dll!MessageBoxExA 7652D639 5 Bytes JMP 6BBC8BCB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3976] USER32.dll!MessageBoxExW 7652D65D 5 Bytes JMP 6BBC8B67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] kernel32.dll!CreateThread 7671CB2E 5 Bytes JMP 6BA375CB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!CreateDialogParamW 764D72A2 5 Bytes JMP 6BBC90F0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!GetAsyncKeyState 764D863C 5 Bytes JMP 6BA1DEAD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!SetWindowsHookExW 764D87AD 5 Bytes JMP 6BA725AC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!CallNextHookEx 764D8E3B 5 Bytes JMP 6BA97FDF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!UnhookWindowsHookEx 764D98DB 5 Bytes JMP 6BABECE0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!EnableWindow 764DCD8B 5 Bytes JMP 6BA79EAC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!DefWindowProcA 764DDB88 7 Bytes JMP 6BA397F5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!CreateWindowExA 764DDC2A 5 Bytes JMP 6BA4362B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!CreateWindowExW 764E1305 5 Bytes JMP 6BAA03B7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!GetKeyState 764E8CB1 5 Bytes JMP 6BA1DD87 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!DefWindowProcW 764F03B4 7 Bytes JMP 6BA98042 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!IsDialogMessageW 764F0745 5 Bytes JMP 6BBC9855 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!CreateDialogParamA 764F17AA 5 Bytes JMP 6BBC90B8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!IsDialogMessage 764F1847 5 Bytes JMP 6BBC982D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!CreateDialogIndirectParamA 764F26F1 5 Bytes JMP 6BBC9128 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!CreateDialogIndirectParamW 764F9A62 5 Bytes JMP 6BBC9160 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!SetKeyboardState 76500987 5 Bytes JMP 6BBCA11D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!DialogBoxParamW 765010B0 5 Bytes JMP 6B9D187B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!DialogBoxIndirectParamW 76502EF5 5 Bytes JMP 6BBC8D86 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!SendInput 76502F75 5 Bytes JMP 6BBCA0C5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!EndDialog 7650326E 5 Bytes JMP 6BBC9B01 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!SetCursorPos 76516FB2 5 Bytes JMP 6BBCA19E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!DialogBoxParamA 76518152 5 Bytes JMP 6BBC8D21 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!DialogBoxIndirectParamA 7651847D 5 Bytes JMP 6BBC8DEB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!MessageBoxIndirectA 7652D4D9 5 Bytes JMP 6BBC8CA8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!MessageBoxIndirectW 7652D5D3 5 Bytes JMP 6BBC8C2F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!MessageBoxExA 7652D639 5 Bytes JMP 6BBC8BCB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!MessageBoxExW 7652D65D 5 Bytes JMP 6BBC8B67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] USER32.dll!keybd_event 7652D972 5 Bytes JMP 6BBCA082 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] SHELL32.dll!SHRestricted + D95 76BD89A8 4 Bytes [CF, 01, 07, 6A]
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] SHELL32.dll!SHRestricted + D9D 76BD89B0 8 Bytes [E0, 61, 06, 6A, 79, F7, 06, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] ole32.dll!OleLoadFromStream 779D1E80 5 Bytes JMP 6BBC955F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] WININET.dll!HttpOpenRequestA 76815761 5 Bytes JMP 68F7F983 C:\Program Files\Microsoft\BingBar\BingExt.dll (Bing Client Extensions/Microsoft Corporation.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] WININET.dll!HttpOpenRequestW 76815FEF 5 Bytes JMP 68F7FAE7 C:\Program Files\Microsoft\BingBar\BingExt.dll (Bing Client Extensions/Microsoft Corporation.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] WS2_32.dll!closesocket 77E4330C 5 Bytes JMP 694F6378 C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] WS2_32.dll!recv 77E4343A 5 Bytes JMP 694F667C C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] WS2_32.dll!socket 77E436D1 5 Bytes JMP 694F5683 C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] WS2_32.dll!connect 77E440D9 5 Bytes JMP 694F5713 C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] WS2_32.dll!getaddrinfo 77E4418A 5 Bytes JMP 694F583B C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4456] WS2_32.dll!send 77E4659B 5 Bytes JMP 694F5C8E C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] kernel32.dll!CreateThread 7671CB2E 5 Bytes JMP 6BA375CB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!CreateDialogParamW 764D72A2 5 Bytes JMP 6BBC90F0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!GetAsyncKeyState 764D863C 5 Bytes JMP 6BA1DEAD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!SetWindowsHookExW 764D87AD 5 Bytes JMP 6BA725AC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!CallNextHookEx 764D8E3B 5 Bytes JMP 6BA97FDF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!UnhookWindowsHookEx 764D98DB 5 Bytes JMP 6BABECE0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!EnableWindow 764DCD8B 5 Bytes JMP 6BA79EAC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!DefWindowProcA 764DDB88 7 Bytes JMP 6BA397F5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!CreateWindowExA 764DDC2A 5 Bytes JMP 6BA4362B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!CreateWindowExW 764E1305 5 Bytes JMP 6BAA03B7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!GetKeyState 764E8CB1 5 Bytes JMP 6BA1DD87 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!DefWindowProcW 764F03B4 7 Bytes JMP 6BA98042 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!IsDialogMessageW 764F0745 5 Bytes JMP 6BBC9855 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!CreateDialogParamA 764F17AA 5 Bytes JMP 6BBC90B8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!IsDialogMessage 764F1847 5 Bytes JMP 6BBC982D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!CreateDialogIndirectParamA 764F26F1 5 Bytes JMP 6BBC9128 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!CreateDialogIndirectParamW 764F9A62 5 Bytes JMP 6BBC9160 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!SetKeyboardState 76500987 5 Bytes JMP 6BBCA11D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!DialogBoxParamW 765010B0 5 Bytes JMP 6B9D187B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!DialogBoxIndirectParamW 76502EF5 5 Bytes JMP 6BBC8D86 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!SendInput 76502F75 5 Bytes JMP 6BBCA0C5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!EndDialog 7650326E 5 Bytes JMP 6BBC9B01 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!SetCursorPos 76516FB2 5 Bytes JMP 6BBCA19E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!DialogBoxParamA 76518152 5 Bytes JMP 6BBC8D21 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!DialogBoxIndirectParamA 7651847D 5 Bytes JMP 6BBC8DEB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!MessageBoxIndirectA 7652D4D9 5 Bytes JMP 6BBC8CA8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!MessageBoxIndirectW 7652D5D3 5 Bytes JMP 6BBC8C2F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!MessageBoxExA 7652D639 5 Bytes JMP 6BBC8BCB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!MessageBoxExW 7652D65D 5 Bytes JMP 6BBC8B67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] USER32.dll!keybd_event 7652D972 5 Bytes JMP 6BBCA082 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] SHELL32.dll!SHRestricted + D95 76BD89A8 4 Bytes [CF, 01, 07, 6A]
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] SHELL32.dll!SHRestricted + D9D 76BD89B0 8 Bytes [E0, 61, 06, 6A, 79, F7, 06, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] ole32.dll!OleLoadFromStream 779D1E80 5 Bytes JMP 6BBC955F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] WININET.dll!HttpOpenRequestA 76815761 5 Bytes JMP 68F7F983 C:\Program Files\Microsoft\BingBar\BingExt.dll (Bing Client Extensions/Microsoft Corporation.)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] WININET.dll!HttpOpenRequestW 76815FEF 5 Bytes JMP 68F7FAE7 C:\Program Files\Microsoft\BingBar\BingExt.dll (Bing Client Extensions/Microsoft Corporation.)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] WS2_32.dll!closesocket 77E4330C 5 Bytes JMP 694F6378 C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] WS2_32.dll!recv 77E4343A 5 Bytes JMP 694F667C C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] WS2_32.dll!socket 77E436D1 5 Bytes JMP 694F5683 C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] WS2_32.dll!connect 77E440D9 5 Bytes JMP 694F5713 C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] WS2_32.dll!getaddrinfo 77E4418A 5 Bytes JMP 694F583B C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5360] WS2_32.dll!send 77E4659B 5 Bytes JMP 694F5C8E C:\Program Files\Microsoft\BingBar\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] kernel32.dll!CreateThread 7671CB2E 5 Bytes JMP 6BA375CB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!CreateDialogParamW 764D72A2 5 Bytes JMP 6BBC90F0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!GetAsyncKeyState 764D863C 5 Bytes JMP 6BA1DEAD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!SetWindowsHookExW 764D87AD 5 Bytes JMP 6BA725AC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!CallNextHookEx 764D8E3B 5 Bytes JMP 6BA97FDF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!UnhookWindowsHookEx 764D98DB 5 Bytes JMP 6BABECE0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!EnableWindow 764DCD8B 5 Bytes JMP 6BA79EAC C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!DefWindowProcA 764DDB88 7 Bytes JMP 6BA397F5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!CreateWindowExA 764DDC2A 5 Bytes JMP 6BA4362B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!CreateWindowExW 764E1305 5 Bytes JMP 6BAA03B7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!GetKeyState 764E8CB1 5 Bytes JMP 6BA1DD87 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!DefWindowProcW 764F03B4 7 Bytes JMP 6BA98042 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!IsDialogMessageW 764F0745 5 Bytes JMP 6BBC9855 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!CreateDialogParamA 764F17AA 5 Bytes JMP 6BBC90B8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!IsDialogMessage 764F1847 5 Bytes JMP 6BBC982D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!CreateDialogIndirectParamA 764F26F1 5 Bytes JMP 6BBC9128 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!CreateDialogIndirectParamW 764F9A62 5 Bytes JMP 6BBC9160 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!SetKeyboardState 76500987 5 Bytes JMP 6BBCA11D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!DialogBoxParamW 765010B0 5 Bytes JMP 6B9D187B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!DialogBoxIndirectParamW 76502EF5 5 Bytes JMP 6BBC8D86 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!SendInput 76502F75 5 Bytes JMP 6BBCA0C5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!EndDialog 7650326E 5 Bytes JMP 6BBC9B01 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!SetCursorPos 76516FB2 5 Bytes JMP 6BBCA19E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!DialogBoxParamA 76518152 5 Bytes JMP 6BBC8D21 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!DialogBoxIndirectParamA 7651847D 5 Bytes JMP 6BBC8DEB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!MessageBoxIndirectA 7652D4D9 5 Bytes JMP 6BBC8CA8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!MessageBoxIndirectW 7652D5D3 5 Bytes JMP 6BBC8C2F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!MessageBoxExA 7652D639 5 Bytes JMP 6BBC8BCB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!MessageBoxExW 7652D65D 5 Bytes JMP 6BBC8B67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] USER32.dll!keybd_event 7652D972 5 Bytes JMP 6BBCA082 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] SHELL32.dll!SHRestricted + D95 76BD89A8 4 Bytes [CF, 01, 07, 6A]
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] SHELL32.dll!SHRestricted + D9D 76BD89B0 8 Bytes [E0, 61, 06, 6A, 79, F7, 06, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[5464] ole32.dll!OleLoadFromStream 779D1E80 5 Bytes JMP 6BBC955F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\tdx \Device\Tcp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\tdx \Device\Udp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex@LogName C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIn dex\SystemIndex.Ntfy4580.gthr
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex@LogNumber 4580
---- EOF - GMER 1.0.15 ----
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,314 posts.
 
Join Date: Mar 2001
Location: Bradford, England
08-Jul-2012, 02:48 PM #2
Hiya

Your Java is out of date, so lets do that next:

Upgrade Java : (32 bits)
  • Download the latest version of Java SE Runtime Environment (JRE) JRE 7 Update 5 .
  • Under the JAVA Platform Standard Edition, click the "Download JRE" button to the right.
  • Accept License Agreement.[/b]".
  • Click on the link to download Windows Offline Installation 32 bit ( jre-7u5-windows-i586.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista or Win 7 users, right click on the jre-7u5-windows-i586.exe and select "Run as an Administrator.")
  • Don't install any of the toolbars that are offered.


After doing the above, for the remains of the Java, can you do this:

Open Java in the Control Panel and under the General tab, under Temporary Internet Files, click the Settings button. Then click on Delete Files.

Make sure both of these options are checked:
  • Applications and Applets
  • Trace and Log Files
OK out of all the screens.


---------------------------------
Download Security Check from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.





Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediatly.






Download and scan with SUPERAntiSpyware Free Edition for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Home" button to leave the control center screen.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click Scan your computer.
  • On the left, select all fixed drives.
  • Click "Start Complete Scan" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "Continue".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "Remove Threats" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • [i][color=green]Click View Scan Logs.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

Please include the MBAM log, SUPERAntiSpyware Scan Log and checkup.txt in your next reply

eddie
__________________
Just go with the flow, like a twig on the shoulders of a mighty stream

MVP in Consumer Security
meowtweets444's Avatar
meowtweets444 meowtweets444 is offline
Computer Specs
Member with 28 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Intermediate
15-Jul-2012, 04:46 PM #3
I updated her Java and deleted temp files. Here's her Security check:



Results of screen317's Security Check version 0.99.42
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Trend Micro Internet Security Pro
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SUPERAntiSpyware
Malwarebytes Anti-Malware version 1.61.0.1400
Java(TM) 6 Update 33
Java(TM) 6 Update 7
Java version out of Date!
Adobe Flash Player 11.3.300.265
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox 5.0 Firefox out of Date!
Google Chrome 20.0.1132.47
Google Chrome 20.0.1132.57
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSASCui.exe
Windows Defender MSASCui.exe
Trend Micro Internet Security SfCtlCom.exe
Trend Micro TrendSecure TSCFPlatformCOMSvr.exe
Trend Micro Internet Security UfSeAgnt.exe
Trend Micro TrendSecure RemoteFileLock FLMain.exe
Trend Micro Internet Security TMAS_OE TMAS_OEMon.exe
Trend Micro Internet Security TmProxy.exe
Trend Micro TrendSecure TISProToolbar ProToolbarUpdate.exe
Trend Micro Internet Security TmPfw.exe
Trend Micro BM TMBMSRV.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0 %
````````````````````End of Log``````````````````````
meowtweets444's Avatar
meowtweets444 meowtweets444 is offline
Computer Specs
Member with 28 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Intermediate
15-Jul-2012, 04:50 PM #4
Here's the MalwareBytes:



Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.07.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Carol :: CAROLLAPTOP [administrator]

7/7/2012 4:46:02 PM
mbam-log-2012-07-07 (16-46-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210454
Time elapsed: 12 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_Show Search (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
meowtweets444's Avatar
meowtweets444 meowtweets444 is offline
Computer Specs
Member with 28 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Intermediate
15-Jul-2012, 04:54 PM #5
Here's the SuperAntiSpyware ...by the way, I ran both MalB and SAS earlier, I'll run them again, but these are the first scans:


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/07/2012 at 05:16 PM

Application Version : 5.5.1006

Core Rules Database Version : 8862
Trace Rules Database Version: 6674

Scan type : Quick Scan
Total Scan Time : 00:15:28

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 794
Memory threats detected : 0
Registry items scanned : 27422
Registry threats detected : 0
File items scanned : 12039
File threats detected : 492

Adware.Tracking Cookie
C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Cookies\1VZDPC0R.txt [ /atdmt.com ]
C:\USERS\CAROL\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y31N3RG1.txt [ Cookie:carol@www.googleadservices.com/pagead/conversion/1037928342/ ]
C:\USERS\CAROL\Cookies\1VZDPC0R.txt [ Cookie:carol@atdmt.com/ ]
.atdmt.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.advertising.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.apmebf.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.zedo.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.mediaforge.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.adbrite.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.specificclick.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.adinterax.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.mediaplex.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
realfoodmedia.advertserve.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.serving-sys.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.serving-sys.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.pointroll.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.revsci.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ru4.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.adxpose.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.atwola.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.qnsr.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
o1.qnsr.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
www.qsstats.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
www.qsstats.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.liveperson.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.liveperson.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.fastclick.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.burstnet.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.interclick.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.interclick.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.vitacost.122.2o7.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.realmedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.realmedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.realmedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.kontera.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.realmedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.realmedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
network.realmedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.cisco.112.2o7.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.dmtracker.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.xiti.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.medhelpinternational.112.2o7.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
d.mediaforge.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.2o7.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.legolas-media.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.bestbuy.122.2o7.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.samsclub.112.2o7.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.realmedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.wholetraditions.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.wholetraditions.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.wholetraditions.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ru4.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
server.iad.liveperson.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.liveperson.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
citi.bridgetrack.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
citi.bridgetrack.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
citi.bridgetrack.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
citi.bridgetrack.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.media.adfrontiers.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.pro-market.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.pro-market.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.pro-market.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.interclick.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.apmebf.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
ad.yieldmanager.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.pro-market.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.pro-market.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.pro-market.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.liveperson.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
sales.liveperson.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.eyewonder.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.eyewonder.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.doubleclick.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.walmart.112.2o7.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.at.atwola.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
media.mercola.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.statcounter.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.kontera.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
media.mercola.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.media.adfrontiers.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.questionmarket.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.pointroll.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.revsci.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.revsci.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.mm.chitika.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.zedo.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.adbrite.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.adbrite.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
www.burstnet.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.msnportal.112.2o7.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ru4.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ru4.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.zedo.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.advertising.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.interclick.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.zedo.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.zedo.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
ad.yieldmanager.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.target.db.advertising.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.revsci.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.legolas-media.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.legolas-media.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.revsci.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.revsci.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.adinterax.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ehg-techtarget.hitbox.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.hitbox.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.hitbox.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.adbrite.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.questionmarket.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.questionmarket.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.2o7.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.2o7.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.2o7.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.revsci.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.revsci.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.revsci.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.revsci.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.fastclick.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.fastclick.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.t.pointroll.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.eyewonder.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.eyewonder.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.mediaplex.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.fastclick.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.serving-sys.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.serving-sys.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.zedo.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.pointroll.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.www.burstnet.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.burstnet.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.r1-ads.ace.advertising.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.at.atwola.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.at.atwola.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.adbrite.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.adbrite.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.adbrite.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.adbrite.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.mediabrandsww.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.media6degrees.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.media6degrees.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.media6degrees.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.media6degrees.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.media6degrees.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.media6degrees.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.mediaplex.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.advertising.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.fastclick.net [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.zedo.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.zedo.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.advertising.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.advertising.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.advertising.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.advertising.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.atdmt.com [ C:\USERS\CAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RZAEJ8IJ.DEFAULT\CO OKIES.SQLITE ]
.atdmt.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.paypal.112.2o7.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickforensics.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificmedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amex-insights.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.target.db.advertising.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nextag.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nextag.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.edgeadx.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
banner.adchemy.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
banner.adchemy.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.edgeadx.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media.adfrontiers.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media.adfrontiers.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dteenergy.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dteenergy.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
citi.bridgetrack.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
citi.bridgetrack.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
citi.bridgetrack.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
citi.bridgetrack.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amex-insights.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kiamotorsamerica.122.2o7.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hitbox.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.superpages.122.2o7.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.akamai.interclickproxy.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.wuspeedpay.122.2o7.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\CAROL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]




Can I go ahead and proceed to TDSSKiller? aswMBR? Combofix, etc? That's what was recommended for my computer on another thread.

Last edited by meowtweets444; 15-Jul-2012 at 05:24 PM..
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,314 posts.
 
Join Date: Mar 2001
Location: Bradford, England
16-Jul-2012, 07:52 AM #6
Yes, if you run them exatcly as before, and post the logs here

Also, make sure you get the latest files. In fact, now that I'm home, here is the post

Can you run the following tools, and copy/paste the logs that they produce here. If its over a few posts, that's fine


Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.


  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.


  • Click the Start Scan button.


  • If a suspicious object is detected, the default action will be Skip, click on Continue.


  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.


  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply


--------------------------

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan


On completion of the scan click save log, save it to your desktop and post in your next reply


-------------------------

Delete any copies of Combofix that you have.

Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT !!! As you download it rename it to username123.exe and save it to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Remember to re-enable the protection again afterwards before connecting to the Internet.
  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.




Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

eddie

Last edited by eddie5659; 16-Jul-2012 at 02:22 PM..
meowtweets444's Avatar
meowtweets444 meowtweets444 is offline
Computer Specs
Member with 28 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Intermediate
21-Jul-2012, 08:32 PM #7
Here's the TDSSKiller:



0:22:42.0531 2368 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
20:22:43.0019 2368 ============================================================
20:22:43.0019 2368 Current date / time: 2012/07/21 20:22:43.0019
20:22:43.0019 2368 SystemInfo:
20:22:43.0019 2368
20:22:43.0019 2368 OS Version: 6.0.6002 ServicePack: 2.0
20:22:43.0019 2368 Product type: Workstation
20:22:43.0019 2368 ComputerName: CAROLLAPTOP
20:22:43.0019 2368 UserName: Carol
20:22:43.0019 2368 Windows directory: C:\Windows
20:22:43.0019 2368 System windows directory: C:\Windows
20:22:43.0019 2368 Processor architecture: Intel x86
20:22:43.0020 2368 Number of processors: 2
20:22:43.0020 2368 Page size: 0x1000
20:22:43.0020 2368 Boot type: Normal boot
20:22:43.0020 2368 ============================================================
20:22:43.0813 2368 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:22:43.0846 2368 ============================================================
20:22:43.0846 2368 \Device\Harddisk0\DR0:
20:22:43.0846 2368 MBR partitions:
20:22:43.0846 2368 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x27800, BlocksNum 0x1400000
20:22:43.0846 2368 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1427800, BlocksNum 0x24006800
20:22:43.0846 2368 ============================================================
20:22:43.0873 2368 C: <-> \Device\Harddisk0\DR0\Partition1
20:22:43.0927 2368 D: <-> \Device\Harddisk0\DR0\Partition0
20:22:43.0927 2368 ============================================================
20:22:43.0927 2368 Initialize success
20:22:43.0927 2368 ============================================================
20:23:43.0802 4328 ============================================================
20:23:43.0802 4328 Scan started
20:23:43.0802 4328 Mode: Manual; SigCheck; TDLFS;
20:23:43.0802 4328 ============================================================
20:23:44.0149 4328 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
20:23:44.0271 4328 !SASCORE - ok
20:23:44.0453 4328 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:23:44.0506 4328 ACPI - ok
20:23:44.0596 4328 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:23:44.0618 4328 AdobeFlashPlayerUpdateSvc - ok
20:23:44.0696 4328 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
20:23:44.0808 4328 adp94xx - ok
20:23:44.0849 4328 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
20:23:44.0926 4328 adpahci - ok
20:23:44.0944 4328 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
20:23:44.0988 4328 adpu160m - ok
20:23:45.0010 4328 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
20:23:45.0061 4328 adpu320 - ok
20:23:45.0095 4328 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
20:23:45.0185 4328 AeLookupSvc - ok
20:23:45.0285 4328 AESTFilters (ef1142512bec12f1c2c87735da1755be) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\aestsrv.e xe
20:23:45.0386 4328 AESTFilters - ok
20:23:45.0468 4328 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:23:45.0595 4328 AFD - ok
20:23:45.0638 4328 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
20:23:45.0685 4328 agp440 - ok
20:23:45.0705 4328 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:23:45.0761 4328 aic78xx - ok
20:23:45.0784 4328 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
20:23:45.0914 4328 ALG - ok
20:23:45.0946 4328 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
20:23:45.0990 4328 aliide - ok
20:23:46.0011 4328 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
20:23:46.0062 4328 amdagp - ok
20:23:46.0091 4328 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
20:23:46.0120 4328 amdide - ok
20:23:46.0143 4328 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
20:23:46.0209 4328 AmdK7 - ok
20:23:46.0244 4328 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
20:23:46.0342 4328 AmdK8 - ok
20:23:46.0393 4328 ApfiltrService (1de27858a431a5749e0f3df54ba935b9) C:\Windows\system32\DRIVERS\Apfiltr.sys
20:23:46.0451 4328 ApfiltrService - ok
20:23:46.0485 4328 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
20:23:46.0528 4328 Appinfo - ok
20:23:46.0645 4328 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:23:46.0677 4328 Apple Mobile Device - ok
20:23:46.0699 4328 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
20:23:46.0741 4328 arc - ok
20:23:46.0767 4328 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
20:23:46.0808 4328 arcsas - ok
20:23:46.0837 4328 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:23:46.0905 4328 AsyncMac - ok
20:23:46.0921 4328 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
20:23:46.0955 4328 atapi - ok
20:23:47.0016 4328 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:23:47.0104 4328 AudioEndpointBuilder - ok
20:23:47.0110 4328 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:23:47.0152 4328 Audiosrv - ok
20:23:47.0251 4328 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
20:23:47.0372 4328 BBSvc - ok
20:23:47.0433 4328 BCM42RLY (7bd70aeed0d975285a1b20bd012ebf4e) C:\Windows\system32\drivers\BCM42RLY.sys
20:23:47.0459 4328 BCM42RLY - ok
20:23:47.0592 4328 BCM43XX (fa6707a346cd122407f3b0bad1c47639) C:\Windows\system32\DRIVERS\bcmwl6.sys
20:23:47.0729 4328 BCM43XX - ok
20:23:47.0792 4328 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:23:47.0886 4328 Beep - ok
20:23:47.0963 4328 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
20:23:48.0048 4328 BFE - ok
20:23:48.0147 4328 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
20:23:48.0288 4328 BITS - ok
20:23:48.0320 4328 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
20:23:48.0422 4328 blbdrive - ok
20:23:48.0557 4328 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
20:23:48.0681 4328 Bonjour Service - ok
20:23:48.0730 4328 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:23:48.0820 4328 bowser - ok
20:23:48.0879 4328 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:23:48.0966 4328 BrFiltLo - ok
20:23:48.0993 4328 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:23:49.0034 4328 BrFiltUp - ok
20:23:49.0064 4328 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
20:23:49.0120 4328 Browser - ok
20:23:49.0134 4328 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:23:49.0346 4328 Brserid - ok
20:23:49.0372 4328 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:23:49.0450 4328 BrSerWdm - ok
20:23:49.0465 4328 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:23:49.0537 4328 BrUsbMdm - ok
20:23:49.0542 4328 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:23:49.0618 4328 BrUsbSer - ok
20:23:49.0638 4328 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:23:49.0711 4328 BTHMODEM - ok
20:23:49.0736 4328 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:23:49.0811 4328 cdfs - ok
20:23:49.0848 4328 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:23:49.0909 4328 cdrom - ok
20:23:49.0952 4328 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:23:50.0040 4328 CertPropSvc - ok
20:23:50.0081 4328 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
20:23:50.0292 4328 circlass - ok
20:23:50.0378 4328 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:23:50.0429 4328 CLFS - ok
20:23:50.0514 4328 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:23:50.0545 4328 clr_optimization_v2.0.50727_32 - ok
20:23:50.0640 4328 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:23:50.0682 4328 clr_optimization_v4.0.30319_32 - ok
20:23:50.0720 4328 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
20:23:50.0780 4328 CmBatt - ok
20:23:50.0810 4328 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
20:23:50.0847 4328 cmdide - ok
20:23:50.0865 4328 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
20:23:50.0892 4328 Compbatt - ok
20:23:50.0896 4328 COMSysApp - ok
20:23:50.0909 4328 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
20:23:50.0938 4328 crcdisk - ok
20:23:50.0950 4328 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
20:23:51.0006 4328 Crusoe - ok
20:23:51.0040 4328 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
20:23:51.0113 4328 CryptSvc - ok
20:23:51.0187 4328 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:23:51.0263 4328 DcomLaunch - ok
20:23:51.0312 4328 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:23:51.0407 4328 DfsC - ok
20:23:51.0678 4328 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
20:23:51.0893 4328 DFSR - ok
20:23:52.0126 4328 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
20:23:52.0169 4328 Dhcp - ok
20:23:52.0243 4328 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:23:52.0295 4328 disk - ok
20:23:52.0331 4328 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
20:23:52.0463 4328 Dnscache - ok
20:23:52.0687 4328 DockLoginService (db29915209770d8b59654345ec2d943a) C:\Program Files\Dell\DellDock\DockLogin.exe
20:23:52.0761 4328 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
20:23:52.0761 4328 DockLoginService - detected UnsignedFile.Multi.Generic (1)
20:23:52.0829 4328 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
20:23:52.0993 4328 dot3svc - ok
20:23:53.0056 4328 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
20:23:53.0178 4328 Dot4 - ok
20:23:53.0237 4328 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:23:53.0331 4328 Dot4Print - ok
20:23:53.0370 4328 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
20:23:53.0448 4328 dot4usb - ok
20:23:53.0487 4328 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
20:23:53.0574 4328 DPS - ok
20:23:53.0624 4328 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:23:53.0677 4328 drmkaud - ok
20:23:53.0756 4328 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:23:53.0790 4328 DXGKrnl - ok
20:23:53.0863 4328 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
20:23:53.0940 4328 e1express - ok
20:23:54.0014 4328 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:23:54.0100 4328 E1G60 - ok
20:23:54.0161 4328 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
20:23:54.0227 4328 EapHost - ok
20:23:54.0283 4328 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:23:54.0331 4328 Ecache - ok
20:23:54.0397 4328 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
20:23:54.0483 4328 ehRecvr - ok
20:23:54.0518 4328 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
20:23:54.0613 4328 ehSched - ok
20:23:54.0653 4328 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
20:23:54.0725 4328 ehstart - ok
20:23:54.0788 4328 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
20:23:54.0892 4328 elxstor - ok
20:23:54.0984 4328 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
20:23:55.0109 4328 EMDMgmt - ok
20:23:55.0137 4328 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
20:23:55.0233 4328 ErrDev - ok
20:23:55.0284 4328 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
20:23:55.0336 4328 EventSystem - ok
20:23:55.0417 4328 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:23:55.0520 4328 exfat - ok
20:23:55.0556 4328 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:23:55.0673 4328 fastfat - ok
20:23:55.0986 4328 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
20:23:56.0104 4328 fdc - ok
20:23:56.0199 4328 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
20:23:56.0322 4328 fdPHost - ok
20:23:56.0381 4328 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
20:23:56.0488 4328 FDResPub - ok
20:23:56.0536 4328 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:23:56.0567 4328 FileInfo - ok
20:23:56.0586 4328 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:23:56.0662 4328 Filetrace - ok
20:23:56.0751 4328 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
20:23:56.0844 4328 flpydisk - ok
20:23:57.0364 4328 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:23:57.0463 4328 FltMgr - ok
20:23:57.0757 4328 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
20:23:57.0819 4328 FontCache - ok
20:23:57.0882 4328 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:23:57.0927 4328 FontCache3.0.0.0 - ok
20:23:57.0997 4328 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
20:23:58.0076 4328 Fs_Rec - ok
20:23:58.0105 4328 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
20:23:58.0155 4328 gagp30kx - ok
20:23:58.0180 4328 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:23:58.0219 4328 GEARAspiWDM - ok
20:23:58.0298 4328 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
20:23:58.0461 4328 gpsvc - ok
20:23:58.0892 4328 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:23:58.0916 4328 gupdate - ok
20:23:58.0932 4328 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:23:58.0955 4328 gupdatem - ok
20:23:59.0003 4328 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:23:59.0187 4328 gusvc - ok
20:23:59.0328 4328 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:23:59.0467 4328 HDAudBus - ok
20:23:59.0577 4328 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:23:59.0693 4328 HidBth - ok
20:23:59.0716 4328 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
20:23:59.0800 4328 HidIr - ok
20:23:59.0835 4328 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
20:23:59.0924 4328 hidserv - ok
20:23:59.0959 4328 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:24:00.0070 4328 HidUsb - ok
20:24:00.0128 4328 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
20:24:00.0218 4328 hkmsvc - ok
20:24:00.0238 4328 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
20:24:00.0286 4328 HpCISSs - ok
20:24:00.0595 4328 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
20:24:00.0615 4328 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
20:24:00.0615 4328 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
20:24:00.0756 4328 hpqddsvc (7da3211ac63edd90b8eca1ca1abfd43b) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
20:24:00.0802 4328 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
20:24:00.0802 4328 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
20:24:00.0893 4328 HPSLPSVC (14229263aa19c704e0d6d2e7404a8455) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
20:24:00.0929 4328 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
20:24:00.0929 4328 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
20:24:01.0100 4328 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
20:24:01.0238 4328 HTTP - ok
20:24:01.0277 4328 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
20:24:01.0323 4328 i2omp - ok
20:24:01.0364 4328 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:24:01.0438 4328 i8042prt - ok
20:24:01.0518 4328 IAANTMON (72b53e9c8924949dec8f3799bcba2251) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
20:24:01.0562 4328 IAANTMON - ok
20:24:01.0628 4328 iaStor (2358c53f30cb9dcd1d3843c4e2f299b2) C:\Windows\system32\drivers\iastor.sys
20:24:01.0645 4328 iaStor - ok
20:24:01.0726 4328 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
20:24:01.0827 4328 iaStorV - ok
20:24:02.0053 4328 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:24:02.0123 4328 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:24:02.0123 4328 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:24:02.0260 4328 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:24:02.0383 4328 idsvc - ok
20:24:02.0933 4328 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
20:24:03.0193 4328 igfx - ok
20:24:03.0394 4328 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:24:03.0422 4328 iirsp - ok
20:24:03.0477 4328 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
20:24:03.0535 4328 IKEEXT - ok
20:24:03.0613 4328 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
20:24:03.0713 4328 IntcHdmiAddService - ok
20:24:03.0771 4328 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
20:24:03.0805 4328 intelide - ok
20:24:03.0831 4328 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
20:24:03.0925 4328 intelppm - ok
20:24:03.0948 4328 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
20:24:04.0007 4328 IPBusEnum - ok
20:24:04.0024 4328 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:24:04.0078 4328 IpFilterDriver - ok
20:24:04.0141 4328 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
20:24:04.0242 4328 iphlpsvc - ok
20:24:04.0246 4328 IpInIp - ok
20:24:04.0285 4328 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
20:24:04.0362 4328 IPMIDRV - ok
20:24:04.0410 4328 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:24:04.0476 4328 IPNAT - ok
20:24:05.0198 4328 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe
20:24:05.0245 4328 iPod Service - ok
20:24:05.0273 4328 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:24:05.0388 4328 IRENUM - ok
20:24:05.0503 4328 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
20:24:05.0549 4328 isapnp - ok
20:24:05.0624 4328 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:24:05.0685 4328 iScsiPrt - ok
20:24:05.0865 4328 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:24:05.0911 4328 iteatapi - ok
20:24:06.0131 4328 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys
20:24:06.0220 4328 itecir - ok
20:24:06.0232 4328 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:24:06.0277 4328 iteraid - ok
20:24:06.0320 4328 k57nd60x (a67e8cfcad7d4f8b35643d6c79ba64c3) C:\Windows\system32\DRIVERS\k57nd60x.sys
20:24:06.0438 4328 k57nd60x - ok
20:24:06.0464 4328 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:24:06.0537 4328 kbdclass - ok
20:24:06.0617 4328 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
20:24:06.0726 4328 kbdhid - ok
20:24:06.0756 4328 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:24:06.0818 4328 KeyIso - ok
20:24:06.0918 4328 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
20:24:07.0011 4328 KSecDD - ok
20:24:07.0100 4328 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
20:24:07.0176 4328 KtmRm - ok
20:24:07.0209 4328 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
20:24:07.0311 4328 LanmanServer - ok
20:24:07.0361 4328 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
20:24:07.0436 4328 LanmanWorkstation - ok
20:24:07.0478 4328 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:24:07.0555 4328 lltdio - ok
20:24:07.0635 4328 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
20:24:07.0761 4328 lltdsvc - ok
20:24:07.0780 4328 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
20:24:07.0881 4328 lmhosts - ok
20:24:07.0905 4328 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
20:24:07.0940 4328 LSI_FC - ok
20:24:07.0960 4328 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
20:24:07.0994 4328 LSI_SAS - ok
20:24:08.0016 4328 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
20:24:08.0052 4328 LSI_SCSI - ok
20:24:08.0070 4328 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:24:08.0137 4328 luafv - ok
20:24:08.0169 4328 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
20:24:08.0236 4328 Mcx2Svc - ok
20:24:08.0253 4328 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
20:24:08.0288 4328 megasas - ok
20:24:08.0332 4328 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
20:24:08.0433 4328 MegaSR - ok
20:24:08.0453 4328 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:24:08.0518 4328 MMCSS - ok
20:24:08.0534 4328 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:24:08.0593 4328 Modem - ok
20:24:08.0608 4328 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:24:08.0667 4328 monitor - ok
20:24:08.0707 4328 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:24:08.0737 4328 mouclass - ok
20:24:08.0758 4328 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:24:08.0804 4328 mouhid - ok
20:24:08.0823 4328 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:24:08.0852 4328 MountMgr - ok
20:24:08.0881 4328 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
20:24:08.0930 4328 mpio - ok
20:24:08.0949 4328 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:24:08.0994 4328 mpsdrv - ok
20:24:09.0055 4328 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
20:24:09.0171 4328 MpsSvc - ok
20:24:09.0212 4328 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:24:09.0247 4328 Mraid35x - ok
20:24:09.0315 4328 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:24:09.0393 4328 MRxDAV - ok
20:24:09.0447 4328 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:24:09.0520 4328 mrxsmb - ok
20:24:09.0573 4328 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:24:09.0656 4328 mrxsmb10 - ok
20:24:09.0667 4328 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:24:09.0739 4328 mrxsmb20 - ok
20:24:09.0851 4328 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
20:24:09.0882 4328 msahci - ok
20:24:09.0906 4328 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
20:24:09.0941 4328 msdsm - ok
20:24:09.0974 4328 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
20:24:10.0046 4328 MSDTC - ok
20:24:10.0069 4328 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:24:10.0117 4328 Msfs - ok
20:24:10.0222 4328 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:24:10.0249 4328 msisadrv - ok
20:24:10.0400 4328 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
20:24:10.0488 4328 MSiSCSI - ok
20:24:10.0491 4328 msiserver - ok
20:24:10.0538 4328 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:24:10.0599 4328 MSKSSRV - ok
20:24:10.0633 4328 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:24:10.0703 4328 MSPCLOCK - ok
20:24:10.0708 4328 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:24:10.0772 4328 MSPQM - ok
20:24:10.0830 4328 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:24:10.0896 4328 MsRPC - ok
20:24:10.0915 4328 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:24:10.0949 4328 mssmbios - ok
20:24:10.0980 4328 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:24:11.0032 4328 MSTEE - ok
20:24:11.0054 4328 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:24:11.0084 4328 Mup - ok
20:24:11.0149 4328 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
20:24:11.0185 4328 napagent - ok
20:24:11.0236 4328 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:24:11.0322 4328 NativeWifiP - ok
20:24:11.0403 4328 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:24:11.0458 4328 NDIS - ok
20:24:11.0498 4328 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:24:11.0565 4328 NdisTapi - ok
20:24:11.0584 4328 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:24:11.0673 4328 Ndisuio - ok
20:24:11.0737 4328 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:24:11.0844 4328 NdisWan - ok
20:24:11.0879 4328 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:24:11.0951 4328 NDProxy - ok
20:24:12.0028 4328 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll
20:24:12.0048 4328 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:24:12.0049 4328 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:24:12.0157 4328 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:24:12.0205 4328 NetBIOS - ok
20:24:12.0246 4328 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:24:12.0327 4328 netbt - ok
20:24:12.0344 4328 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:24:12.0369 4328 Netlogon - ok
20:24:12.0446 4328 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
20:24:12.0522 4328 Netman - ok
20:24:12.0565 4328 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
20:24:12.0662 4328 netprofm - ok
20:24:12.0771 4328 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:24:12.0825 4328 NetTcpPortSharing - ok
20:24:12.0846 4328 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:24:12.0891 4328 nfrd960 - ok
20:24:12.0932 4328 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
20:24:12.0981 4328 NlaSvc - ok
20:24:13.0020 4328 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:24:13.0062 4328 Npfs - ok
20:24:13.0095 4328 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
20:24:13.0141 4328 nsi - ok
20:24:13.0219 4328 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:24:13.0295 4328 nsiproxy - ok
20:24:13.0471 4328 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:24:13.0718 4328 Ntfs - ok
20:24:13.0758 4328 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:24:13.0869 4328 ntrigdigi - ok
20:24:13.0884 4328 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:24:13.0955 4328 Null - ok
20:24:13.0984 4328 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
20:24:14.0021 4328 nvraid - ok
20:24:14.0035 4328 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
20:24:14.0066 4328 nvstor - ok
20:24:14.0089 4328 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
20:24:14.0125 4328 nv_agp - ok
20:24:14.0129 4328 NwlnkFlt - ok
20:24:14.0134 4328 NwlnkFwd - ok
20:24:14.0181 4328 OA001Ufd (a015dd2ba6009c8bdd00a6c431302d06) C:\Windows\system32\DRIVERS\OA001Ufd.sys
20:24:14.0293 4328 OA001Ufd - ok
20:24:14.0327 4328 OA001Vid (438ffcb55b8ce39b0bc71afc0a059835) C:\Windows\system32\DRIVERS\OA001Vid.sys
20:24:14.0436 4328 OA001Vid - ok
20:24:14.0573 4328 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:24:14.0706 4328 odserv - ok
20:24:14.0752 4328 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
20:24:14.0823 4328 ohci1394 - ok
20:24:14.0929 4328 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:24:15.0016 4328 ose - ok
20:24:15.0231 4328 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:24:15.0367 4328 p2pimsvc - ok
20:24:15.0378 4328 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:24:15.0434 4328 p2psvc - ok
20:24:15.0471 4328 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:24:15.0643 4328 Parport - ok
20:24:15.0697 4328 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
20:24:15.0745 4328 partmgr - ok
20:24:15.0757 4328 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:24:15.0863 4328 Parvdm - ok
20:24:15.0891 4328 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
20:24:15.0957 4328 PcaSvc - ok
20:24:15.0998 4328 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:24:16.0048 4328 pci - ok
20:24:16.0057 4328 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
20:24:16.0086 4328 pciide - ok
20:24:16.0113 4328 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:24:16.0177 4328 pcmcia - ok
20:24:16.0266 4328 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:24:16.0495 4328 PEAUTH - ok
20:24:16.0542 4328 pfc (5903fa75200807ad739286bbf40c4904) C:\Windows\system32\drivers\pfc.sys
20:24:16.0576 4328 pfc ( UnsignedFile.Multi.Generic ) - warning
20:24:16.0576 4328 pfc - detected UnsignedFile.Multi.Generic (1)
20:24:16.0737 4328 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
20:24:16.0857 4328 pla - ok
20:24:17.0045 4328 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
20:24:17.0127 4328 PlugPlay - ok
20:24:17.0177 4328 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll
20:24:17.0188 4328 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:24:17.0188 4328 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:24:17.0382 4328 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:24:17.0420 4328 PNRPAutoReg - ok
20:24:17.0428 4328 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:24:17.0464 4328 PNRPsvc - ok
20:24:17.0674 4328 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
20:24:17.0773 4328 PolicyAgent - ok
20:24:17.0943 4328 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:24:18.0041 4328 PptpMiniport - ok
20:24:18.0079 4328 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
20:24:18.0127 4328 Processor - ok
20:24:18.0170 4328 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
20:24:18.0220 4328 ProfSvc - ok
20:24:18.0259 4328 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:24:18.0285 4328 ProtectedStorage - ok
20:24:18.0361 4328 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:24:18.0399 4328 PSched - ok
20:24:18.0443 4328 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
20:24:18.0478 4328 PxHelp20 - ok
20:24:18.0634 4328 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
20:24:18.0830 4328 ql2300 - ok
20:24:18.0866 4328 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:24:18.0902 4328 ql40xx - ok
20:24:18.0939 4328 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
20:24:18.0998 4328 QWAVE - ok
20:24:19.0015 4328 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:24:19.0064 4328 QWAVEdrv - ok
20:24:19.0266 4328 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
20:24:19.0697 4328 R300 - ok
20:24:19.0847 4328 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:24:19.0918 4328 RasAcd - ok
20:24:19.0972 4328 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
20:24:20.0083 4328 RasAuto - ok
20:24:20.0108 4328 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:24:20.0173 4328 Rasl2tp - ok
20:24:20.0232 4328 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
20:24:20.0307 4328 RasMan - ok
20:24:20.0340 4328 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:24:20.0414 4328 RasPppoe - ok
20:24:20.0441 4328 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:24:20.0487 4328 RasSstp - ok
20:24:20.0525 4328 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:24:20.0589 4328 rdbss - ok
20:24:20.0619 4328 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:24:20.0665 4328 RDPCDD - ok
20:24:20.0698 4328 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
20:24:20.0763 4328 rdpdr - ok
20:24:20.0767 4328 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:24:20.0813 4328 RDPENCDD - ok
20:24:20.0865 4328 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
20:24:20.0926 4328 RDPWD - ok
20:24:20.0974 4328 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
20:24:21.0022 4328 RemoteAccess - ok
20:24:21.0051 4328 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
20:24:21.0141 4328 RemoteRegistry - ok
20:24:21.0186 4328 rimmptsk (c2ef513bbe069f0d4ee0938a76f975d3) C:\Windows\system32\DRIVERS\rimmptsk.sys
20:24:21.0245 4328 rimmptsk - ok
20:24:21.0275 4328 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
20:24:21.0331 4328 rimsptsk - ok
20:24:21.0339 4328 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
20:24:21.0408 4328 rismxdp - ok
20:24:21.0439 4328 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
20:24:21.0497 4328 RpcLocator - ok
20:24:21.0564 4328 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:24:21.0606 4328 RpcSs - ok
20:24:21.0677 4328 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:24:21.0728 4328 rspndr - ok
20:24:21.0750 4328 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:24:21.0777 4328 SamSs - ok
20:24:21.0879 4328 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:24:21.0902 4328 SASDIFSV - ok
20:24:21.0922 4328 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:24:21.0948 4328 SASKUTIL - ok
20:24:22.0056 4328 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:24:22.0088 4328 sbp2port - ok
20:24:22.0226 4328 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
20:24:22.0285 4328 SCardSvr - ok
20:24:22.0346 4328 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
20:24:22.0440 4328 Schedule - ok
20:24:22.0473 4328 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:24:22.0510 4328 SCPolicySvc - ok
20:24:22.0551 4328 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
20:24:22.0617 4328 sdbus - ok
20:24:22.0651 4328 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
20:24:22.0709 4328 SDRSVC - ok
20:24:22.0803 4328 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
20:24:22.0828 4328 SeaPort - ok
20:24:22.0850 4328 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:24:22.0914 4328 secdrv - ok
20:24:22.0931 4328 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
20:24:22.0997 4328 seclogon - ok
20:24:23.0038 4328 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
20:24:23.0083 4328 SENS - ok
20:24:23.0093 4328 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:24:23.0156 4328 Serenum - ok
20:24:23.0171 4328 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:24:23.0242 4328 Serial - ok
20:24:23.0251 4328 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:24:23.0300 4328 sermouse - ok
20:24:23.0360 4328 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
20:24:23.0423 4328 SessionEnv - ok
20:24:23.0577 4328 SfCtlCom (58c52cf9dd452817b9f4ba0781014836) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
20:24:23.0614 4328 SfCtlCom - ok
20:24:23.0647 4328 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
20:24:23.0698 4328 sffdisk - ok
20:24:23.0735 4328 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
20:24:23.0784 4328 sffp_mmc - ok
20:24:23.0810 4328 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:24:23.0888 4328 sffp_sd - ok
20:24:23.0908 4328 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:24:23.0992 4328 sfloppy - ok
20:24:24.0045 4328 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
20:24:24.0123 4328 SharedAccess - ok
20:24:24.0164 4328 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
20:24:24.0214 4328 ShellHWDetection - ok
20:24:24.0234 4328 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
20:24:24.0264 4328 sisagp - ok
20:24:24.0278 4328 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
20:24:24.0307 4328 SiSRaid2 - ok
20:24:24.0325 4328 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
20:24:24.0359 4328 SiSRaid4 - ok
20:24:24.0672 4328 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
20:24:24.0924 4328 slsvc - ok
20:24:25.0102 4328 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
20:24:25.0164 4328 SLUINotify - ok
20:24:25.0267 4328 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:24:25.0383 4328 Smb - ok
20:24:25.0422 4328 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
20:24:25.0469 4328 SNMPTRAP - ok
20:24:25.0489 4328 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:24:25.0523 4328 spldr - ok
20:24:25.0557 4328 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
20:24:25.0677 4328 Spooler - ok
20:24:25.0884 4328 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:24:25.0984 4328 srv - ok
20:24:26.0025 4328 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:24:26.0132 4328 srv2 - ok
20:24:26.0164 4328 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:24:26.0207 4328 srvnet - ok
20:24:26.0242 4328 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
20:24:26.0331 4328 SSDPSRV - ok
20:24:26.0366 4328 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
20:24:26.0438 4328 SstpSvc - ok
20:24:26.0569 4328 STacSV (12898d947cfcb36cb7a43e8f86a53cbc) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\STacSV.ex e
20:24:26.0594 4328 STacSV - ok
20:24:26.0660 4328 STHDA (805b1fc7e25613ce2dc93c0759d0aa30) C:\Windows\system32\DRIVERS\stwrt.sys
20:24:26.0776 4328 STHDA - ok
20:24:26.0818 4328 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
20:24:26.0886 4328 StillCam - ok
20:24:26.0967 4328 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
20:24:27.0053 4328 stisvc - ok
20:24:27.0134 4328 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
20:24:27.0168 4328 stllssvr - ok
20:24:27.0228 4328 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:24:27.0254 4328 swenum - ok
20:24:27.0321 4328 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
20:24:27.0397 4328 swprv - ok
20:24:27.0426 4328 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:24:27.0454 4328 Symc8xx - ok
20:24:27.0483 4328 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:24:27.0517 4328 Sym_hi - ok
20:24:27.0536 4328 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:24:27.0571 4328 Sym_u3 - ok
20:24:27.0631 4328 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
20:24:27.0752 4328 SysMain - ok
20:24:27.0820 4328 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
20:24:27.0883 4328 TabletInputService - ok
20:24:28.0261 4328 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
20:24:28.0380 4328 TapiSrv - ok
20:24:28.0490 4328 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
20:24:28.0665 4328 TBS - ok
20:24:28.0982 4328 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
20:24:29.0218 4328 Tcpip - ok
20:24:29.0237 4328 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
20:24:29.0332 4328 Tcpip6 - ok
20:24:29.0367 4328 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
20:24:29.0436 4328 tcpipreg - ok
20:24:29.0522 4328 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:24:29.0597 4328 TDPIPE - ok
20:24:29.0631 4328 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:24:29.0711 4328 TDTCP - ok
20:24:29.0745 4328 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:24:29.0815 4328 tdx - ok
20:24:29.0841 4328 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:24:29.0887 4328 TermDD - ok
20:24:30.0014 4328 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
20:24:30.0142 4328 TermService - ok
20:24:30.0195 4328 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
20:24:30.0239 4328 Themes - ok
20:24:30.0357 4328 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:24:30.0393 4328 THREADORDER - ok
20:24:30.0449 4328 tmactmon (ca9e9c2c04a198ed345c1752222a5f3e) C:\Windows\system32\DRIVERS\tmactmon.sys
20:24:30.0478 4328 tmactmon - ok
20:24:30.0628 4328 TMBMServer (b365e817e398ff2ac5706eab232ef6c1) C:\Program Files\Trend Micro\BM\TMBMSRV.exe
20:24:30.0674 4328 TMBMServer - ok
20:24:30.0748 4328 tmcomm (a3d20789b3ff0576a29462bef25bcfcc) C:\Windows\system32\DRIVERS\tmcomm.sys
20:24:30.0798 4328 tmcomm - ok
20:24:30.0820 4328 tmevtmgr (21f215e54770c4bf93efaf63f58fe57e) C:\Windows\system32\DRIVERS\tmevtmgr.sys
20:24:30.0837 4328 tmevtmgr - ok
20:24:31.0048 4328 tmlwf (4e87d02e56e9b1af831c5d521597d629) C:\Windows\system32\DRIVERS\tmlwf.sys
20:24:31.0146 4328 tmlwf - ok
20:24:31.0261 4328 TmPfw (255328cf08d602368b69ff1f55ebd93e) C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
20:24:31.0352 4328 TmPfw - ok
20:24:31.0408 4328 tmpreflt (379c4f99994a56b66e11d1e32bb22a1c) C:\Windows\system32\DRIVERS\tmpreflt.sys
20:24:31.0435 4328 tmpreflt - ok
20:24:31.0535 4328 TmProxy (0fec6c50b2be07c57651573cdd1c721f) C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
20:24:31.0565 4328 TmProxy - ok
20:24:31.0618 4328 tmtdi (44c262c1b2412ded35078b6166d2acc2) C:\Windows\system32\DRIVERS\tmtdi.sys
20:24:31.0648 4328 tmtdi - ok
20:24:31.0682 4328 tmwfp (d9882fd91b7c4c35acaa8498d1f3cd68) C:\Windows\system32\DRIVERS\tmwfp.sys
20:24:31.0763 4328 tmwfp - ok
20:24:31.0825 4328 tmxpflt (717e406972bbc07f8fb2a989416cab73) C:\Windows\system32\DRIVERS\tmxpflt.sys
20:24:31.0917 4328 tmxpflt - ok
20:24:31.0948 4328 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
20:24:32.0029 4328 TrkWks - ok
20:24:32.0085 4328 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
20:24:32.0114 4328 TrustedInstaller - ok
20:24:32.0213 4328 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:24:32.0275 4328 tssecsrv - ok
20:24:32.0294 4328 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:24:32.0333 4328 tunmp - ok
20:24:32.0387 4328 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:24:32.0449 4328 tunnel - ok
20:24:32.0484 4328 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
20:24:32.0515 4328 uagp35 - ok
20:24:32.0554 4328 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:24:32.0624 4328 udfs - ok
20:24:32.0670 4328 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
20:24:32.0729 4328 UI0Detect - ok
20:24:32.0756 4328 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
20:24:32.0787 4328 uliagpkx - ok
20:24:32.0824 4328 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
20:24:32.0869 4328 uliahci - ok
20:24:32.0904 4328 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:24:32.0938 4328 UlSata - ok
20:24:32.0976 4328 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:24:33.0024 4328 ulsata2 - ok
20:24:33.0052 4328 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:24:33.0107 4328 umbus - ok
20:24:33.0140 4328 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
20:24:33.0182 4328 upnphost - ok
20:24:33.0222 4328 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
20:24:33.0250 4328 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
20:24:33.0250 4328 USBAAPL - detected UnsignedFile.Multi.Generic (1)
20:24:33.0280 4328 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:24:33.0353 4328 usbccgp - ok
20:24:33.0379 4328 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:24:33.0447 4328 usbcir - ok
20:24:33.0492 4328 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:24:33.0546 4328 usbehci - ok
20:24:33.0573 4328 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:24:33.0623 4328 usbhub - ok
20:24:33.0698 4328 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
20:24:33.0762 4328 usbohci - ok
20:24:33.0790 4328 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:24:33.0849 4328 usbprint - ok
20:24:33.0874 4328 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
20:24:33.0938 4328 usbscan - ok
20:24:33.0972 4328 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:24:34.0044 4328 USBSTOR - ok
20:24:34.0094 4328 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
20:24:34.0171 4328 usbuhci - ok
20:24:34.0191 4328 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
20:24:34.0269 4328 UxSms - ok
20:24:34.0339 4328 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
20:24:34.0497 4328 vds - ok
20:24:34.0516 4328 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
20:24:34.0572 4328 vga - ok
20:24:34.0591 4328 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:24:34.0639 4328 VgaSave - ok
20:24:34.0653 4328 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
20:24:34.0682 4328 viaagp - ok
20:24:34.0693 4328 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
20:24:34.0743 4328 ViaC7 - ok
20:24:34.0761 4328 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
20:24:34.0789 4328 viaide - ok
20:24:34.0817 4328 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:24:34.0846 4328 volmgr - ok
20:24:34.0897 4328 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:24:34.0958 4328 volmgrx - ok
20:24:35.0003 4328 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:24:35.0080 4328 volsnap - ok
20:24:35.0276 4328 vsapint (642eb152cb980ad9181b2161066be629) C:\Windows\system32\DRIVERS\vsapint.sys
20:24:35.0466 4328 vsapint - ok
20:24:35.0746 4328 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
20:24:35.0826 4328 vsmraid - ok
20:24:35.0999 4328 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
20:24:36.0273 4328 VSS - ok
20:24:36.0322 4328 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
20:24:36.0377 4328 W32Time - ok
20:24:36.0514 4328 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:24:36.0636 4328 WacomPen - ok
20:24:36.0670 4328 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:24:36.0744 4328 Wanarp - ok
20:24:36.0749 4328 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:24:36.0786 4328 Wanarpv6 - ok
20:24:36.0890 4328 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
20:24:36.0974 4328 wcncsvc - ok
20:24:36.0991 4328 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
20:24:37.0035 4328 WcsPlugInService - ok
20:24:37.0079 4328 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
20:24:37.0114 4328 Wd - ok
20:24:37.0175 4328 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:24:37.0314 4328 Wdf01000 - ok
20:24:37.0347 4328 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:24:37.0392 4328 WdiServiceHost - ok
20:24:37.0396 4328 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:24:37.0445 4328 WdiSystemHost - ok
20:24:37.0493 4328 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
20:24:37.0521 4328 WebClient - ok
20:24:37.0577 4328 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
20:24:37.0627 4328 Wecsvc - ok
20:24:37.0660 4328 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
20:24:37.0712 4328 wercplsupport - ok
20:24:37.0740 4328 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
20:24:37.0791 4328 WerSvc - ok
20:24:37.0929 4328 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
20:24:37.0970 4328 WinDefend - ok
20:24:37.0978 4328 WinHttpAutoProxySvc - ok
20:24:38.0058 4328 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
20:24:38.0113 4328 Winmgmt - ok
20:24:38.0232 4328 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
20:24:38.0566 4328 WinRM - ok
20:24:38.0641 4328 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
20:24:38.0698 4328 Wlansvc - ok
20:24:38.0994 4328 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:24:39.0070 4328 wlidsvc - ok
20:24:39.0171 4328 wltrysvc - ok
20:24:39.0234 4328 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:24:39.0291 4328 WmiAcpi - ok
20:24:39.0400 4328 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
20:24:39.0552 4328 wmiApSrv - ok
20:24:39.0859 4328 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:24:40.0049 4328 WMPNetworkSvc - ok
20:24:40.0142 4328 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
20:24:40.0262 4328 WPCSvc - ok
20:24:40.0310 4328 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
20:24:40.0380 4328 WPDBusEnum - ok
20:24:40.0511 4328 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
20:24:40.0570 4328 WpdUsb - ok
20:24:40.0840 4328 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:24:40.0943 4328 WPFFontCache_v0400 - ok
20:24:40.0961 4328 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:24:41.0060 4328 ws2ifsl - ok
20:24:41.0107 4328 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
20:24:41.0191 4328 wscsvc - ok
20:24:41.0196 4328 WSearch - ok
20:24:41.0526 4328 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
20:24:41.0858 4328 wuauserv - ok
20:24:42.0128 4328 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:24:42.0244 4328 WUDFRd - ok
20:24:42.0283 4328 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
20:24:42.0363 4328 wudfsvc - ok
20:24:42.0408 4328 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:24:42.0831 4328 \Device\Harddisk0\DR0 - ok
20:24:42.0938 4328 Boot (0x1200) (1e36b6f38eeb49f500d6d1ad8f956370) \Device\Harddisk0\DR0\Partition0
20:24:42.0940 4328 \Device\Harddisk0\DR0\Partition0 - ok
20:24:42.0944 4328 Boot (0x1200) (889e879fbdada1776584f2eb46eaf0dc) \Device\Harddisk0\DR0\Partition1
20:24:42.0947 4328 \Device\Harddisk0\DR0\Partition1 - ok
20:24:42.0947 4328 ============================================================
20:24:42.0947 4328 Scan finished
20:24:42.0947 4328 ============================================================
20:24:42.0963 2992 Detected object count: 9
20:24:42.0964 2992 Actual detected object count: 9
20:25:08.0623 2992 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
20:25:08.0623 2992 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:25:08.0628 2992 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
20:25:08.0628 2992 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:25:08.0630 2992 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:25:08.0630 2992 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:25:08.0632 2992 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
20:25:08.0633 2992 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:25:08.0635 2992 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:25:08.0635 2992 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:25:08.0638 2992 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:25:08.0638 2992 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:25:08.0641 2992 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
20:25:08.0641 2992 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:25:08.0645 2992 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:25:08.0645 2992 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:25:08.0647 2992 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
20:25:08.0647 2992 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:26:55.0662 4988 ============================================================
20:26:55.0662 4988 Scan started
20:26:55.0662 4988 Mode: Manual; SigCheck; TDLFS;
20:26:55.0662 4988 ============================================================
20:26:55.0944 4988 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
20:26:55.0965 4988 !SASCORE - ok
20:26:56.0027 4988 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:26:56.0051 4988 ACPI - ok
20:26:56.0123 4988 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:26:56.0142 4988 AdobeFlashPlayerUpdateSvc - ok
20:26:56.0202 4988 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
20:26:56.0235 4988 adp94xx - ok
20:26:56.0279 4988 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
20:26:56.0304 4988 adpahci - ok
20:26:56.0327 4988 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
20:26:56.0348 4988 adpu160m - ok
20:26:56.0385 4988 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
20:26:56.0407 4988 adpu320 - ok
20:26:56.0436 4988 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
20:26:56.0474 4988 AeLookupSvc - ok
20:26:56.0559 4988 AESTFilters (ef1142512bec12f1c2c87735da1755be) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\aestsrv.e xe
20:26:56.0591 4988 AESTFilters - ok
20:26:56.0662 4988 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:26:56.0707 4988 AFD - ok
20:26:56.0756 4988 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
20:26:56.0782 4988 agp440 - ok
20:26:56.0824 4988 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:26:56.0852 4988 aic78xx - ok
20:26:56.0870 4988 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
20:26:56.0927 4988 ALG - ok
20:26:56.0942 4988 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
20:26:56.0967 4988 aliide - ok
20:26:56.0984 4988 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
20:26:57.0010 4988 amdagp - ok
20:26:57.0020 4988 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
20:26:57.0045 4988 amdide - ok
20:26:57.0061 4988 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
20:26:57.0096 4988 AmdK7 - ok
20:26:57.0109 4988 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
20:26:57.0144 4988 AmdK8 - ok
20:26:57.0188 4988 ApfiltrService (1de27858a431a5749e0f3df54ba935b9) C:\Windows\system32\DRIVERS\Apfiltr.sys
20:26:57.0206 4988 ApfiltrService - ok
20:26:57.0225 4988 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
20:26:57.0250 4988 Appinfo - ok
20:26:57.0351 4988 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:26:57.0366 4988 Apple Mobile Device - ok
20:26:57.0383 4988 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
20:26:57.0400 4988 arc - ok
20:26:57.0429 4988 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
20:26:57.0447 4988 arcsas - ok
20:26:57.0466 4988 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:26:57.0507 4988 AsyncMac - ok
20:26:57.0516 4988 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
20:26:57.0536 4988 atapi - ok
20:26:57.0588 4988 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:26:57.0621 4988 AudioEndpointBuilder - ok
20:26:57.0626 4988 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:26:57.0660 4988 Audiosrv - ok
20:26:57.0737 4988 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
20:26:57.0756 4988 BBSvc - ok
20:26:57.0784 4988 BCM42RLY (7bd70aeed0d975285a1b20bd012ebf4e) C:\Windows\system32\drivers\BCM42RLY.sys
20:26:57.0797 4988 BCM42RLY - ok
20:26:57.0926 4988 BCM43XX (fa6707a346cd122407f3b0bad1c47639) C:\Windows\system32\DRIVERS\bcmwl6.sys
20:26:57.0983 4988 BCM43XX - ok
20:26:58.0004 4988 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:26:58.0039 4988 Beep - ok
20:26:58.0084 4988 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
20:26:58.0120 4988 BFE - ok
20:26:58.0212 4988 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
20:26:58.0258 4988 BITS - ok
20:26:58.0299 4988 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
20:26:58.0334 4988 blbdrive - ok
20:26:58.0461 4988 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
20:26:58.0489 4988 Bonjour Service - ok
20:26:58.0531 4988 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:26:58.0560 4988 bowser - ok
20:26:58.0589 4988 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:26:58.0630 4988 BrFiltLo - ok
20:26:58.0649 4988 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:26:58.0688 4988 BrFiltUp - ok
20:26:58.0719 4988 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
20:26:58.0761 4988 Browser - ok
20:26:58.0778 4988 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:26:58.0830 4988 Brserid - ok
20:26:58.0850 4988 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:26:58.0903 4988 BrSerWdm - ok
20:26:58.0921 4988 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:26:58.0974 4988 BrUsbMdm - ok
20:26:58.0979 4988 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:26:59.0033 4988 BrUsbSer - ok
20:26:59.0048 4988 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:26:59.0102 4988 BTHMODEM - ok
20:26:59.0124 4988 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:26:59.0162 4988 cdfs - ok
20:26:59.0192 4988 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:26:59.0224 4988 cdrom - ok
20:26:59.0249 4988 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:26:59.0279 4988 CertPropSvc - ok
20:26:59.0291 4988 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
20:26:59.0326 4988 circlass - ok
20:26:59.0373 4988 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:26:59.0398 4988 CLFS - ok
20:26:59.0491 4988 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:26:59.0510 4988 clr_optimization_v2.0.50727_32 - ok
20:26:59.0573 4988 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:26:59.0593 4988 clr_optimization_v4.0.30319_32 - ok
20:26:59.0619 4988 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
20:26:59.0661 4988 CmBatt - ok
20:26:59.0687 4988 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
20:26:59.0703 4988 cmdide - ok
20:26:59.0719 4988 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
20:26:59.0736 4988 Compbatt - ok
20:26:59.0740 4988 COMSysApp - ok
20:26:59.0753 4988 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
20:26:59.0769 4988 crcdisk - ok
20:26:59.0783 4988 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
20:26:59.0818 4988 Crusoe - ok
20:26:59.0850 4988 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
20:26:59.0876 4988 CryptSvc - ok
20:26:59.0937 4988 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:26:59.0977 4988 DcomLaunch - ok
20:27:00.0011 4988 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:27:00.0034 4988 DfsC - ok
20:27:00.0215 4988 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
20:27:00.0303 4988 DFSR - ok
20:27:00.0433 4988 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
20:27:00.0477 4988 Dhcp - ok
20:27:00.0526 4988 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:27:00.0555 4988 disk - ok
20:27:00.0586 4988 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
20:27:00.0625 4988 Dnscache - ok
20:27:00.0732 4988 DockLoginService (db29915209770d8b59654345ec2d943a) C:\Program Files\Dell\DellDock\DockLogin.exe
20:27:00.0750 4988 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
20:27:00.0750 4988 DockLoginService - detected UnsignedFile.Multi.Generic (1)
20:27:00.0793 4988 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
20:27:00.0844 4988 dot3svc - ok
20:27:00.0873 4988 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
20:27:00.0910 4988 Dot4 - ok
20:27:00.0925 4988 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:27:00.0959 4988 Dot4Print - ok
20:27:00.0989 4988 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
20:27:01.0024 4988 dot4usb - ok
20:27:01.0064 4988 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
20:27:01.0100 4988 DPS - ok
20:27:01.0113 4988 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:27:01.0143 4988 drmkaud - ok
20:27:01.0207 4988 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:27:01.0237 4988 DXGKrnl - ok
20:27:01.0295 4988 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
20:27:01.0341 4988 e1express - ok
20:27:01.0358 4988 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:27:01.0402 4988 E1G60 - ok
20:27:01.0438 4988 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
20:27:01.0476 4988 EapHost - ok
20:27:01.0505 4988 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:27:01.0528 4988 Ecache - ok
20:27:01.0596 4988 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
20:27:01.0626 4988 ehRecvr - ok
20:27:01.0651 4988 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
20:27:01.0686 4988 ehSched - ok
20:27:01.0697 4988 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
20:27:01.0732 4988 ehstart - ok
20:27:01.0767 4988 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
20:27:01.0790 4988 elxstor - ok
20:27:01.0852 4988 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
20:27:01.0907 4988 EMDMgmt - ok
20:27:01.0936 4988 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
20:27:01.0971 4988 ErrDev - ok
20:27:02.0016 4988 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
20:27:02.0049 4988 EventSystem - ok
20:27:02.0078 4988 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:27:02.0102 4988 exfat - ok
20:27:02.0141 4988 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:27:02.0174 4988 fastfat - ok
20:27:02.0195 4988 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
20:27:02.0231 4988 fdc - ok
20:27:02.0253 4988 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
20:27:02.0289 4988 fdPHost - ok
20:27:02.0324 4988 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
20:27:02.0376 4988 FDResPub - ok
20:27:02.0401 4988 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:27:02.0419 4988 FileInfo - ok
20:27:02.0462 4988 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:27:02.0497 4988 Filetrace - ok
20:27:02.0527 4988 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
20:27:02.0561 4988 flpydisk - ok
20:27:02.0604 4988 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:27:02.0623 4988 FltMgr - ok
20:27:02.0765 4988 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
20:27:02.0809 4988 FontCache - ok
20:27:02.0884 4988 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:27:02.0902 4988 FontCache3.0.0.0 - ok
20:27:02.0932 4988 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
20:27:02.0960 4988 Fs_Rec - ok
20:27:02.0985 4988 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
20:27:03.0006 4988 gagp30kx - ok
20:27:03.0038 4988 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:27:03.0054 4988 GEARAspiWDM - ok
20:27:03.0131 4988 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
20:27:03.0187 4988 gpsvc - ok
20:27:03.0270 4988 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:27:03.0295 4988 gupdate - ok
20:27:03.0300 4988 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:27:03.0323 4988 gupdatem - ok
20:27:03.0368 4988 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:27:03.0392 4988 gusvc - ok
20:27:03.0483 4988 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:27:03.0542 4988 HDAudBus - ok
20:27:03.0578 4988 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:27:03.0660 4988 HidBth - ok
20:27:03.0685 4988 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
20:27:03.0733 4988 HidIr - ok
20:27:03.0759 4988 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
20:27:03.0798 4988 hidserv - ok
20:27:03.0827 4988 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:27:03.0873 4988 HidUsb - ok
20:27:03.0903 4988 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
20:27:03.0962 4988 hkmsvc - ok
20:27:03.0983 4988 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
20:27:04.0009 4988 HpCISSs - ok
20:27:04.0103 4988 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
20:27:04.0122 4988 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
20:27:04.0122 4988 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
20:27:04.0202 4988 hpqddsvc (7da3211ac63edd90b8eca1ca1abfd43b) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
20:27:04.0218 4988 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
20:27:04.0218 4988 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
20:27:04.0316 4988 HPSLPSVC (14229263aa19c704e0d6d2e7404a8455) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
20:27:04.0350 4988 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
20:27:04.0350 4988 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
20:27:04.0442 4988 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
20:27:04.0487 4988 HTTP - ok
20:27:04.0500 4988 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
20:27:04.0526 4988 i2omp - ok
20:27:04.0552 4988 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:27:04.0586 4988 i8042prt - ok
20:27:04.0665 4988 IAANTMON (72b53e9c8924949dec8f3799bcba2251) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
20:27:04.0687 4988 IAANTMON - ok
20:27:04.0732 4988 iaStor (2358c53f30cb9dcd1d3843c4e2f299b2) C:\Windows\system32\drivers\iastor.sys
20:27:04.0749 4988 iaStor - ok
20:27:04.0785 4988 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
20:27:04.0805 4988 iaStorV - ok
20:27:04.0877 4988 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:27:04.0888 4988 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:27:04.0888 4988 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:27:05.0018 4988 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:27:05.0084 4988 idsvc - ok
20:27:05.0281 4988 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
20:27:05.0389 4988 igfx - ok
20:27:05.0540 4988 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:27:05.0556 4988 iirsp - ok
20:27:05.0613 4988 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
20:27:05.0651 4988 IKEEXT - ok
20:27:05.0688 4988 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
20:27:05.0714 4988 IntcHdmiAddService - ok
20:27:05.0728 4988 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
20:27:05.0748 4988 intelide - ok
20:27:05.0765 4988 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
20:27:05.0808 4988 intelppm - ok
20:27:05.0838 4988 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
20:27:05.0885 4988 IPBusEnum - ok
20:27:05.0903 4988 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:27:05.0946 4988 IpFilterDriver - ok
20:27:05.0987 4988 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
20:27:06.0019 4988 iphlpsvc - ok
20:27:06.0023 4988 IpInIp - ok
20:27:06.0041 4988 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
20:27:06.0084 4988 IPMIDRV - ok
20:27:06.0110 4988 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:27:06.0154 4988 IPNAT - ok
20:27:06.0270 4988 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe
20:27:06.0301 4988 iPod Service - ok
20:27:06.0318 4988 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:27:06.0353 4988 IRENUM - ok
20:27:06.0369 4988 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
20:27:06.0386 4988 isapnp - ok
20:27:06.0434 4988 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:27:06.0455 4988 iScsiPrt - ok
20:27:06.0477 4988 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:27:06.0492 4988 iteatapi - ok
20:27:06.0518 4988 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys
20:27:06.0538 4988 itecir - ok
20:27:06.0554 4988 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:27:06.0570 4988 iteraid - ok
20:27:06.0610 4988 k57nd60x (a67e8cfcad7d4f8b35643d6c79ba64c3) C:\Windows\system32\DRIVERS\k57nd60x.sys
20:27:06.0631 4988 k57nd60x - ok
20:27:06.0643 4988 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:27:06.0660 4988 kbdclass - ok
20:27:06.0684 4988 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
20:27:06.0714 4988 kbdhid - ok
20:27:06.0734 4988 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:27:06.0760 4988 KeyIso - ok
20:27:06.0815 4988 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
20:27:06.0842 4988 KSecDD - ok
20:27:06.0919 4988 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
20:27:06.0964 4988 KtmRm - ok
20:27:07.0011 4988 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
20:27:07.0037 4988 LanmanServer - ok
20:27:07.0069 4988 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
20:27:07.0103 4988 LanmanWorkstation - ok
20:27:07.0122 4988 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:27:07.0166 4988 lltdio - ok
20:27:07.0201 4988 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
20:27:07.0239 4988 lltdsvc - ok
20:27:07.0251 4988 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
20:27:07.0304 4988 lmhosts - ok
20:27:07.0332 4988 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
20:27:07.0348 4988 LSI_FC - ok
20:27:07.0364 4988 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
20:27:07.0382 4988 LSI_SAS - ok
20:27:07.0399 4988 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
20:27:07.0416 4988 LSI_SCSI - ok
20:27:07.0453 4988 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:27:07.0488 4988 luafv - ok
20:27:07.0506 4988 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
20:27:07.0530 4988 Mcx2Svc - ok
20:27:07.0547 4988 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
20:27:07.0563 4988 megasas - ok
20:27:07.0603 4988 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
20:27:07.0627 4988 MegaSR - ok
20:27:07.0646 4988 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:27:07.0684 4988 MMCSS - ok
20:27:07.0694 4988 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:27:07.0730 4988 Modem - ok
20:27:07.0746 4988 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:27:07.0781 4988 monitor - ok
20:27:07.0798 4988 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:27:07.0815 4988 mouclass - ok
20:27:07.0828 4988 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:27:07.0866 4988 mouhid - ok
20:27:07.0874 4988 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:27:07.0890 4988 MountMgr - ok
20:27:07.0907 4988 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
20:27:07.0924 4988 mpio - ok
20:27:07.0941 4988 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:27:07.0972 4988 mpsdrv - ok
20:27:08.0025 4988 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
20:27:08.0063 4988 MpsSvc - ok
20:27:08.0083 4988 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:27:08.0102 4988 Mraid35x - ok
20:27:08.0142 4988 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:27:08.0174 4988 MRxDAV - ok
20:27:08.0207 4988 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:27:08.0237 4988 mrxsmb - ok
20:27:08.0303 4988 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:27:08.0333 4988 mrxsmb10 - ok
20:27:08.0343 4988 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:27:08.0372 4988 mrxsmb20 - ok
20:27:08.0389 4988 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
20:27:08.0409 4988 msahci - ok
20:27:08.0443 4988 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
20:27:08.0464 4988 msdsm - ok
20:27:08.0500 4988 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
20:27:08.0537 4988 MSDTC - ok
20:27:08.0562 4988 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:27:08.0597 4988 Msfs - ok
20:27:08.0615 4988 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:27:08.0632 4988 msisadrv - ok
20:27:08.0671 4988 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
20:27:08.0709 4988 MSiSCSI - ok
20:27:08.0713 4988 msiserver - ok
20:27:08.0731 4988 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:27:08.0766 4988 MSKSSRV - ok
20:27:08.0781 4988 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:27:08.0816 4988 MSPCLOCK - ok
20:27:08.0820 4988 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:27:08.0856 4988 MSPQM - ok
20:27:08.0888 4988 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:27:08.0907 4988 MsRPC - ok
20:27:08.0919 4988 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:27:08.0936 4988 mssmbios - ok
20:27:08.0951 4988 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:27:08.0985 4988 MSTEE - ok
20:27:08.0992 4988 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:27:09.0010 4988 Mup - ok
20:27:09.0069 4988 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
20:27:09.0104 4988 napagent - ok
20:27:09.0153 4988 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:27:09.0183 4988 NativeWifiP - ok
20:27:09.0249 4988 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:27:09.0279 4988 NDIS - ok
20:27:09.0313 4988 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:27:09.0373 4988 NdisTapi - ok
20:27:09.0399 4988 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:27:09.0434 4988 Ndisuio - ok
20:27:09.0469 4988 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:27:09.0500 4988 NdisWan - ok
20:27:09.0516 4988 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:27:09.0547 4988 NDProxy - ok
20:27:09.0566 4988 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll
20:27:09.0576 4988 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:27:09.0576 4988 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:27:09.0594 4988 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:27:09.0630 4988 NetBIOS - ok
20:27:09.0672 4988 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:27:09.0705 4988 netbt - ok
20:27:09.0736 4988 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:27:09.0760 4988 Netlogon - ok
20:27:09.0801 4988 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
20:27:09.0840 4988 Netman - ok
20:27:09.0868 4988 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
20:27:09.0908 4988 netprofm - ok
20:27:09.0974 4988 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:27:09.0989 4988 NetTcpPortSharing - ok
20:27:09.0999 4988 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:27:10.0014 4988 nfrd960 - ok
20:27:10.0039 4988 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
20:27:10.0077 4988 NlaSvc - ok
20:27:10.0106 4988 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:27:10.0135 4988 Npfs - ok
20:27:10.0148 4988 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
20:27:10.0189 4988 nsi - ok
20:27:10.0201 4988 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:27:10.0236 4988 nsiproxy - ok
20:27:10.0332 4988 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:27:10.0374 4988 Ntfs - ok
20:27:10.0417 4988 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:27:10.0470 4988 ntrigdigi - ok
20:27:10.0488 4988 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:27:10.0523 4988 Null - ok
20:27:10.0543 4988 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
20:27:10.0561 4988 nvraid - ok
20:27:10.0572 4988 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
20:27:10.0589 4988 nvstor - ok
20:27:10.0604 4988 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
20:27:10.0622 4988 nv_agp - ok
20:27:10.0625 4988 NwlnkFlt - ok
20:27:10.0631 4988 NwlnkFwd - ok
20:27:10.0663 4988 OA001Ufd (a015dd2ba6009c8bdd00a6c431302d06) C:\Windows\system32\DRIVERS\OA001Ufd.sys
20:27:10.0682 4988 OA001Ufd - ok
20:27:10.0704 4988 OA001Vid (438ffcb55b8ce39b0bc71afc0a059835) C:\Windows\system32\DRIVERS\OA001Vid.sys
20:27:10.0726 4988 OA001Vid - ok
20:27:10.0839 4988 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:27:10.0863 4988 odserv - ok
20:27:10.0919 4988 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
20:27:10.0949 4988 ohci1394 - ok
20:27:10.0990 4988 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:27:11.0009 4988 ose - ok
20:27:11.0108 4988 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:27:11.0154 4988 p2pimsvc - ok
20:27:11.0164 4988 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:27:11.0211 4988 p2psvc - ok
20:27:11.0241 4988 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:27:11.0297 4988 Parport - ok
20:27:11.0320 4988 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
20:27:11.0337 4988 partmgr - ok
20:27:11.0349 4988 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:27:11.0401 4988 Parvdm - ok
20:27:11.0439 4988 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
20:27:11.0467 4988 PcaSvc - ok
20:27:11.0513 4988 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:27:11.0532 4988 pci - ok
20:27:11.0549 4988 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
20:27:11.0566 4988 pciide - ok
20:27:11.0596 4988 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:27:11.0614 4988 pcmcia - ok
20:27:11.0702 4988 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:27:11.0802 4988 PEAUTH - ok
20:27:11.0857 4988 pfc (5903fa75200807ad739286bbf40c4904) C:\Windows\system32\drivers\pfc.sys
20:27:11.0869 4988 pfc ( UnsignedFile.Multi.Generic ) - warning
20:27:11.0869 4988 pfc - detected UnsignedFile.Multi.Generic (1)
20:27:12.0080 4988 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
20:27:12.0175 4988 pla - ok
20:27:12.0305 4988 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
20:27:12.0339 4988 PlugPlay - ok
20:27:12.0414 4988 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll
20:27:12.0425 4988 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:27:12.0425 4988 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:27:12.0541 4988 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:27:12.0582 4988 PNRPAutoReg - ok
20:27:12.0591 4988 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:27:12.0655 4988 PNRPsvc - ok
20:27:12.0723 4988 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
20:27:12.0768 4988 PolicyAgent - ok
20:27:12.0874 4988 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:27:12.0917 4988 PptpMiniport - ok
20:27:12.0966 4988 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
20:27:13.0022 4988 Processor - ok
20:27:13.0044 4988 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
20:27:13.0096 4988 ProfSvc - ok
20:27:13.0123 4988 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:27:13.0162 4988 ProtectedStorage - ok
20:27:13.0191 4988 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:27:13.0241 4988 PSched - ok
20:27:13.0272 4988 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
20:27:13.0294 4988 PxHelp20 - ok
20:27:13.0398 4988 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
20:27:13.0609 4988 ql2300 - ok
20:27:13.0651 4988 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:27:13.0672 4988 ql40xx - ok
20:27:13.0714 4988 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
20:27:13.0741 4988 QWAVE - ok
20:27:13.0756 4988 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:27:13.0780 4988 QWAVEdrv - ok
20:27:13.0957 4988 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
20:27:14.0098 4988 R300 - ok
20:27:14.0232 4988 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:27:14.0280 4988 RasAcd - ok
20:27:14.0326 4988 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
20:27:14.0377 4988 RasAuto - ok
20:27:14.0395 4988 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:27:14.0430 4988 Rasl2tp - ok
20:27:14.0483 4988 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
20:27:14.0517 4988 RasMan - ok
20:27:14.0548 4988 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:27:14.0578 4988 RasPppoe - ok
20:27:14.0615 4988 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:27:14.0639 4988 RasSstp - ok
20:27:14.0688 4988 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:27:14.0733 4988 rdbss - ok
20:27:14.0749 4988 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:27:14.0791 4988 RDPCDD - ok
20:27:14.0827 4988 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
20:27:14.0872 4988 rdpdr - ok
20:27:14.0877 4988 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:27:14.0921 4988 RDPENCDD - ok
20:27:14.0964 4988 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
20:27:14.0994 4988 RDPWD - ok
20:27:15.0026 4988 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
20:27:15.0071 4988 RemoteAccess - ok
20:27:15.0103 4988 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
20:27:15.0142 4988 RemoteRegistry - ok
20:27:15.0171 4988 rimmptsk (c2ef513bbe069f0d4ee0938a76f975d3) C:\Windows\system32\DRIVERS\rimmptsk.sys
20:27:15.0190 4988 rimmptsk - ok
20:27:15.0204 4988 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
20:27:15.0223 4988 rimsptsk - ok
20:27:15.0229 4988 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
20:27:15.0250 4988 rismxdp - ok
20:27:15.0271 4988 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
20:27:15.0292 4988 RpcLocator - ok
20:27:15.0353 4988 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:27:15.0396 4988 RpcSs - ok
20:27:15.0435 4988 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:27:15.0474 4988 rspndr - ok
20:27:15.0519 4988 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:27:15.0543 4988 SamSs - ok
20:27:15.0614 4988 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:27:15.0627 4988 SASDIFSV - ok
20:27:15.0646 4988 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:27:15.0659 4988 SASKUTIL - ok
20:27:15.0681 4988 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:27:15.0699 4988 sbp2port - ok
20:27:15.0740 4988 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
20:27:15.0775 4988 SCardSvr - ok
20:27:15.0837 4988 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
20:27:15.0880 4988 Schedule - ok
20:27:15.0919 4988 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:27:15.0957 4988 SCPolicySvc - ok
20:27:15.0998 4988 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
20:27:16.0034 4988 sdbus - ok
20:27:16.0075 4988 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
20:27:16.0109 4988 SDRSVC - ok
20:27:16.0193 4988 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
20:27:16.0217 4988 SeaPort - ok
20:27:16.0240 4988 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:27:16.0316 4988 secdrv - ok
20:27:16.0333 4988 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
20:27:16.0381 4988 seclogon - ok
20:27:16.0400 4988 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
20:27:16.0437 4988 SENS - ok
20:27:16.0466 4988 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:27:16.0517 4988 Serenum - ok
20:27:16.0534 4988 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:27:16.0586 4988 Serial - ok
20:27:16.0603 4988 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:27:16.0637 4988 sermouse - ok
20:27:16.0667 4988 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
20:27:16.0704 4988 SessionEnv - ok
20:27:16.0804 4988 SfCtlCom (58c52cf9dd452817b9f4ba0781014836) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
20:27:16.0836 4988 SfCtlCom - ok
20:27:16.0865 4988 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
20:27:16.0902 4988 sffdisk - ok
20:27:16.0919 4988 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
20:27:16.0963 4988 sffp_mmc - ok
20:27:16.0995 4988 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:27:17.0031 4988 sffp_sd - ok
20:27:17.0049 4988 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:27:17.0110 4988 sfloppy - ok
20:27:17.0153 4988 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
20:27:17.0200 4988 SharedAccess - ok
20:27:17.0237 4988 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
20:27:17.0268 4988 ShellHWDetection - ok
20:27:17.0285 4988 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
20:27:17.0302 4988 sisagp - ok
20:27:17.0317 4988 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
20:27:17.0334 4988 SiSRaid2 - ok
20:27:17.0353 4988 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
20:27:17.0370 4988 SiSRaid4 - ok
20:27:17.0677 4988 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
20:27:17.0842 4988 slsvc - ok
20:27:17.0965 4988 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
20:27:18.0005 4988 SLUINotify - ok
20:27:18.0052 4988 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:27:18.0098 4988 Smb - ok
20:27:18.0129 4988 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
20:27:18.0166 4988 SNMPTRAP - ok
20:27:18.0196 4988 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:27:18.0222 4988 spldr - ok
20:27:18.0252 4988 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
20:27:18.0292 4988 Spooler - ok
20:27:18.0345 4988 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:27:18.0386 4988 srv - ok
20:27:18.0421 4988 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:27:18.0462 4988 srv2 - ok
20:27:18.0505 4988 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:27:18.0528 4988 srvnet - ok
20:27:18.0550 4988 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
20:27:18.0588 4988 SSDPSRV - ok
20:27:18.0605 4988 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
20:27:18.0631 4988 SstpSvc - ok
20:27:18.0720 4988 STacSV (12898d947cfcb36cb7a43e8f86a53cbc) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\STacSV.ex e
20:27:18.0741 4988 STacSV - ok
20:27:18.0789 4988 STHDA (805b1fc7e25613ce2dc93c0759d0aa30) C:\Windows\system32\DRIVERS\stwrt.sys
20:27:18.0819 4988 STHDA - ok
20:27:18.0858 4988 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
20:27:18.0896 4988 StillCam - ok
20:27:18.0960 4988 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
20:27:19.0019 4988 stisvc - ok
20:27:19.0110 4988 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
20:27:19.0128 4988 stllssvr - ok
20:27:19.0200 4988 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:27:19.0222 4988 swenum - ok
20:27:19.0305 4988 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
20:27:19.0361 4988 swprv - ok
20:27:19.0379 4988 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:27:19.0404 4988 Symc8xx - ok
20:27:19.0435 4988 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:27:19.0461 4988 Sym_hi - ok
20:27:19.0477 4988 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:27:19.0503 4988 Sym_u3 - ok
20:27:19.0578 4988 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
20:27:19.0640 4988 SysMain - ok
20:27:19.0681 4988 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
20:27:19.0728 4988 TabletInputService - ok
20:27:19.0774 4988 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
20:27:19.0828 4988 TapiSrv - ok
20:27:19.0844 4988 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
20:27:19.0905 4988 TBS - ok
20:27:20.0013 4988 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
20:27:20.0095 4988 Tcpip - ok
20:27:20.0113 4988 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
20:27:20.0194 4988 Tcpip6 - ok
20:27:20.0244 4988 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
20:27:20.0287 4988 tcpipreg - ok
20:27:20.0316 4988 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:27:20.0373 4988 TDPIPE - ok
20:27:20.0392 4988 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:27:20.0447 4988 TDTCP - ok
20:27:20.0484 4988 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:27:20.0532 4988 tdx - ok
20:27:20.0558 4988 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:27:20.0586 4988 TermDD - ok
20:27:20.0661 4988 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
20:27:20.0723 4988 TermService - ok
20:27:20.0782 4988 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
20:27:20.0825 4988 Themes - ok
20:27:20.0853 4988 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:27:20.0911 4988 THREADORDER - ok
20:27:20.0943 4988 tmactmon (ca9e9c2c04a198ed345c1752222a5f3e) C:\Windows\system32\DRIVERS\tmactmon.sys
20:27:20.0966 4988 tmactmon - ok
20:27:21.0070 4988 TMBMServer (b365e817e398ff2ac5706eab232ef6c1) C:\Program Files\Trend Micro\BM\TMBMSRV.exe
20:27:21.0102 4988 TMBMServer - ok
20:27:21.0150 4988 tmcomm (a3d20789b3ff0576a29462bef25bcfcc) C:\Windows\system32\DRIVERS\tmcomm.sys
20:27:21.0174 4988 tmcomm - ok
20:27:21.0202 4988 tmevtmgr (21f215e54770c4bf93efaf63f58fe57e) C:\Windows\system32\DRIVERS\tmevtmgr.sys
20:27:21.0224 4988 tmevtmgr - ok
20:27:21.0257 4988 tmlwf (4e87d02e56e9b1af831c5d521597d629) C:\Windows\system32\DRIVERS\tmlwf.sys
20:27:21.0281 4988 tmlwf - ok
20:27:21.0358 4988 TmPfw (255328cf08d602368b69ff1f55ebd93e) C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
20:27:21.0395 4988 TmPfw - ok
20:27:21.0448 4988 tmpreflt (379c4f99994a56b66e11d1e32bb22a1c) C:\Windows\system32\DRIVERS\tmpreflt.sys
20:27:21.0471 4988 tmpreflt - ok
20:27:21.0588 4988 TmProxy (0fec6c50b2be07c57651573cdd1c721f) C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
20:27:21.0630 4988 TmProxy - ok
20:27:21.0657 4988 tmtdi (44c262c1b2412ded35078b6166d2acc2) C:\Windows\system32\DRIVERS\tmtdi.sys
20:27:21.0679 4988 tmtdi - ok
20:27:21.0711 4988 tmwfp (d9882fd91b7c4c35acaa8498d1f3cd68) C:\Windows\system32\DRIVERS\tmwfp.sys
20:27:21.0738 4988 tmwfp - ok
20:27:21.0774 4988 tmxpflt (717e406972bbc07f8fb2a989416cab73) C:\Windows\system32\DRIVERS\tmxpflt.sys
20:27:21.0801 4988 tmxpflt - ok
20:27:21.0834 4988 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
20:27:21.0893 4988 TrkWks - ok
20:27:21.0946 4988 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
20:27:21.0997 4988 TrustedInstaller - ok
20:27:22.0031 4988 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:27:22.0086 4988 tssecsrv - ok
20:27:22.0110 4988 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:27:22.0151 4988 tunmp - ok
20:27:22.0191 4988 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:27:22.0214 4988 tunnel - ok
20:27:22.0233 4988 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
20:27:22.0249 4988 uagp35 - ok
20:27:22.0280 4988 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:27:22.0311 4988 udfs - ok
20:27:22.0352 4988 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
20:27:22.0389 4988 UI0Detect - ok
20:27:22.0438 4988 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
20:27:22.0455 4988 uliagpkx - ok
20:27:22.0486 4988 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
20:27:22.0506 4988 uliahci - ok
20:27:22.0519 4988 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:27:22.0536 4988 UlSata - ok
20:27:22.0558 4988 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:27:22.0579 4988 ulsata2 - ok
20:27:22.0612 4988 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:27:22.0655 4988 umbus - ok
20:27:22.0695 4988 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
20:27:22.0737 4988 upnphost - ok
20:27:22.0765 4988 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
20:27:22.0776 4988 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
20:27:22.0776 4988 USBAAPL - detected UnsignedFile.Multi.Generic (1)
20:27:22.0801 4988 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:27:22.0832 4988 usbccgp - ok
20:27:22.0855 4988 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:27:22.0907 4988 usbcir - ok
20:27:22.0934 4988 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:27:22.0965 4988 usbehci - ok
20:27:22.0993 4988 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:27:23.0025 4988 usbhub - ok
20:27:23.0041 4988 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
20:27:23.0092 4988 usbohci - ok
20:27:23.0122 4988 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:27:23.0157 4988 usbprint - ok
20:27:23.0172 4988 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
20:27:23.0202 4988 usbscan - ok
20:27:23.0215 4988 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:27:23.0247 4988 USBSTOR - ok
20:27:23.0303 4988 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
20:27:23.0333 4988 usbuhci - ok
20:27:23.0367 4988 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
20:27:23.0399 4988 UxSms - ok
20:27:23.0461 4988 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
20:27:23.0508 4988 vds - ok
20:27:23.0548 4988 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
20:27:23.0587 4988 vga - ok
20:27:23.0645 4988 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:27:23.0680 4988 VgaSave - ok
20:27:23.0695 4988 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
20:27:23.0719 4988 viaagp - ok
20:27:23.0769 4988 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
20:27:23.0806 4988 ViaC7 - ok
20:27:23.0848 4988 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
20:27:23.0863 4988 viaide - ok
20:27:23.0879 4988 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:27:23.0895 4988 volmgr - ok
20:27:23.0927 4988 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:27:23.0948 4988 volmgrx - ok
20:27:23.0998 4988 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:27:24.0023 4988 volsnap - ok
20:27:24.0175 4988 vsapint (642eb152cb980ad9181b2161066be629) C:\Windows\system32\DRIVERS\vsapint.sys
20:27:24.0252 4988 vsapint - ok
20:27:24.0449 4988 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
20:27:24.0479 4988 vsmraid - ok
20:27:24.0628 4988 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
20:27:24.0718 4988 VSS - ok
20:27:24.0763 4988 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
20:27:24.0819 4988 W32Time - ok
20:27:24.0844 4988 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:27:24.0902 4988 WacomPen - ok
20:27:24.0924 4988 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:27:24.0955 4988 Wanarp - ok
20:27:24.0959 4988 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:27:24.0995 4988 Wanarpv6 - ok
20:27:25.0042 4988 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
20:27:25.0076 4988 wcncsvc - ok
20:27:25.0111 4988 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
20:27:25.0144 4988 WcsPlugInService - ok
20:27:25.0165 4988 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
20:27:25.0185 4988 Wd - ok
20:27:25.0231 4988 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:27:25.0262 4988 Wdf01000 - ok
20:27:25.0278 4988 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:27:25.0325 4988 WdiServiceHost - ok
20:27:25.0337 4988 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:27:25.0384 4988 WdiSystemHost - ok
20:27:25.0432 4988 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
20:27:25.0467 4988 WebClient - ok
20:27:25.0516 4988 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
20:27:25.0559 4988 Wecsvc - ok
20:27:25.0587 4988 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
20:27:25.0643 4988 wercplsupport - ok
20:27:25.0676 4988 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
20:27:25.0711 4988 WerSvc - ok
20:27:25.0788 4988 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
20:27:25.0808 4988 WinDefend - ok
20:27:25.0814 4988 WinHttpAutoProxySvc - ok
20:27:25.0893 4988 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
20:27:25.0925 4988 Winmgmt - ok
20:27:26.0054 4988 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
20:27:26.0137 4988 WinRM - ok
20:27:26.0219 4988 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
20:27:26.0260 4988 Wlansvc - ok
20:27:26.0479 4988 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:27:26.0577 4988 wlidsvc - ok
20:27:26.0719 4988 wltrysvc - ok
20:27:26.0775 4988 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:27:26.0824 4988 WmiAcpi - ok
20:27:26.0929 4988 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
20:27:26.0979 4988 wmiApSrv - ok
20:27:27.0158 4988 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:27:27.0233 4988 WMPNetworkSvc - ok
20:27:27.0283 4988 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
20:27:27.0325 4988 WPCSvc - ok
20:27:27.0349 4988 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
20:27:27.0390 4988 WPDBusEnum - ok
20:27:27.0440 4988 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
20:27:27.0478 4988 WpdUsb - ok
20:27:27.0664 4988 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:27:27.0710 4988 WPFFontCache_v0400 - ok
20:27:27.0735 4988 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:27:27.0791 4988 ws2ifsl - ok
20:27:27.0823 4988 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
20:27:27.0864 4988 wscsvc - ok
20:27:27.0868 4988 WSearch - ok
20:27:28.0036 4988 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
20:27:28.0230 4988 wuauserv - ok
20:27:28.0392 4988 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:27:28.0436 4988 WUDFRd - ok
20:27:28.0480 4988 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
20:27:28.0527 4988 wudfsvc - ok
20:27:28.0549 4988 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:27:29.0027 4988 \Device\Harddisk0\DR0 - ok
20:27:29.0057 4988 Boot (0x1200) (1e36b6f38eeb49f500d6d1ad8f956370) \Device\Harddisk0\DR0\Partition0
20:27:29.0060 4988 \Device\Harddisk0\DR0\Partition0 - ok
20:27:29.0064 4988 Boot (0x1200) (889e879fbdada1776584f2eb46eaf0dc) \Device\Harddisk0\DR0\Partition1
20:27:29.0070 4988 \Device\Harddisk0\DR0\Partition1 - ok
20:27:29.0070 4988 ============================================================
20:27:29.0070 4988 Scan finished
20:27:29.0070 4988 ============================================================
20:27:29.0088 4420 Detected object count: 9
20:27:29.0088 4420 Actual detected object count: 9
20:29:10.0632 4420 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:10.0632 4420 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:10.0632 4420 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:10.0632 4420 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:10.0633 4420 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:10.0633 4420 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:10.0636 4420 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:10.0636 4420 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:10.0638 4420 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:10.0638 4420 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:10.0641 4420 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:10.0641 4420 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:10.0644 4420 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:10.0644 4420 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:10.0648 4420 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:10.0648 4420 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:29:10.0650 4420 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:10.0650 4420 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip



There were issues that I skipped, as "cure" was not an option. Should I put them in quarantine?

Last edited by meowtweets444; 21-Jul-2012 at 08:34 PM.. Reason: Had one more question to ask
meowtweets444's Avatar
meowtweets444 meowtweets444 is offline
Computer Specs
Member with 28 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Intermediate
21-Jul-2012, 08:38 PM #8
Here's the aswMBR:


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-21 20:35:37
-----------------------------
20:35:37.234 OS Version: Windows 6.0.6002 Service Pack 2
20:35:37.234 Number of processors: 2 586 0xF0D
20:35:37.235 ComputerName: CAROLLAPTOP UserName: Carol
20:35:44.988 Initialize success
20:36:21.079 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:36:21.082 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
20:36:21.104 Disk 0 MBR read successfully
20:36:21.108 Disk 0 MBR scan
20:36:21.112 Disk 0 Windows VISTA default MBR code
20:36:21.116 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 78 MB offset 63
20:36:21.133 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 161792
20:36:21.151 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 294925 MB offset 21133312
20:36:21.159 Disk 0 scanning sectors +625139712
20:36:21.232 Disk 0 scanning C:\Windows\system32\drivers
20:36:28.659 Service scanning
20:36:44.780 Modules scanning
20:36:55.044 Disk 0 trace - called modules:
20:36:55.067 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
20:36:55.401 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86ec6ac8]
20:36:55.407 3 CLASSPNP.SYS[8aba08b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85d18030]
20:36:55.413 Scan finished successfully
20:37:27.072 Disk 0 MBR has been saved successfully to "C:\Users\Carol\Documents\MBR.dat"
20:37:27.245 The log file has been saved successfully to "C:\Users\Carol\Documents\log file aswMBR.txt"
meowtweets444's Avatar
meowtweets444 meowtweets444 is offline
Computer Specs
Member with 28 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Intermediate
21-Jul-2012, 08:59 PM #9
Here's the ComboFix:



ComboFix 12-07-21.01 - Carol 07/21/2012 20:43:29.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3061.1802 [GMT -4:00]
Running from: c:\users\Carol\Downloads\ComboFix.exe
AV: Trend Micro Internet Security Pro *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
FW: Trend Micro Personal Firewall *Disabled* {70A91CD9-303D-A217-A80E-6DEE136EDB2B}
SP: Trend Micro Internet Security Pro *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\AMMYY
c:\programdata\AMMYY\hr
c:\programdata\AMMYY\hr3
c:\programdata\AMMYY\settings3.bin
c:\users\Carol\AppData\Roaming\Install.dat
c:\users\Carol\g2mdlhlpx.exe
c:\windows\system32\service
c:\windows\system32\service\05012012_TIS17_SfFniAU.log
.
.
((((((((((((((((((((((((( Files Created from 2012-06-22 to 2012-07-22 )))))))))))))))))))))))))))))))
.
.
2012-07-22 00:50 . 2012-07-22 00:50 -------- d-----w- c:\users\Carol\AppData\Local\temp
2012-07-22 00:50 . 2012-07-22 00:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-21 03:44 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7672FB7A-2D8F-4460-91F1-5C53B70DCCC6}\mpengine.dll
2012-07-14 13:21 . 2012-06-13 13:40 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-07-13 12:37 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-07-13 12:37 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-07-13 12:37 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-07-13 12:37 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-13 12:37 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll
2012-07-13 12:37 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll
2012-07-07 20:44 . 2012-07-07 20:44 -------- d-----w- c:\users\Carol\AppData\Roaming\SUPERAntiSpyware.com
2012-07-07 20:44 . 2012-07-07 20:44 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-07-07 20:44 . 2012-07-07 20:44 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-07-07 20:42 . 2012-07-07 20:42 -------- d-----w- c:\users\Carol\AppData\Roaming\Malwarebytes
2012-07-07 20:41 . 2012-07-07 20:41 -------- d-----w- c:\programdata\Malwarebytes
2012-07-07 20:41 . 2012-07-15 20:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-07 20:41 . 2012-07-03 17:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-26 00:38 . 2012-06-26 00:38 -------- d-----w- c:\programdata\McAfee
2012-06-24 21:00 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-24 21:00 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-24 21:00 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-24 21:00 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-24 21:00 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-24 21:00 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-24 21:00 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-24 21:00 . 2012-06-02 19:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-24 21:00 . 2012-06-02 19:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-22 04:17 . 2012-06-24 20:12 -------- d-----w- c:\users\Carol\AppData\Local\LogMeIn Rescue Applet
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-13 14:23 . 2012-05-03 21:57 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-13 14:23 . 2011-06-13 22:17 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-31 16:25 . 2010-11-02 02:03 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-09 16:21 . 2012-05-27 21:30 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-05-09 16:21 . 2010-05-27 04:17 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-05-01 14:03 . 2012-06-15 01:54 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-23 16:00 . 2012-06-15 01:54 984064 ----a-w- c:\windows\system32\crypt32.dll
2012-04-23 16:00 . 2012-06-15 01:54 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-23 16:00 . 2012-06-15 01:54 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2011-06-16 04:17 . 2011-06-21 19:17 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"TrendSecure Remote File Lock"="c:\program files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe" [2009-07-25 329040]
"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-06-26 3906432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-06-30 196608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-13 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-13 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-13 133656]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-02-19 438403]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-01-14 132392]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-06-25 442467]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2010-01-26 1020248]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\MRI_DISABLED
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-5-2 1211472]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-24 1295656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\Shell ExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCO RE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf010 00.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
2008-08-05 12:17 3563520 ----a-w- c:\windows\System32\WLTRAY.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2008-03-11 18:44 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2010-03-12 17:08 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2007-10-03 21:44 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\a estsrv.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 44841093
*NewlyCreated* - ASWMBR
*Deregistered* - 44841093
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-03 14:23]
.
2012-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 15:02]
.
2012-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 15:02]
.
2012-07-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2757528240-973861508-1219799131-1000Core.job
- c:\users\Carol\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-25 22:28]
.
2012-07-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2757528240-973861508-1219799131-1000UA.job
- c:\users\Carol\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-25 22:28]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.marketamerica.com/cbeauchamp/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: yahoo.com\us.mc550.mail
Trusted Zone: yahoomail.com
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
FF - ProfilePath - c:\users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\rzaej8ij.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=SUN1
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q=
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-LoJackForLaptops - c:\program files\LFLInstall\InstallManager.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-21 20:50
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2012-07-21 20:53:07
ComboFix-quarantined-files.txt 2012-07-22 00:53
.
Pre-Run: 225,395,363,840 bytes free
Post-Run: 226,196,307,968 bytes free
.
- - End Of File - - FC026D608C3289E54E7AB2B692681F30
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,314 posts.
 
Join Date: Mar 2001
Location: Bradford, England
23-Jul-2012, 01:42 PM #10
Quote:
There were issues that I skipped, as "cure" was not an option. Should I put them in quarantine?
Nope, they're fine to skip as they legit

-----
Can you run this for me now

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Please copy the text in the code box below and paste it in the Custom Scans/Fixes box in OTL:

    Code:
    netsvcs
    activex
    msconfig
    %SYSTEMDRIVE%\*.
    %PROGRAMFILES%\*.exe
    %LOCALAPPDATA%\*.exe
    %windir%\Installer\*.*
    %windir%\system32\tasks\*.*
    %windir%\system32\tasks\*.* /64
    %systemroot%\Fonts\*.exe
    %systemroot%\*. /mp /s
    /md5start
    ieUnatt.exe
    consrv.dll
    explorer.exe
    winlogon.exe
    regedit.exe
    Userinit.exe
    svchost.exe
    /md5stop
    C:\Windows\assembly\tmp\U\*.* /s
    %Temp%\smtmp\1\*.*
    %Temp%\smtmp\2\*.*
    %Temp%\smtmp\3\*.*
    %Temp%\smtmp\4\*.*
    >C:\commands.txt echo list vol /raw /hide /c
    /wait
    >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
    /wait
    type c:\diskreport.txt /c
    /wait
    erase c:\commands.txt /hide /c
    /wait
    erase c:\diskreport.txt /hide /c
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic
meowtweets444's Avatar
meowtweets444 meowtweets444 is offline
Computer Specs
Member with 28 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Intermediate
23-Jul-2012, 08:23 PM #11
I hope this doesn't post twice. I copied and listed the newer OTL and my reply didn't look like it loaded so here goes again.

Eddie, I noticed on the ComboFix that there were "Ammyy" files under "OTHER DELETIONS". Do you have any idea what it was exactly that they downloaded on her computer?

Here's the OTL:


OTL Text:



OTL logfile created on: 7/23/2012 7:47:10 PM - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Carol\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 51.59% Memory free
6.18 Gb Paging File | 4.59 Gb Available in Paging File | 74.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.01 Gb Total Space | 210.52 Gb Free Space | 73.10% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.83 Gb Free Space | 48.27% Space Free | Partition Type: NTFS

Computer Name: CAROLLAPTOP | User Name: Carol | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/23 19:46:20 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Carol\Downloads\OTL.exe
PRC - [2012/07/23 19:44:56 | 004,777,856 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012/07/13 09:23:10 | 000,686,280 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/04/27 23:27:45 | 000,689,416 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
PRC - [2011/04/27 23:27:45 | 000,497,008 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
PRC - [2011/04/27 23:27:44 | 000,345,352 | ---- | M] () -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/11/08 12:40:56 | 000,715,440 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
PRC - [2010/01/26 03:40:32 | 001,020,248 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
PRC - [2010/01/04 05:59:46 | 000,083,280 | ---- | M] () -- C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe
PRC - [2009/07/27 05:30:25 | 000,157,008 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\platformdependent\ProToolbarComm.exe
PRC - [2009/07/24 21:06:46 | 000,329,040 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe
PRC - [2009/07/24 21:02:47 | 000,185,680 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/09/24 00:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/06/30 06:28:24 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/06/30 06:28:14 | 000,196,608 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/06/30 06:28:12 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008/06/30 06:28:12 | 000,046,376 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/06/25 07:56:34 | 000,442,467 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2008/06/25 07:56:30 | 000,221,273 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\stacsv.ex e
PRC - [2008/06/25 07:56:24 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\AEstSrv.e xe
PRC - [2008/02/19 12:43:30 | 000,438,403 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
PRC - [2008/01/14 12:13:02 | 000,132,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/10/03 17:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/23 19:45:01 | 000,065,024 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/07/23 19:45:01 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/07/07 16:45:04 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012/07/07 16:45:04 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/07/27 05:30:47 | 000,015,184 | ---- | M] () -- C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\resource\en-us\platformdependent\TPResource.dll.mui


========== Win32 Services (SafeList) ==========

SRV - [2012/07/13 10:23:15 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/04/27 23:27:45 | 000,689,416 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV - [2011/04/27 23:27:45 | 000,497,008 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe -- (TmPfw)
SRV - [2011/04/27 23:27:44 | 000,345,352 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/11/08 12:40:56 | 000,715,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV - [2008/09/24 00:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/06/25 07:56:30 | 000,221,273 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\stacsv.ex e -- (STacSV)
SRV - [2008/06/25 07:56:24 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\AEstSrv.e xe -- (AESTFilters)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 17:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Carol\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/07/12 06:44:10 | 000,262,416 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmxpflt.sys -- (tmxpflt)
DRV - [2011/07/12 06:43:58 | 000,036,624 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmpreflt.sys -- (tmpreflt)
DRV - [2011/07/12 06:09:32 | 001,405,720 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vsapint.sys -- (vsapint)
DRV - [2011/04/27 23:27:57 | 000,283,152 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmwfp.sys -- (tmwfp)
DRV - [2011/04/27 23:27:57 | 000,146,448 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmlwf.sys -- (tmlwf)
DRV - [2011/04/27 23:27:57 | 000,089,872 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010/07/19 14:03:10 | 000,059,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\tmactmon.sys -- (tmactmon)
DRV - [2010/07/19 14:03:00 | 000,051,792 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\DRIVERS\tmevtmgr.sys -- (tmevtmgr)
DRV - [2010/07/19 14:02:54 | 000,163,408 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\DRIVERS\tmcomm.sys -- (tmcomm)
DRV - [2009/01/10 18:01:23 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)
DRV - [2008/10/06 01:49:20 | 000,277,440 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2008/10/06 01:49:20 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008/08/05 08:16:06 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/06/30 06:28:10 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/06/25 07:56:36 | 000,380,928 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008/03/14 08:46:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2008/03/13 07:41:12 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2008/03/13 07:37:46 | 000,111,616 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/03/13 07:34:40 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2008/03/13 07:34:38 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/03/13 07:34:36 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/01/20 22:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={ inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.marketamerica.com/cbeauchamp/
IE - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\..\SearchScopes,DefaultScope = {06537D30-5B07-4311-AC4F-FB13EDF52743}
IE - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\..\SearchScopes\{06537D30-5B07-4311-AC4F-FB13EDF52743}: "URL" = http://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={ inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS
IE - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\..\SearchScopes\{B463C4D3-435E-4779-A8D0-BE1607149ED5}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=1I7DKUS_en
IE - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?pc=SUN1"
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.60
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {22181a4d-af90-4ca3-a569-faed9118d6bc}:1.6.0.1161
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Carol\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Carol\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Carol\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp .com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/17 00:33:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension [2011/09/14 16:08:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/23 00:06:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/27 17:30:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetwo rks.com: C:\Users\Carol\AppData\Roaming\Move Networks [2011/03/26 15:01:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp. com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/17 00:33:52 | 000,000,000 | ---D | M]

[2009/08/04 20:15:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carol\AppData\Roaming\Mozilla\Extensions
[2011/06/21 14:07:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\rzaej8ij.default\ex tensions
[2009/08/04 20:18:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\rzaej8ij.default\ex tensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/26 15:01:51 | 000,001,840 | ---- | M] () -- C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\rzaej8ij.default\se archplugins\bing.xml
[2012/06/25 20:39:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/27 00:17:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/28 10:40:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/28 23:13:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/27 21:05:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/25 14:31:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/26 17:17:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012/05/27 17:30:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2012/06/25 20:39:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2011/09/14 16:08:32 | 000,000,000 | ---D | M] (Trend Micro Toolbar) -- C:\PROGRAM FILES\TREND MICRO\TRENDSECURE\TISPROTOOLBAR\FIREFOXEXTENSION
[2011/06/16 00:17:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - homepage: http://www.marketamerica.com/cbeauchamp/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googlerigi nalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie= {inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chro me&hl={language}&q={searchTerms}
CHR - homepage: http://www.marketamerica.com/cbeauchamp/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Carol\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32 .dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Carol\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogl eNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Carol\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Carol\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/07/21 20:50:44 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe ()
O4 - HKU\S-1-5-21-2757528240-973861508-1219799131-1000..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-2757528240-973861508-1219799131-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-2757528240-973861508-1219799131-1000..\Run: [TrendSecure Remote File Lock] C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe (Trend Micro Inc.)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\..Trusted Domains: yahoo.com ([us.mc550.mail] https in Trusted sites)
O15 - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\..Trusted Domains: yahoomail.com ([]https in Trusted sites)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1CA2F8CF-6C85-418E-A5C5-3C8DE36F199A}: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CFA34EDE-DD33-4E47-B62E-EBAB07D98981}: DhcpNameServer = 68.87.77.134 68.87.72.134
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Seagull_1920x1200.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Seagull_1920x1200.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{712700a0-06c6-49ab-8127-7bd1eca12ab7} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Broadcom Wireless Manager UI - hkey= - key= - File not found
MsConfig - StartUpReg: dscactivate - hkey= - key= - C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
MsConfig - StartUpReg: IAAnotif - hkey= - key= - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/07/21 20:53:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/21 20:53:09 | 000,000,000 | ---D | C] -- C:\Users\Carol\AppData\Local\temp
[2012/07/21 20:41:50 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/07/21 20:41:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/07/21 20:41:50 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/07/21 20:41:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/21 20:41:20 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/07/07 16:44:50 | 000,000,000 | ---D | C] -- C:\Users\Carol\AppData\Roaming\SUPERAntiSpyware.com
[2012/07/07 16:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/07/07 16:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/07/07 16:44:30 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/07/07 16:42:00 | 000,000,000 | ---D | C] -- C:\Users\Carol\AppData\Roaming\Malwarebytes
[2012/07/07 16:41:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/07 16:41:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/07 16:41:26 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/07/07 16:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/25 20:38:21 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/23 19:46:06 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2757528240-973861508-1219799131-1000UA.job
[2012/07/23 19:43:12 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/23 19:42:48 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/23 19:42:48 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/23 19:42:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/23 19:42:37 | 3208,642,560 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/22 00:19:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/21 23:49:29 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/21 20:50:44 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/07/21 20:37:27 | 000,000,512 | ---- | M] () -- C:\Users\Carol\Documents\MBR.dat
[2012/07/21 20:18:40 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2757528240-973861508-1219799131-1000Core.job
[2012/07/15 16:48:51 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/14 09:29:38 | 000,381,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/13 08:43:44 | 000,002,044 | ---- | M] () -- C:\Users\Carol\Desktop\Google Chrome.lnk
[2012/07/13 08:43:44 | 000,002,006 | ---- | M] () -- C:\Users\Carol\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/07/07 16:44:36 | 000,001,802 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/06/24 18:16:16 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/24 18:16:16 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/21 20:41:50 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/07/21 20:41:50 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/07/21 20:41:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/07/21 20:41:50 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/07/21 20:41:50 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/07/21 20:37:27 | 000,000,512 | ---- | C] () -- C:\Users\Carol\Documents\MBR.dat
[2012/07/07 16:44:36 | 000,001,802 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/07/07 16:41:29 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/24 16:50:49 | 3208,642,560 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/27 23:27:57 | 000,163,408 | ---- | C] () -- C:\Windows\System32\drivers\tmcomm.sys
[2011/04/27 23:27:57 | 000,059,472 | ---- | C] () -- C:\Windows\System32\drivers\tmactmon.sys
[2011/04/27 23:27:57 | 000,051,792 | ---- | C] () -- C:\Windows\System32\drivers\tmevtmgr.sys
[2009/03/23 01:04:59 | 000,005,972 | ---- | C] () -- C:\Users\Carol\AppData\Local\d3d9caps.dat
[2009/01/19 14:48:14 | 000,004,096 | -H-- | C] () -- C:\Users\Carol\AppData\Local\keyfile3.drm
[2009/01/02 21:09:32 | 000,019,456 | ---- | C] () -- C:\Users\Carol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2009/01/10 18:09:06 | 000,000,000 | ---D | M] -- C:\Users\Carol\AppData\Roaming\ACD Systems
[2011/07/10 18:39:40 | 000,000,000 | ---D | M] -- C:\Users\Carol\AppData\Roaming\Image Zone Express
[2011/06/26 17:16:25 | 000,000,000 | ---D | M] -- C:\Users\Carol\AppData\Roaming\Printer Info Cache
[2012/06/06 14:10:19 | 000,000,000 | ---D | M] -- C:\Users\Carol\AppData\Roaming\TeamViewer
[2012/07/22 00:19:46 | 000,032,570 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*. >
[2012/07/21 20:53:12 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2009/07/23 18:39:28 | 000,000,000 | ---D | M] -- C:\Boot
[2009/09/07 21:47:21 | 000,000,000 | ---D | M] -- C:\DELL
[2008/11/17 05:01:44 | 000,000,000 | ---D | M] -- C:\doctemp
[2008/12/28 21:26:01 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2008/10/06 01:49:18 | 000,000,000 | ---D | M] -- C:\Drivers
[2009/06/28 21:21:42 | 000,000,000 | ---D | M] -- C:\epson
[2008/12/28 21:31:45 | 000,000,000 | R--D | M] -- C:\MSOCache
[2008/01/20 22:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012/07/16 01:14:17 | 000,000,000 | R--D | M] -- C:\Program Files
[2012/07/21 20:49:51 | 000,000,000 | ---D | M] -- C:\ProgramData
[2012/07/21 20:53:10 | 000,000,000 | ---D | M] -- C:\Qoobox
[2012/07/23 19:50:58 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011/03/26 15:27:48 | 000,000,000 | ---D | M] -- C:\Temp
[2008/12/28 21:29:19 | 000,000,000 | R--D | M] -- C:\Users
[2012/07/21 20:50:52 | 000,000,000 | ---D | M] -- C:\Windows

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %windir%\Installer\*.* >
[2011/10/20 20:09:32 | 002,002,432 | ---- | M] () -- C:\Windows\Installer\116ab0e.msi
[2009/09/21 16:53:56 | 005,518,848 | R--- | M] () -- C:\Windows\Installer\1208c9f.msp
[2009/09/29 09:08:12 | 006,747,648 | R--- | M] () -- C:\Windows\Installer\1208cb5.msp
[2009/07/27 04:31:24 | 003,738,624 | R--- | M] () -- C:\Windows\Installer\1208cbe.msp
[2009/08/20 05:02:38 | 005,204,992 | R--- | M] () -- C:\Windows\Installer\1208cdb.msp
[2009/08/21 10:14:20 | 008,363,008 | R--- | M] () -- C:\Windows\Installer\1208cf7.msp
[2010/03/11 23:59:18 | 005,031,424 | R--- | M] () -- C:\Windows\Installer\125b1c.msp
[2010/03/11 21:16:30 | 004,148,224 | R--- | M] () -- C:\Windows\Installer\125b31.msp
[2010/02/21 01:02:24 | 004,195,840 | R--- | M] () -- C:\Windows\Installer\125b45.msp
[2010/03/11 12:03:40 | 005,524,480 | R--- | M] () -- C:\Windows\Installer\125b5a.msp
[2010/03/22 16:03:14 | 011,732,992 | R--- | M] () -- C:\Windows\Installer\125b63.msp
[2009/04/24 13:29:02 | 009,013,760 | R--- | M] () -- C:\Windows\Installer\13152.msp
[2009/08/18 13:50:38 | 012,022,272 | R--- | M] () -- C:\Windows\Installer\1318b.msp
[2009/08/18 14:08:34 | 001,373,696 | R--- | M] () -- C:\Windows\Installer\1319f.msp
[2009/05/26 19:53:56 | 000,579,072 | R--- | M] () -- C:\Windows\Installer\131b2.msp
[2009/08/18 13:57:54 | 009,122,304 | R--- | M] () -- C:\Windows\Installer\131c7.msp
[2009/04/24 13:28:00 | 004,450,816 | R--- | M] () -- C:\Windows\Installer\131ef.msp
[2009/08/05 08:49:32 | 003,457,024 | R--- | M] () -- C:\Windows\Installer\13205.msp
[2009/05/26 19:54:44 | 004,192,768 | R--- | M] () -- C:\Windows\Installer\13242.msp
[2009/12/11 11:29:56 | 005,521,408 | R--- | M] () -- C:\Windows\Installer\13410.msp
[2009/12/03 15:15:12 | 005,004,288 | R--- | M] () -- C:\Windows\Installer\13424.msp
[2010/08/24 09:49:22 | 006,825,472 | R--- | M] () -- C:\Windows\Installer\13cea7.msp
[2010/10/04 16:32:10 | 005,517,824 | R--- | M] () -- C:\Windows\Installer\13cebc.msp
[2010/09/17 06:06:50 | 003,355,648 | R--- | M] () -- C:\Windows\Installer\13ced0.msp
[2010/08/13 18:00:36 | 009,404,928 | R--- | M] () -- C:\Windows\Installer\13cee5.msp
[2010/08/23 17:09:02 | 007,673,344 | R--- | M] () -- C:\Windows\Installer\13cefa.msp
[2010/08/13 18:02:20 | 002,545,664 | R--- | M] () -- C:\Windows\Installer\13cf03.msp
[2010/08/13 17:59:46 | 008,182,272 | R--- | M] () -- C:\Windows\Installer\13cf1e.msp
[2010/08/13 18:01:28 | 008,993,280 | R--- | M] () -- C:\Windows\Installer\13cf44.msp
[2012/06/12 23:21:12 | 001,530,368 | ---- | M] () -- C:\Windows\Installer\13fb72f.msi
[2012/06/12 23:22:44 | 001,718,784 | ---- | M] () -- C:\Windows\Installer\13fb762.msi
[2012/06/12 23:29:58 | 004,819,456 | ---- | M] () -- C:\Windows\Installer\13fc32d.msi
[2010/01/17 00:26:41 | 000,324,608 | ---- | M] () -- C:\Windows\Installer\142f1.msi
[2010/01/17 00:28:39 | 000,821,760 | ---- | M] () -- C:\Windows\Installer\143a5.msi
[2010/01/17 00:29:26 | 000,279,040 | ---- | M] () -- C:\Windows\Installer\143cc.msi
[2010/01/17 00:29:46 | 000,577,024 | ---- | M] () -- C:\Windows\Installer\1443e.msi
[2009/04/14 05:50:22 | 005,191,680 | R--- | M] () -- C:\Windows\Installer\15a87.msp
[2009/09/18 10:30:44 | 005,016,576 | R--- | M] () -- C:\Windows\Installer\15a9b.msp
[2009/02/25 20:08:18 | 008,311,808 | R--- | M] () -- C:\Windows\Installer\15aae.msp
[2008/04/11 19:48:24 | 006,774,272 | R--- | M] () -- C:\Windows\Installer\15ac4.msp
[2009/02/25 20:05:14 | 011,840,000 | R--- | M] () -- C:\Windows\Installer\15ad9.msp
[2008/04/11 19:08:12 | 006,302,720 | R--- | M] () -- C:\Windows\Installer\15af1.msp
[2009/04/14 05:51:24 | 001,303,040 | R--- | M] () -- C:\Windows\Installer\15afa.msp
[2008/01/28 19:10:56 | 014,201,344 | R--- | M] () -- C:\Windows\Installer\15b30.msp
[2008/10/20 11:16:58 | 013,211,648 | R--- | M] () -- C:\Windows\Installer\15b46.msp
[2009/04/14 05:18:14 | 009,684,480 | R--- | M] () -- C:\Windows\Installer\15b4f.msp
[2009/10/01 08:14:35 | 000,119,296 | ---- | M] () -- C:\Windows\Installer\15b7a1a.msi
[2008/05/21 02:30:40 | 014,308,864 | R--- | M] () -- C:\Windows\Installer\1681a.msp
[2007/10/15 00:43:14 | 229,852,160 | R--- | M] () -- C:\Windows\Installer\16883.msp
[2007/10/15 00:43:32 | 021,981,184 | R--- | M] () -- C:\Windows\Installer\1688b.msp
[2007/10/15 00:43:46 | 005,749,760 | R--- | M] () -- C:\Windows\Installer\168bc.msp
[2007/10/15 00:43:38 | 012,743,168 | R--- | M] () -- C:\Windows\Installer\168cd.msp
[2007/10/15 00:46:48 | 000,324,608 | R--- | M] () -- C:\Windows\Installer\168da.msp
[2007/10/15 00:44:28 | 000,324,608 | R--- | M] () -- C:\Windows\Installer\168e1.msp
[2009/04/14 04:22:08 | 019,840,000 | R--- | M] () -- C:\Windows\Installer\168ea.msp
[2009/04/14 05:56:18 | 020,498,944 | R--- | M] () -- C:\Windows\Installer\168f3.msp
[2009/05/07 10:04:06 | 018,341,376 | R--- | M] () -- C:\Windows\Installer\168fc.msp
[2009/04/14 04:46:12 | 015,438,848 | R--- | M] () -- C:\Windows\Installer\16905.msp
[2009/04/14 05:21:34 | 015,303,168 | R--- | M] () -- C:\Windows\Installer\1690e.msp
[2012/05/23 00:06:37 | 009,474,048 | ---- | M] () -- C:\Windows\Installer\174eba.msi
[2011/02/04 13:10:41 | 000,361,984 | ---- | M] () -- C:\Windows\Installer\1bdfc9.msi
[2009/11/26 12:34:18 | 000,429,568 | ---- | M] () -- C:\Windows\Installer\1c97e.msi
[2011/07/07 10:23:55 | 000,953,344 | ---- | M] () -- C:\Windows\Installer\224a7b.msi
[2009/01/12 17:06:41 | 000,802,304 | ---- | M] () -- C:\Windows\Installer\232273.msi
[2012/05/07 22:34:58 | 004,018,688 | ---- | M] () -- C:\Windows\Installer\2442e31.msi
[2011/11/03 14:31:36 | 005,525,504 | R--- | M] () -- C:\Windows\Installer\2469e8e.msp
[2010/07/10 20:06:20 | 010,120,192 | R--- | M] () -- C:\Windows\Installer\24b1a14.msp
[2010/07/10 20:14:14 | 002,850,816 | R--- | M] () -- C:\Windows\Installer\24b1a1d.msp
[2010/07/26 17:02:46 | 005,519,360 | R--- | M] () -- C:\Windows\Installer\24b1a44.msp
[2010/07/26 16:00:00 | 005,010,944 | R--- | M] () -- C:\Windows\Installer\24b1a58.msp
[2010/06/28 22:53:16 | 006,819,840 | R--- | M] () -- C:\Windows\Installer\24b1a6d.msp
[2010/07/09 17:28:46 | 002,151,424 | R--- | M] () -- C:\Windows\Installer\24b1a80.msp
[2010/06/28 16:01:18 | 007,677,952 | R--- | M] () -- C:\Windows\Installer\24b1a94.msp
[2009/08/25 14:57:34 | 005,518,336 | R--- | M] () -- C:\Windows\Installer\2598c.msp
[2010/04/02 18:28:29 | 002,317,312 | ---- | M] () -- C:\Windows\Installer\2aae3d.msi
[2010/04/02 18:28:36 | 000,067,072 | ---- | M] () -- C:\Windows\Installer\2aae43.msi
[2010/04/02 18:28:20 | 006,280,192 | R--- | M] () -- C:\Windows\Installer\2aae55.msp
[2010/01/17 00:33:56 | 000,855,040 | ---- | M] () -- C:\Windows\Installer\2addf.msi
[2008/10/20 10:18:14 | 006,474,240 | R--- | M] () -- C:\Windows\Installer\30379c.msp
[2007/07/21 13:26:34 | 007,574,016 | R--- | M] () -- C:\Windows\Installer\3037a5.msp
[2007/10/14 23:59:26 | 026,614,784 | R--- | M] () -- C:\Windows\Installer\3037bf.msp
[2007/10/14 23:33:24 | 026,646,016 | R--- | M] () -- C:\Windows\Installer\3037ca.msp
[2007/07/27 09:03:06 | 119,977,472 | R--- | M] () -- C:\Windows\Installer\3038f7.msp
[2008/09/24 12:05:44 | 016,381,440 | R--- | M] () -- C:\Windows\Installer\303900.msp
[2008/08/11 11:49:32 | 022,457,344 | R--- | M] () -- C:\Windows\Installer\303910.msp
[2008/06/19 18:28:04 | 001,573,376 | R--- | M] () -- C:\Windows\Installer\303921.msp
[2009/02/11 15:02:00 | 005,519,872 | R--- | M] () -- C:\Windows\Installer\30393f.msp
[2008/08/11 11:51:14 | 015,916,544 | R--- | M] () -- C:\Windows\Installer\303948.msp
[2005/10/26 14:59:54 | 002,883,072 | R--- | M] () -- C:\Windows\Installer\303965.msp
[2008/10/20 10:22:54 | 011,758,592 | R--- | M] () -- C:\Windows\Installer\30396e.msp
[2011/04/28 00:45:01 | 003,204,096 | ---- | M] () -- C:\Windows\Installer\319adb.msi
[2010/06/24 22:37:34 | 001,160,192 | ---- | M] () -- C:\Windows\Installer\399504.msi
[2009/01/12 12:31:48 | 000,432,640 | ---- | M] () -- C:\Windows\Installer\3e48a.msi
[2009/04/06 17:00:42 | 005,518,336 | R--- | M] () -- C:\Windows\Installer\3fdb3.msp
[2007/11/08 11:42:36 | 004,158,464 | R--- | M] () -- C:\Windows\Installer\42c1a.msp
[2008/07/28 14:59:08 | 000,180,736 | R--- | M] () -- C:\Windows\Installer\42c2f.msp
[2008/06/11 14:02:44 | 000,830,464 | R--- | M] () -- C:\Windows\Installer\42c44.msp
[2008/07/08 11:27:36 | 008,436,736 | R--- | M] () -- C:\Windows\Installer\42c5a.msp
[2008/01/14 15:24:52 | 010,721,280 | R--- | M] () -- C:\Windows\Installer\42c6f.msp
[2008/10/25 09:15:10 | 006,227,456 | R--- | M] () -- C:\Windows\Installer\42c84.msp
[2008/01/14 16:53:34 | 005,213,696 | R--- | M] () -- C:\Windows\Installer\42c99.msp
[2008/01/31 10:30:52 | 009,947,648 | R--- | M] () -- C:\Windows\Installer\42cb6.msp
[2008/06/04 13:29:48 | 016,905,728 | R--- | M] () -- C:\Windows\Installer\42ccc.msp
[2008/04/01 14:33:20 | 005,479,936 | R--- | M] () -- C:\Windows\Installer\42ce5.msp
[2008/10/22 22:48:56 | 007,672,832 | R--- | M] () -- C:\Windows\Installer\42cfb.msp
[2008/07/30 08:50:56 | 012,506,112 | R--- | M] () -- C:\Windows\Installer\42d11.msp
[2008/10/22 22:43:52 | 006,820,352 | R--- | M] () -- C:\Windows\Installer\42d27.msp
[2008/06/11 15:05:06 | 009,994,240 | R--- | M] () -- C:\Windows\Installer\42d41.msp
[2008/11/17 03:34:54 | 001,383,424 | ---- | M] () -- C:\Windows\Installer\45ac1.msi
[2008/11/17 03:39:51 | 004,409,344 | ---- | M] () -- C:\Windows\Installer\45ac6.msi
[2008/11/17 03:41:03 | 000,371,200 | ---- | M] () -- C:\Windows\Installer\45ad2.msi
[2008/11/17 03:41:04 | 000,370,176 | ---- | M] () -- C:\Windows\Installer\45ad8.msi
[2008/11/17 03:41:05 | 000,369,664 | ---- | M] () -- C:\Windows\Installer\45ade.msi
[2008/11/17 03:43:57 | 001,320,448 | ---- | M] () -- C:\Windows\Installer\45aed.msi
[2008/11/17 03:44:43 | 008,440,832 | ---- | M] () -- C:\Windows\Installer\45af2.msi
[2008/11/17 03:45:09 | 000,360,448 | ---- | M] () -- C:\Windows\Installer\45af7.msi
[2008/11/17 03:45:16 | 000,355,840 | ---- | M] () -- C:\Windows\Installer\45afc.msi
[2008/11/17 03:47:52 | 000,840,704 | ---- | M] () -- C:\Windows\Installer\45b03.msi
[2008/11/17 03:48:08 | 001,722,880 | ---- | M] () -- C:\Windows\Installer\45b0a.msi
[2008/11/17 03:48:26 | 001,778,176 | ---- | M] () -- C:\Windows\Installer\45b11.msi
[2008/11/17 03:48:58 | 001,971,200 | ---- | M] () -- C:\Windows\Installer\45b18.msi
[2008/11/17 03:49:19 | 001,765,888 | ---- | M] () -- C:\Windows\Installer\45b1f.msi
[2008/11/17 03:49:37 | 001,768,960 | ---- | M] () -- C:\Windows\Installer\45b26.msi
[2008/11/17 03:50:02 | 000,831,488 | ---- | M] () -- C:\Windows\Installer\45b2d.msi
[2008/11/17 03:54:15 | 002,203,648 | ---- | M] () -- C:\Windows\Installer\45b37.msi
[2008/11/17 03:56:08 | 000,024,576 | ---- | M] () -- C:\Windows\Installer\45b4e.msi
[2008/11/17 03:56:35 | 000,020,992 | ---- | M] () -- C:\Windows\Installer\45b54.msi
[2008/11/17 03:56:38 | 001,785,856 | ---- | M] () -- C:\Windows\Installer\45b59.msi
[2008/11/17 04:01:29 | 001,195,520 | ---- | M] () -- C:\Windows\Installer\45b5e.msi
[2011/07/07 11:02:31 | 000,024,064 | ---- | M] () -- C:\Windows\Installer\45d7fd.msi
[2010/09/23 21:02:28 | 000,798,208 | R--- | M] () -- C:\Windows\Installer\46453.msp
[2009/07/29 16:28:44 | 000,248,832 | ---- | M] () -- C:\Windows\Installer\47756.msi
[2011/09/05 12:41:58 | 000,066,048 | ---- | M] () -- C:\Windows\Installer\47b7ac.msi
[2012/01/12 19:06:49 | 003,947,520 | ---- | M] () -- C:\Windows\Installer\49943.msi
[2009/12/16 23:58:22 | 005,382,144 | R--- | M] () -- C:\Windows\Installer\4bd58.msp
[2009/02/11 00:47:54 | 000,648,192 | ---- | M] () -- C:\Windows\Installer\4c2938.msi
[2008/12/13 10:58:22 | 000,754,688 | R--- | M] () -- C:\Windows\Installer\4c2943.msp
[2009/10/16 08:09:28 | 002,518,016 | R--- | M] () -- C:\Windows\Installer\4d200.msp
[2009/11/21 00:36:14 | 005,002,752 | R--- | M] () -- C:\Windows\Installer\4d214.msp
[2009/09/09 16:40:48 | 000,632,320 | R--- | M] () -- C:\Windows\Installer\4d22a.msp
[2009/11/20 16:00:24 | 005,521,408 | R--- | M] () -- C:\Windows\Installer\4d23f.msp
[2009/03/20 11:48:56 | 000,183,808 | R--- | M] () -- C:\Windows\Installer\4d5fd.msp
[2010/10/22 14:25:02 | 005,521,408 | R--- | M] () -- C:\Windows\Installer\4e321.msp
[2010/10/01 18:42:36 | 005,054,464 | R--- | M] () -- C:\Windows\Installer\4e336.msp
[2010/10/07 19:43:04 | 001,980,416 | R--- | M] () -- C:\Windows\Installer\4e34a.msp
[2010/10/21 19:12:42 | 003,359,744 | R--- | M] () -- C:\Windows\Installer\4e365.msp
[2010/10/14 17:57:14 | 011,189,248 | R--- | M] () -- C:\Windows\Installer\4e37b.msp
[2010/09/17 07:04:16 | 009,401,856 | R--- | M] () -- C:\Windows\Installer\4e384.msp
[2009/04/04 11:14:58 | 001,094,656 | R--- | M] () -- C:\Windows\Installer\4e53a.msp
[2009/04/04 12:36:32 | 021,390,848 | R--- | M] () -- C:\Windows\Installer\4e53b.msp
[2009/04/04 18:09:34 | 015,190,016 | R--- | M] () -- C:\Windows\Installer\4e558.msp
[2009/04/04 18:08:40 | 343,058,432 | R--- | M] () -- C:\Windows\Installer\4e63f.msp
[2009/04/04 18:10:08 | 009,926,144 | R--- | M] () -- C:\Windows\Installer\4e64a.msp
[2009/04/04 18:10:16 | 007,888,384 | R--- | M] () -- C:\Windows\Installer\4e654.msp
[2009/04/04 18:10:24 | 001,282,560 | R--- | M] () -- C:\Windows\Installer\4e65c.msp
[2009/08/18 14:19:26 | 010,098,688 | R--- | M] () -- C:\Windows\Installer\4e673.msp
[2011/04/13 11:37:02 | 019,201,024 | R--- | M] () -- C:\Windows\Installer\50395.msp
[2011/03/25 09:03:44 | 005,079,552 | R--- | M] () -- C:\Windows\Installer\5039c.msp
[2011/09/15 18:37:40 | 037,148,160 | R--- | M] () -- C:\Windows\Installer\50b14.msp
[2011/09/15 18:35:54 | 001,411,072 | R--- | M] () -- C:\Windows\Installer\50b20.msp
[2011/09/15 18:37:52 | 034,428,416 | R--- | M] () -- C:\Windows\Installer\50b21.msp
[2011/09/15 18:37:28 | 016,691,712 | R--- | M] () -- C:\Windows\Installer\50b3f.msp
[2011/09/15 18:34:54 | 428,804,608 | R--- | M] () -- C:\Windows\Installer\50c92.msp
[2011/09/15 18:38:04 | 010,838,528 | R--- | M] () -- C:\Windows\Installer\50c9d.msp
[2011/09/15 18:39:22 | 011,163,136 | R--- | M] () -- C:\Windows\Installer\50ca9.msp
[2011/09/15 18:40:36 | 007,959,552 | R--- | M] () -- C:\Windows\Installer\50cb3.msp
[2011/09/15 18:37:32 | 038,176,256 | R--- | M] () -- C:\Windows\Installer\50cc3.msp
[2011/11/21 23:07:36 | 017,191,936 | R--- | M] () -- C:\Windows\Installer\50cd1.msp
[2011/05/23 14:15:48 | 003,617,792 | R--- | M] () -- C:\Windows\Installer\50da9.msp
[2011/06/21 12:01:14 | 004,991,488 | R--- | M] () -- C:\Windows\Installer\50dbd.msp
[2011/09/20 15:36:20 | 005,521,408 | R--- | M] () -- C:\Windows\Installer\516ed.msp
[2011/07/11 17:19:28 | 010,619,904 | R--- | M] () -- C:\Windows\Installer\516fa.msp
[2011/09/21 16:18:24 | 004,985,856 | R--- | M] () -- C:\Windows\Installer\5170c.msp
[2011/05/18 22:55:38 | 019,624,448 | R--- | M] () -- C:\Windows\Installer\53345.msp
[2011/04/06 22:43:30 | 123,313,664 | R--- | M] () -- C:\Windows\Installer\5335b.msp
[2009/03/05 15:40:52 | 006,819,840 | R--- | M] () -- C:\Windows\Installer\544d1.msp
[2009/02/25 19:07:14 | 011,646,464 | R--- | M] () -- C:\Windows\Installer\544da.msp
[2011/12/08 20:24:04 | 004,989,952 | R--- | M] () -- C:\Windows\Installer\564dc.msp
[2011/12/26 06:06:20 | 005,115,392 | R--- | M] () -- C:\Windows\Installer\564e4.msp
[2011/12/25 06:40:46 | 000,819,200 | R--- | M] () -- C:\Windows\Installer\564eb.msp
[2011/12/06 16:22:40 | 005,519,360 | R--- | M] () -- C:\Windows\Installer\56500.msp
[2011/06/18 14:18:39 | 000,467,456 | ---- | M] () -- C:\Windows\Installer\5672e.msi
[2011/04/29 12:33:30 | 008,173,568 | R--- | M] () -- C:\Windows\Installer\56736.msp
[2011/05/17 18:28:52 | 006,862,848 | R--- | M] () -- C:\Windows\Installer\5675e.msp
[2011/05/20 17:31:56 | 005,518,848 | R--- | M] () -- C:\Windows\Installer\56773.msp
[2011/04/27 19:51:18 | 006,825,472 | R--- | M] () -- C:\Windows\Installer\56788.msp
[2011/04/29 12:28:40 | 001,995,264 | R--- | M] () -- C:\Windows\Installer\56791.msp
[2011/05/24 16:27:26 | 000,060,928 | R--- | M] () -- C:\Windows\Installer\567bf.msp
[2011/04/29 12:31:46 | 009,006,080 | R--- | M] () -- C:\Windows\Installer\567d3.msp
[2009/10/22 13:28:50 | 005,521,408 | R--- | M] () -- C:\Windows\Installer\56c6c.msp
[2009/10/06 19:40:46 | 007,681,024 | R--- | M] () -- C:\Windows\Installer\56c81.msp
[2009/08/18 13:58:56 | 008,301,056 | R--- | M] () -- C:\Windows\Installer\56c8a.msp
[2009/10/22 13:46:32 | 006,821,888 | R--- | M] () -- C:\Windows\Installer\56c9f.msp
[2009/10/16 08:03:20 | 005,003,776 | R--- | M] () -- C:\Windows\Installer\56cc5.msp
[2010/02/04 01:59:48 | 005,031,936 | R--- | M] () -- C:\Windows\Installer\599c1.msp
[2010/02/21 02:00:02 | 008,480,768 | R--- | M] () -- C:\Windows\Installer\599ca.msp
[2010/02/04 18:24:30 | 009,122,304 | R--- | M] () -- C:\Windows\Installer\599f0.msp
[2010/01/27 18:53:46 | 006,820,864 | R--- | M] () -- C:\Windows\Installer\59a05.msp
[2010/02/04 19:11:54 | 005,526,528 | R--- | M] () -- C:\Windows\Installer\59a1a.msp
[2011/03/16 10:28:47 | 000,988,160 | ---- | M] () -- C:\Windows\Installer\59ee0.msi
[2010/12/21 14:06:38 | 011,570,688 | R--- | M] () -- C:\Windows\Installer\5aaa8.msp
[2010/12/17 01:17:02 | 003,362,304 | R--- | M] () -- C:\Windows\Installer\5aabc.msp
[2012/03/28 18:10:04 | 012,098,048 | R--- | M] () -- C:\Windows\Installer\5ad62.msp
[2012/03/22 13:09:58 | 005,521,920 | R--- | M] () -- C:\Windows\Installer\5ad77.msp
[2012/01/22 10:09:26 | 001,700,352 | R--- | M] () -- C:\Windows\Installer\5ad7f.msp
[2011/11/01 13:34:26 | 001,169,920 | R--- | M] () -- C:\Windows\Installer\5ad92.msp
[2012/03/23 14:59:02 | 007,899,648 | R--- | M] () -- C:\Windows\Installer\5ada5.msp
[2012/02/22 15:17:30 | 002,221,568 | R--- | M] () -- C:\Windows\Installer\5adb4.msp
[2012/03/27 00:28:54 | 005,009,920 | R--- | M] () -- C:\Windows\Installer\5adc7.msp
[2011/11/11 17:16:20 | 008,458,240 | R--- | M] () -- C:\Windows\Installer\5ae20.msp
[2011/11/11 17:15:00 | 001,795,584 | R--- | M] () -- C:\Windows\Installer\5ae46.msp
[2011/11/17 11:55:20 | 005,522,944 | R--- | M] () -- C:\Windows\Installer\5ae5b.msp
[2011/11/01 14:34:30 | 002,531,840 | R--- | M] () -- C:\Windows\Installer\5ae64.msp
[2011/10/31 13:37:46 | 004,146,688 | R--- | M] () -- C:\Windows\Installer\5ae92.msp
[2011/11/01 14:34:58 | 004,225,536 | R--- | M] () -- C:\Windows\Installer\5aeab.msp
[2011/11/11 17:14:40 | 009,096,192 | R--- | M] () -- C:\Windows\Installer\5aebf.msp
[2011/10/30 00:10:18 | 006,824,960 | R--- | M] () -- C:\Windows\Installer\5aed4.msp
[2011/11/01 14:34:28 | 002,247,168 | R--- | M] () -- C:\Windows\Installer\5aee8.msp
[2011/11/01 14:34:56 | 004,250,112 | R--- | M] () -- C:\Windows\Installer\5af05.msp
[2011/11/01 14:34:30 | 001,552,384 | R--- | M] () -- C:\Windows\Installer\5af0e.msp
[2011/07/27 07:39:50 | 009,892,352 | R--- | M] () -- C:\Windows\Installer\5b503.msp
[2011/07/27 07:37:28 | 011,592,192 | R--- | M] () -- C:\Windows\Installer\5b537.msp
[2011/09/06 21:48:02 | 008,181,248 | R--- | M] () -- C:\Windows\Installer\5b540.msp
[2011/07/21 12:34:34 | 003,456,000 | R--- | M] () -- C:\Windows\Installer\5b55e.msp
[2011/08/10 17:42:04 | 007,070,208 | R--- | M] () -- C:\Windows\Installer\5b566.msp
[2011/08/24 06:37:22 | 004,985,856 | R--- | M] () -- C:\Windows\Installer\5b58c.msp
[2011/09/06 21:46:22 | 009,006,080 | R--- | M] () -- C:\Windows\Installer\5b5a0.msp
[2011/08/16 12:35:02 | 005,519,872 | R--- | M] () -- C:\Windows\Installer\5b5b5.msp
[2011/07/26 08:17:10 | 006,824,960 | R--- | M] () -- C:\Windows\Installer\5b5ca.msp
[2011/07/26 16:33:48 | 010,984,448 | R--- | M] () -- C:\Windows\Installer\5b5e0.msp
[2011/08/10 17:43:30 | 003,795,968 | R--- | M] () -- C:\Windows\Installer\5b5e9.msp
[2011/04/29 12:30:12 | 001,197,056 | R--- | M] () -- C:\Windows\Installer\5bdc9.msp
[2011/04/29 13:04:54 | 005,053,440 | R--- | M] () -- C:\Windows\Installer\5bde5.msp
[2011/04/27 11:14:04 | 005,520,384 | R--- | M] () -- C:\Windows\Installer\5bdfa.msp
[2011/04/28 05:42:32 | 004,990,976 | R--- | M] () -- C:\Windows\Installer\5be0e.msp
[2011/04/29 12:27:04 | 004,158,464 | R--- | M] () -- C:\Windows\Installer\5be22.msp
[2011/04/22 19:41:34 | 011,507,712 | R--- | M] () -- C:\Windows\Installer\5be3a.msp
[2011/02/22 11:32:12 | 005,520,384 | R--- | M] () -- C:\Windows\Installer\5c2a6.msp
[2011/02/16 14:54:08 | 004,992,000 | R--- | M] () -- C:\Windows\Installer\5c2ba.msp
[2011/07/02 09:33:39 | 000,019,968 | ---- | M] () -- C:\Windows\Installer\5c4ba.msi
[2009/04/24 12:38:18 | 001,229,312 | R--- | M] () -- C:\Windows\Installer\5cb9f.msp
[2009/04/24 12:31:18 | 001,425,920 | R--- | M] () -- C:\Windows\Installer\5cbaa.msp
[2009/05/01 15:49:44 | 004,328,960 | R--- | M] () -- C:\Windows\Installer\5cbc8.msp
[2010/01/19 19:29:16 | 005,050,368 | R--- | M] () -- C:\Windows\Installer\5ce69.msp
[2010/01/14 22:26:08 | 005,027,840 | R--- | M] () -- C:\Windows\Installer\5ce7d.msp
[2010/01/19 18:51:12 | 005,524,480 | R--- | M] () -- C:\Windows\Installer\5ce92.msp
[2009/04/23 17:57:12 | 007,672,832 | R--- | M] () -- C:\Windows\Installer\5e257.msp
[2009/05/28 12:32:54 | 005,518,848 | R--- | M] () -- C:\Windows\Installer\5e26d.msp
[2009/04/24 12:30:16 | 002,583,552 | R--- | M] () -- C:\Windows\Installer\5e278.msp
[2009/05/12 13:01:38 | 006,818,816 | R--- | M] () -- C:\Windows\Installer\5e28e.msp
[2009/05/04 07:46:14 | 008,299,008 | R--- | M] () -- C:\Windows\Installer\5e298.msp
[2009/02/12 12:58:48 | 000,549,888 | R--- | M] () -- C:\Windows\Installer\5e2ab.msp
[2011/07/26 13:50:18 | 005,522,432 | R--- | M] () -- C:\Windows\Installer\5e487.msp
[2011/04/28 10:54:26 | 002,720,768 | R--- | M] () -- C:\Windows\Installer\5e494.msp
[2011/07/27 07:42:04 | 004,985,856 | R--- | M] () -- C:\Windows\Installer\5e4a7.msp
[2012/04/22 22:37:42 | 001,182,720 | R--- | M] () -- C:\Windows\Installer\60295.msp
[2012/03/15 13:43:28 | 004,216,320 | R--- | M] () -- C:\Windows\Installer\6029c.msp
[2012/05/30 07:17:06 | 005,010,432 | R--- | M] () -- C:\Windows\Installer\602af.msp
[2012/01/25 15:55:08 | 005,520,384 | R--- | M] () -- C:\Windows\Installer\6280c.msp
[2012/02/03 16:13:48 | 004,988,928 | R--- | M] () -- C:\Windows\Installer\62820.msp
[2011/10/26 16:38:54 | 002,830,848 | R--- | M] () -- C:\Windows\Installer\62828.msp
[2009/01/10 17:29:06 | 000,616,448 | ---- | M] () -- C:\Windows\Installer\629a1a.msi
[2009/01/10 17:29:11 | 000,243,712 | ---- | M] () -- C:\Windows\Installer\629a20.msi
[2009/01/10 17:29:44 | 000,303,616 | ---- | M] () -- C:\Windows\Installer\629a56.msi
[2009/01/10 17:29:51 | 000,121,344 | ---- | M] () -- C:\Windows\Installer\629a5c.msi
[2009/01/10 17:30:16 | 000,400,896 | ---- | M] () -- C:\Windows\Installer\629a79.msi
[2009/01/10 17:30:35 | 000,121,344 | ---- | M] () -- C:\Windows\Installer\629a8c.msi
[2009/01/10 17:30:55 | 000,121,344 | ---- | M] () -- C:\Windows\Installer\629aa8.msi
[2009/01/10 17:31:33 | 001,574,912 | ---- | M] () -- C:\Windows\Installer\629aba.msi
[2009/01/10 17:31:38 | 000,121,344 | ---- | M] () -- C:\Windows\Installer\629ac0.msi
[2009/01/10 17:32:20 | 003,530,240 | ---- | M] () -- C:\Windows\Installer\629ad7.msi
[2009/01/10 17:32:39 | 000,229,376 | ---- | M] () -- C:\Windows\Installer\629add.msi
[2009/01/10 17:32:42 | 000,228,352 | ---- | M] () -- C:\Windows\Installer\629ae3.msi
[2009/01/10 17:32:45 | 000,285,184 | ---- | M] () -- C:\Windows\Installer\629ae9.msi
[2010/07/23 01:04:08 | 011,395,072 | R--- | M] () -- C:\Windows\Installer\63106.msp
[2010/08/25 17:06:30 | 006,479,360 | R--- | M] () -- C:\Windows\Installer\6311c.msp
[2010/08/19 17:57:46 | 003,395,584 | R--- | M] () -- C:\Windows\Installer\63130.msp
[2010/08/20 13:50:16 | 005,518,848 | R--- | M] () -- C:\Windows\Installer\63145.msp
[2010/08/04 15:13:04 | 000,686,080 | R--- | M] () -- C:\Windows\Installer\63159.msp
[2010/08/05 10:57:58 | 004,066,304 | R--- | M] () -- C:\Windows\Installer\6316e.msp
[2011/01/11 18:52:58 | 003,360,768 | R--- | M] () -- C:\Windows\Installer\6409a.msp
[2011/01/17 17:06:20 | 005,518,848 | R--- | M] () -- C:\Windows\Installer\640af.msp
[2010/03/30 12:34:48 | 003,826,688 | R--- | M] () -- C:\Windows\Installer\65323.msp
[2010/05/03 16:06:36 | 005,053,952 | R--- | M] () -- C:\Windows\Installer\65338.msp
[2010/04/24 17:10:46 | 008,486,400 | R--- | M] () -- C:\Windows\Installer\65341.msp
[2010/04/24 17:07:04 | 010,118,144 | R--- | M] () -- C:\Windows\Installer\65368.msp
[2010/05/18 23:35:24 | 005,023,744 | R--- | M] () -- C:\Windows\Installer\6537c.msp
[2010/04/24 17:05:14 | 004,199,424 | R--- | M] () -- C:\Windows\Installer\65390.msp
[2010/04/24 17:07:58 | 004,667,392 | R--- | M] () -- C:\Windows\Installer\653a4.msp
[2010/03/24 18:54:54 | 002,516,992 | R--- | M] () -- C:\Windows\Installer\653b8.msp
[2010/05/10 17:17:22 | 005,520,896 | R--- | M] () -- C:\Windows\Installer\653cd.msp
[2010/05/04 22:25:30 | 007,681,024 | R--- | M] () -- C:\Windows\Installer\653e2.msp
[2010/05/03 16:11:42 | 004,149,760 | R--- | M] () -- C:\Windows\Installer\653f7.msp
[2010/04/24 17:08:48 | 009,129,984 | R--- | M] () -- C:\Windows\Installer\6540b.msp
[2010/04/24 17:09:46 | 011,750,912 | R--- | M] () -- C:\Windows\Installer\65414.msp
[2010/05/03 16:27:52 | 006,825,472 | R--- | M] () -- C:\Windows\Installer\65463.msp
[2010/05/11 11:30:58 | 011,194,880 | R--- | M] () -- C:\Windows\Installer\65479.msp
[2010/04/09 15:21:24 | 005,025,792 | R--- | M] () -- C:\Windows\Installer\65939.msp
[2009/10/16 07:08:48 | 002,237,952 | R--- | M] () -- C:\Windows\Installer\6594d.msp
[2010/04/21 17:46:50 | 005,522,432 | R--- | M] () -- C:\Windows\Installer\65962.msp
[2009/10/16 18:07:18 | 006,115,328 | R--- | M] () -- C:\Windows\Installer\65977.msp
[2009/06/30 11:30:08 | 005,520,384 | R--- | M] () -- C:\Windows\Installer\66829.msp
[2010/05/20 19:58:28 | 012,114,432 | R--- | M] () -- C:\Windows\Installer\67069.msp
[2010/06/11 11:03:22 | 005,021,184 | R--- | M] () -- C:\Windows\Installer\6707d.msp
[2010/06/30 22:52:28 | 005,522,944 | R--- | M] () -- C:\Windows\Installer\67092.msp
[2010/05/20 19:57:12 | 005,907,456 | R--- | M] () -- C:\Windows\Installer\670af.msp
[2010/05/20 19:57:18 | 004,989,952 | R--- | M] () -- C:\Windows\Installer\670b0.msp
[2010/06/11 17:55:00 | 001,827,328 | R--- | M] () -- C:\Windows\Installer\670c7.msp
[2010/06/11 17:52:10 | 045,542,912 | R--- | M] () -- C:\Windows\Installer\670c8.msp
[2010/05/25 11:45:58 | 008,445,440 | R--- | M] () -- C:\Windows\Installer\670dd.msp
[2012/02/29 23:45:14 | 004,989,440 | R--- | M] () -- C:\Windows\Installer\679a4.msp
[2012/03/05 21:34:06 | 005,519,872 | R--- | M] () -- C:\Windows\Installer\679b9.msp
[2011/02/24 15:15:46 | 011,551,232 | R--- | M] () -- C:\Windows\Installer\71646.msp
[2010/11/20 23:33:46 | 001,980,928 | R--- | M] () -- C:\Windows\Installer\7165a.msp
[2011/01/11 17:50:38 | 008,177,152 | R--- | M] () -- C:\Windows\Installer\7166a.msp
[2011/03/03 11:25:14 | 005,051,904 | R--- | M] () -- C:\Windows\Installer\71691.msp
[2011/03/17 20:01:58 | 009,563,648 | R--- | M] () -- C:\Windows\Installer\7169a.msp
[2011/02/11 08:43:44 | 010,951,168 | R--- | M] () -- C:\Windows\Installer\716c1.msp
[2010/11/20 23:34:34 | 001,198,080 | R--- | M] () -- C:\Windows\Installer\716c9.msp
[2010/11/20 23:32:52 | 004,165,120 | R--- | M] () -- C:\Windows\Installer\716e5.msp
[2011/04/05 12:52:16 | 005,519,872 | R--- | M] () -- C:\Windows\Installer\716fa.msp
[2011/02/24 09:38:52 | 010,984,448 | R--- | M] () -- C:\Windows\Installer\71710.msp
[2011/03/17 20:00:20 | 000,090,624 | R--- | M] () -- C:\Windows\Installer\71718.msp
[2011/01/11 17:49:20 | 009,003,008 | R--- | M] () -- C:\Windows\Installer\7172c.msp
[2011/01/27 14:49:14 | 006,825,472 | R--- | M] () -- C:\Windows\Installer\71741.msp
[2011/03/17 20:05:24 | 004,989,440 | R--- | M] () -- C:\Windows\Installer\71755.msp
[2009/07/01 13:21:28 | 008,891,904 | R--- | M] () -- C:\Windows\Installer\74772.msp
[2009/07/01 13:19:52 | 010,607,104 | R--- | M] () -- C:\Windows\Installer\74773.msp
[2009/08/05 02:11:20 | 005,518,848 | R--- | M] () -- C:\Windows\Installer\74789.msp
[2012/06/29 14:33:46 | 006,063,616 | R--- | M] () -- C:\Windows\Installer\74aba.msp
[2012/04/04 22:37:40 | 002,540,544 | R--- | M] () -- C:\Windows\Installer\74ace.msp
[2012/06/19 12:54:42 | 005,009,920 | R--- | M] () -- C:\Windows\Installer\74ae2.msp
[2012/06/19 12:54:40 | 002,239,488 | R--- | M] () -- C:\Windows\Installer\74af5.msp
[2012/05/27 17:29:28 | 000,900,608 | ---- | M] () -- C:\Windows\Installer\74afe.msi
[2012/05/30 07:18:24 | 001,739,264 | R--- | M] () -- C:\Windows\Installer\74aff.msp
[2012/05/27 17:30:55 | 000,203,776 | ---- | M] () -- C:\Windows\Installer\74b0e.msi
[2012/05/30 07:18:08 | 011,885,056 | R--- | M] () -- C:\Windows\Installer\74b2c.msp
[2009/07/06 22:08:48 | 000,314,368 | ---- | M] () -- C:\Windows\Installer\7650d5.msi
[2009/07/06 22:09:09 | 000,943,104 | ---- | M] () -- C:\Windows\Installer\7650f0.msi
[2009/07/06 22:09:18 | 000,311,296 | ---- | M] () -- C:\Windows\Installer\7650f6.msi
[2009/07/06 22:09:28 | 000,519,680 | ---- | M] () -- C:\Windows\Installer\765105.msi
[2009/07/06 22:09:32 | 000,303,616 | ---- | M] () -- C:\Windows\Installer\76510f.msi
[2009/07/06 22:09:39 | 000,326,144 | ---- | M] () -- C:\Windows\Installer\76511c.msi
[2009/07/06 22:09:45 | 000,501,760 | ---- | M] () -- C:\Windows\Installer\765129.msi
[2009/07/06 22:09:56 | 000,433,664 | ---- | M] () -- C:\Windows\Installer\76514d.msi
[2009/07/06 22:09:59 | 000,306,688 | ---- | M] () -- C:\Windows\Installer\765157.msi
[2009/07/06 22:10:21 | 000,596,480 | ---- | M] () -- C:\Windows\Installer\765166.msi
[2009/07/06 22:10:41 | 000,550,912 | ---- | M] () -- C:\Windows\Installer\76517c.msi
[2009/07/06 22:11:00 | 000,616,960 | ---- | M] () -- C:\Windows\Installer\765199.msi
[2009/07/06 22:11:07 | 000,444,416 | ---- | M] () -- C:\Windows\Installer\7651a6.msi
[2009/07/06 22:11:32 | 000,641,024 | ---- | M] () -- C:\Windows\Installer\765200.msi
[2009/07/06 22:11:54 | 000,603,136 | ---- | M] () -- C:\Windows\Installer\765240.msi
[2009/07/06 22:12:18 | 000,534,016 | ---- | M] () -- C:\Windows\Installer\76524b.msi
[2009/07/06 22:13:24 | 000,344,576 | ---- | M] () -- C:\Windows\Installer\765384.msi
[2009/07/06 22:13:46 | 000,373,248 | ---- | M] () -- C:\Windows\Installer\7653ac.msi
[2009/07/06 22:15:52 | 000,194,048 | ---- | M] () -- C:\Windows\Installer\765469.msi
[2009/07/06 22:16:19 | 000,753,152 | ---- | M] () -- C:\Windows\Installer\76546f.msi
[2009/07/06 22:16:36 | 000,337,920 | ---- | M] () -- C:\Windows\Installer\765475.msi
[2009/07/06 22:16:40 | 000,465,920 | ---- | M] () -- C:\Windows\Installer\76547c.msi
[2010/10/08 23:07:04 | 011,559,424 | R--- | M] () -- C:\Windows\Installer\7b0f2.msp
[2010/10/01 22:53:12 | 004,147,712 | R--- | M] () -- C:\Windows\Installer\7b107.msp
[2010/07/23 02:03:24 | 000,338,432 | R--- | M] () -- C:\Windows\Installer\7b11b.msp
[2010/12/06 16:02:34 | 005,518,848 | R--- | M] () -- C:\Windows\Installer\7b130.msp
[2010/11/12 12:08:30 | 000,889,344 | R--- | M] () -- C:\Windows\Installer\7b145.msp
[2010/11/21 00:35:20 | 003,359,744 | R--- | M] () -- C:\Windows\Installer\7b159.msp
[2010/11/24 11:51:00 | 002,190,336 | R--- | M] () -- C:\Windows\Installer\7b16a.msp
[2010/10/21 19:10:00 | 003,995,136 | R--- | M] () -- C:\Windows\Installer\7b181.msp
[2010/10/22 16:45:16 | 008,444,928 | R--- | M] () -- C:\Windows\Installer\7b196.msp
[2012/04/17 12:11:06 | 007,681,024 | R--- | M] () -- C:\Windows\Installer\7ce2a.msp
[2012/02/17 08:45:24 | 002,299,392 | R--- | M] () -- C:\Windows\Installer\7ce3d.msp
[2012/04/28 21:43:58 | 008,459,264 | R--- | M] () -- C:\Windows\Installer\7ce46.msp
[2012/04/27 15:09:22 | 005,521,408 | R--- | M] () -- C:\Windows\Installer\7ce6d.msp
[2012/03/15 02:24:28 | 001,795,584 | R--- | M] () -- C:\Windows\Installer\7ce81.msp
[2012/03/19 22:02:30 | 006,695,936 | R--- | M] () -- C:\Windows\Installer\7ce97.msp
[2012/04/09 16:50:24 | 006,829,568 | R--- | M] () -- C:\Windows\Installer\7ceac.msp
[2011/12/15 13:40:40 | 023,374,336 | R--- | M] () -- C:\Windows\Installer\7cec1.msp
[2012/04/04 22:38:16 | 003,620,864 | R--- | M] () -- C:\Windows\Installer\7cec9.msp
[2012/04/30 14:38:28 | 005,011,456 | R--- | M] () -- C:\Windows\Installer\7cef6.msp
[2012/04/28 21:44:02 | 009,586,176 | R--- | M] () -- C:\Windows\Installer\7cf0b.msp
[2012/01/19 13:37:24 | 008,999,936 | R--- | M] () -- C:\Windows\Installer\7cf16.msp
[2011/12/22 16:50:54 | 000,256,000 | R--- | M] () -- C:\Windows\Installer\7cf1d.msp
[2012/04/28 21:44:02 | 009,101,824 | R--- | M] () -- C:\Windows\Installer\7cf31.msp
[2012/04/04 22:38:44 | 002,831,360 | R--- | M] () -- C:\Windows\Installer\7cf3a.msp
[2009/07/06 20:09:46 | 000,384,000 | ---- | M] () -- C:\Windows\Installer\92598.msi
[2009/07/06 20:10:41 | 000,855,040 | ---- | M] () -- C:\Windows\Installer\92697.msi
[2012/03/27 11:47:55 | 004,959,232 | R--- | M] () -- C:\Windows\Installer\92b97.msp
[2008/12/28 21:36:27 | 005,922,816 | ---- | M] () -- C:\Windows\Installer\a7084.msi
[2012/07/16 22:19:14 | 000,022,016 | ---- | M] () -- C:\Windows\Installer\a880a.msi
[2011/04/27 23:27:46 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\Installer\atl80.dll
[2009/11/08 20:48:42 | 002,397,184 | ---- | M] () -- C:\Windows\Installer\d738e.msi
[2009/11/08 20:48:54 | 000,501,248 | ---- | M] () -- C:\Windows\Installer\d7394.msi
[2009/11/08 20:49:01 | 001,652,736 | ---- | M] () -- C:\Windows\Installer\d739a.msi
[2009/11/08 20:49:06 | 000,501,248 | ---- | M] () -- C:\Windows\Installer\d73a0.msi
[2009/11/08 20:49:12 | 001,713,152 | ---- | M] () -- C:\Windows\Installer\d73a6.msi
[2009/11/08 20:49:23 | 002,022,912 | ---- | M] () -- C:\Windows\Installer\d73ad.msi
[2009/11/08 20:49:29 | 001,640,960 | ---- | M] () -- C:\Windows\Installer\d73b3.msi
[2009/11/08 20:49:37 | 000,513,024 | ---- | M] () -- C:\Windows\Installer\d73b9.msi
[2009/11/08 20:49:43 | 000,516,608 | ---- | M] () -- C:\Windows\Installer\d73c0.msi
[2009/11/08 20:49:51 | 000,506,880 | ---- | M] () -- C:\Windows\Installer\d73c8.msi
[2009/11/08 20:49:57 | 000,501,248 | ---- | M] () -- C:\Windows\Installer\d73ce.msi
[2009/11/08 20:50:07 | 001,652,736 | ---- | M] () -- C:\Windows\Installer\d73d4.msi
[2009/11/08 20:50:20 | 001,652,736 | ---- | M] () -- C:\Windows\Installer\d73da.msi
[2009/11/08 20:59:52 | 012,836,352 | ---- | M] () -- C:\Windows\Installer\d7cf6.msi
[2011/07/09 13:01:01 | 001,769,984 | ---- | M] () -- C:\Windows\Installer\da959.msi
[2009/04/04 07:35:30 | 038,325,760 | R--- | M] () -- C:\Windows\Installer\df9b9.msp
[2009/04/04 07:35:48 | 036,977,152 | R--- | M] () -- C:\Windows\Installer\df9c4.msp
[2011/04/27 23:27:48 | 000,159,168 | ---- | M] () -- C:\Windows\Installer\libexpat.dll
[2011/04/27 23:27:48 | 001,101,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\Installer\mfc80.dll
[2011/04/27 23:27:48 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\Installer\mfc80u.dll
[2011/04/27 23:27:48 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Installer\mfcm80.dll
[2011/04/27 23:27:48 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Installer\mfcm80u.dll
[2011/04/27 23:28:02 | 000,000,456 | ---- | M] () -- C:\Windows\Installer\Microsoft.VC80.ATL.manifest
[2011/04/27 23:28:02 | 000,001,869 | ---- | M] () -- C:\Windows\Installer\Microsoft.VC80.CRT.manifest
[2011/04/27 23:28:02 | 000,002,371 | ---- | M] () -- C:\Windows\Installer\Microsoft.VC80.MFC.manifest
[2011/04/27 23:28:02 | 000,001,240 | ---- | M] () -- C:\Windows\Installer\Microsoft.VC80.MFCLOC.manifest
[2011/04/27 23:27:48 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\Installer\msvcm80.dll
[2011/04/27 23:27:48 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Installer\msvcp80.dll
[2011/04/27 23:27:48 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\Installer\msvcr80.dll
[2011/04/27 23:27:49 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\Installer\nlsdl.dll
[2011/04/27 23:28:02 | 000,217,088 | ---- | M] (Trend Micro Inc.) -- C:\Windows\Installer\tismsi.dll.mui
[2011/04/27 23:27:54 | 000,126,208 | ---- | M] (Trend Micro Inc.) -- C:\Windows\Installer\TmDbg32.dll
[2010/04/02 17:36:54 | 000,006,268 | ---- | M] () -- C:\Windows\Installer\TmInstall.log
[2010/12/25 19:03:48 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{308B6AEA-DE50-4666-996D-0FA461719D6B}.SchedServiceConfig.rmi
[2012/06/15 14:33:09 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{3C3901C5-3455-3E0A-A214-0B093A5070A6}.SchedServiceConfig.rmi
[2011/11/21 13:25:40 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{8153ED9A-C94A-426E-9880-5E6775C08B62}.SchedServiceConfig.rmi
[2012/06/12 23:22:43 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}.SchedServiceConfig.rmi
[2011/10/20 20:11:32 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}.SchedServiceConfig.rmi
[2011/06/13 18:24:19 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{C23CD6DA-1958-43A5-ADD0-59396572E02E}.SchedServiceConfig.rmi
[2012/03/13 23:31:49 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}.SchedServiceConfig.rmi
[27 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %windir%\system32\tasks\*.* >
[2012/07/13 10:23:16 | 000,003,682 | ---- | M] () -- C:\Windows\system32\tasks\Adobe Flash Player Updater
[2012/07/16 01:14:15 | 000,003,628 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore
[2012/07/16 01:14:16 | 000,003,880 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA
[2012/07/15 17:41:11 | 000,003,396 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2757528240-973861508-1219799131-1000Core
[2012/07/15 17:41:11 | 000,003,792 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2757528240-973861508-1219799131-1000UA
[2012/07/23 19:54:27 | 000,003,698 | ---- | M] () -- C:\Windows\system32\tasks\User_Feed_Synchronization-{D4A6BF90-EA20-48B1-AC2E-CD728727AAC4}
[2009/01/10 17:09:30 | 000,002,950 | ---- | M] () -- C:\Windows\system32\tasks\{8482ACDE-B256-4BD9-A0C3-4B9A064F41D7}

< %windir%\system32\tasks\*.* /64 >
[2012/07/13 10:23:16 | 000,003,682 | ---- | M] () -- C:\Windows\system32\tasks\Adobe Flash Player Updater
[2012/07/16 01:14:15 | 000,003,628 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore
[2012/07/16 01:14:16 | 000,003,880 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA
[2012/07/15 17:41:11 | 000,003,396 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2757528240-973861508-1219799131-1000Core
[2012/07/15 17:41:11 | 000,003,792 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2757528240-973861508-1219799131-1000UA
[2012/07/23 19:54:27 | 000,003,698 | ---- | M] () -- C:\Windows\system32\tasks\User_Feed_Synchronization-{D4A6BF90-EA20-48B1-AC2E-CD728727AAC4}
[2009/01/10 17:09:30 | 000,002,950 | ---- | M] () -- C:\Windows\system32\tasks\{8482ACDE-B256-4BD9-A0C3-4B9A064F41D7}

< %systemroot%\Fonts\*.exe >

< %systemroot%\*. /mp /s >

< MD5 for: EXPLORER.EXE >
[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\erdnt\cache\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 22:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: IEUNATT.EXE >
[2008/11/17 05:10:44 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=101D83B0C29913E5550EC514605CD4EA -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20823_none_2df2c11a360310b0\ieUn att.exe
[2012/06/02 04:13:11 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1FEDCD8440973D58865329729B7522FB -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_9.1.8112.20553_none_efc068947116ed26\ieUn att.exe
[2009/01/14 22:05:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2183514B575A2BFC2D53655AE7995E73 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_2daa146a36391d73\ieUn att.exe
[2009/04/24 09:46:34 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=250FB12AA27B3923DC01F41667E2D8A2 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_2fe8d4ea331cfeb1\ieUn att.exe
[2012/05/17 18:14:29 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=258C51D9814FF238C0D8F93A22316D5E -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_9.1.8112.20551_none_efbe68007118ba78\ieUn att.exe
[2009/04/24 09:44:28 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=277FAE57D5D7CF2633D90EC844C92AC9 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_2f3ec6751a17b593\ieUn att.exe
[2009/03/02 22:28:19 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=29B31499057165635B8E7FB80F281A82 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18226_none_2f5265b91a094b03\ieUn att.exe
[2009/03/02 22:15:41 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2BB645D8AEE27FA4CA2A3598CB213B9F -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22389_none_2f9e23da3354de78\ieUn att.exe
[2010/02/23 00:55:36 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=2C4A41BCE5967DB09BC59F742CFAE108 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_124f26c32fc81e22\ieUn att.exe
[2011/02/22 01:36:53 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=31767C10ED5480C55859B69E333D50B0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23143_none_12ac5bb64907479b\ieUn att.exe
[2009/03/08 07:33:15 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=3DB5229AFC5A08587BEDECDBEA9601E3 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\ieUn att.exe
[2011/05/12 17:20:07 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=46418F422DA88859AECE4C0A1AEB752B -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_9.1.8112.16421_none_ef553af957e2c6db\ieUn att.exe
[2010/01/02 09:14:06 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=555E4E212BE76CF4B71CB5B270962D06 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22973_none_128c11ea491f6b05\ieUn att.exe
[2010/05/04 00:59:17 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=5EEC083DF8775B4F31469847A25933DA -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_12d2cb5048e98eab\ieUn att.exe
[2009/08/27 07:44:45 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=5F8122391705E1527316B73655E5823E -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_12d1f2e448ea4212\ieUn att.exe
[2010/12/18 00:48:39 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=651DC7BE8EF26955F3C6FE13D8F6DCAD -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19019_none_1249306b2fcbec08\ieUn att.exe
[2010/02/23 09:26:03 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=66F41D9C6C76430C8FA60CFA35A1EBF1 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_127872a6492dd595\ieUn att.exe
[2008/11/17 05:07:56 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=6731D66EC86F0FF61891EE447C278E79 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20868_none_2dcc82dc361eff27\ieUn att.exe
[2010/12/18 01:38:10 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=683DAAB7F02A17EF525AD41FD9B06563 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23111_none_12cacae648f0c11a\ieUn att.exe
[2009/08/26 23:42:29 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=6D24C843A385B12865A21F44E43CD52F -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_123d862d2fd4be39\ieUn att.exe
[2010/06/26 00:25:02 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=6DFDC9A4FF3F3C6F428FB2D7697604A0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18943_none_1222e6c92fe9748f\ieUn att.exe
[2011/02/22 00:43:54 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=74385BD5A00BB348D34155E442040B58 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19048_none_1227c05d2fe52684\ieUn att.exe
[2009/11/21 00:59:58 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=7AB726053527BE76992348290CA5DD9C -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18865_none_120f459f2ff7e1f8\ieUn att.exe
[2010/09/08 00:43:05 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=7BF6D2E7A63F2572D78FB2A0B239C39F -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23067_none_129abb204913e7b2\ieUn att.exe
[2008/11/17 05:07:56 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=8E1B1BE3E2D0B269BA7732500A6E60DB -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16711_none_2d71f3a71cdf2247\ieUn att.exe
[2008/10/15 22:13:16 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=90C485F29AE499466FA9991F4C8FD742 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20937_none_2debf43c36078f24\ieUn att.exe
[2012/06/02 04:20:33 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=94532D14FC8F02A119BA9F9DDD5A12DA -- C:\Windows\System32\ieUnatt.exe
[2012/06/02 04:20:33 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=94532D14FC8F02A119BA9F9DDD5A12DA -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_9.1.8112.16447_none_ef459cdd57ed96c7\ieUn att.exe
[2008/11/17 05:10:44 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=9E17B707CA096D35E1F768DC6B7612F8 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16681_none_2d26424d1d17e8b7\ieUn att.exe
[2010/01/02 00:57:00 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=9E6B93014B76C47014EAA53E4C56CCDA -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18882_none_11f6a4e9300acdd5\ieUn att.exe
[2009/07/21 16:13:58 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=A36A463F070A40A97F68270DE81C87E0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_124354a72fd12395\ieUn att.exe
[2008/11/17 05:11:40 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=A3BB0FF7307103AF5BB40BA039CC9B98 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20777_none_2dc0b0c03628049a\ieUn att.exe
[2010/06/26 01:13:23 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=A57AB9400754D3B165BBED1EEA6DC785 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23040_none_12a958f24909fe6f\ieUn att.exe
[2009/03/02 22:08:45 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=ABE8BFE0C61EC45251EEE8FD7237C786 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16830_none_2d5b556b1cf03df9\ieUn att.exe
[2009/04/24 09:53:27 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=ACFD1DE3215D2F3283582EB3D9CBBEBE -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_2d46b5dd1cff8f32\ieUn att.exe
[2010/11/02 00:26:10 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=B4D71294FF6398C49FA37D4A041E4048 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18999_none_11f2d8e9300c984e\ieUn att.exe
[2010/09/08 00:26:46 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=B9A22EF249CA2E22D6D4EDB7806B10C4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18975_none_120477992ffffb10\ieUn att.exe
[2009/07/22 00:27:43 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=C70BF28D01DA330F1488E713B98AC008 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_12d7c15e48e6a76e\ieUn att.exe
[2009/04/24 09:42:35 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=D5C541E0E9B3518DDFD42230C019901E -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_2ddffc283610c500\ieUn att.exe
[2010/11/02 01:27:02 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=DE0D7548BA991B91C016EE164E8BB029 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23091_none_127449a04931a37b\ieUn att.exe
[2009/03/02 22:06:53 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E10840338B8131052F85A82A840A38EA -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21023_none_2df29b2236034119\ieUn att.exe
[2009/11/21 09:06:55 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=E4B6B402A10201E6F03D6A92DAD62E74 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22956_none_12a4b2a0490c7f28\ieUn att.exe
[2008/11/17 05:11:40 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=F276296AF84BDC7702540C3603F33889 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16643_none_2d5382911cf5aba1\ieUn att.exe
[2010/05/04 00:31:05 | 000,133,632 | ---- | M] (Microsoft Corporation) MD5=F2DEB243A13753050A5089FE843C2C6D -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_123d88132fd4bb60\ieUn att.exe
[2006/11/02 05:45:13 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=F6550BC32A0A53CED2A639F5210D6325 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_2f62000919fe80c9\ieUn att.exe
[2006/11/02 05:45:13 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=F6550BC32A0A53CED2A639F5210D6325 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_314d791517204c15\ieUn att.exe
[2009/01/15 00:15:30 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=F9167E7F34AEBB394018B6F0AFB54068 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_2d84c7c91ccfce35\ieUn att.exe
[2012/05/17 18:29:45 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=FD62A333C71E8B868611F487420F0A5D -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_9.1.8112.16446_none_ef449c9357ee7d70\ieUn att.exe
[2008/10/16 00:40:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=FDE75080404BB8E57DDF6DFDC2A3284D -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16764_none_2d3ee4e91d04fa01\ieUn att.exe

< MD5 for: REGEDIT.EXE >
[2008/01/20 22:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\erdnt\cache\regedit.exe
[2008/01/20 22:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008/01/20 22:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe

< MD5 for: SVCHOST.EXE >
[2008/01/20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\erdnt\cache\svchost.exe
[2008/01/20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\erdnt\cache\userinit.exe
[2008/01/20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\erdnt\cache\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/01/20 22:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< C:\Windows\assembly\tmp\U\*.* /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.0.6002
Copyright (C) 1999-2007 Microsoft Corporation.
On computer: CAROLLAPTOP
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 E DVD-ROM 0 B No Media
Volume 1 D RECOVERY NTFS Partition 10 GB Healthy
Volume 2 C OS NTFS Partition 288 GB Healthy System
Volume 3 F Removable 0 B No Media

< End of report >
meowtweets444's Avatar
meowtweets444 meowtweets444 is offline
Computer Specs
Member with 28 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Intermediate
23-Jul-2012, 08:26 PM #12
Here's the OTL Extras:



OTL Extras logfile created on: 7/23/2012 7:47:10 PM - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Carol\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 51.59% Memory free
6.18 Gb Paging File | 4.59 Gb Available in Paging File | 74.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.01 Gb Total Space | 210.52 Gb Free Space | 73.10% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.83 Gb Free Space | 48.27% Space Free | Partition Type: NTFS

Computer Name: CAROLLAPTOP | User Name: Carol | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfil e]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProf ile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]
"{2E02A6CF-DF03-4368-A931-C2FCC4434760}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{37D43360-7511-4F8D-8B06-791C4B84021B}" = lport=139 | protocol=6 | dir=in | app=system |
"{41526721-F2E8-48D3-824C-1B167CFA5B70}" = lport=137 | protocol=17 | dir=in | app=system |
"{56EEA5B8-FF57-4F74-95A5-331B814C2E10}" = lport=445 | protocol=6 | dir=in | app=system |
"{A83D6A95-40D4-4467-9E7B-54FF38A1C608}" = lport=138 | protocol=17 | dir=in | app=system |
"{BA3BD147-0A49-45CA-9423-6AF6D3933BDB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D38AAF9F-281E-472A-A0A5-51969FC3DA0E}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{DFC4553D-6F25-4070-9425-EBC0412F146C}" = rport=138 | protocol=17 | dir=out | app=system |
"{E2DE3447-0FD5-4758-9BF8-A1D2D655FF4E}" = rport=137 | protocol=17 | dir=out | app=system |
"{E2EB5480-56E8-4053-B522-91C64A0DA055}" = rport=139 | protocol=6 | dir=out | app=system |
"{E39641FD-DDCF-4353-B6A6-044BA464D896}" = rport=445 | protocol=6 | dir=out | app=system |
"{FB3C82F6-9CA6-4A30-A0DB-F0BA78FFF655}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]
"{0443CF67-1DBF-4923-BCBD-4497ED189B29}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{0A3D665B-E47F-4677-ADA5-4D67CCB51B7B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{0CFCB7C3-F463-4B20-9753-5653E3095718}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{0D28BDD0-DFC7-4775-8248-F705CEA9F41D}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{24AEB50C-7D31-4D98-975E-DE264881D6A2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{25D24AF4-08E3-48DF-85FE-01C1A8881F62}" = dir=in | app=e:\setup\hpznui01.exe |
"{38095091-6E65-40AD-BF1C-C69689F27BAC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{538331A3-201E-4A4E-BA53-604950D08E7A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{5581EF4D-E16C-4581-86D7-DAD89A6D0573}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{55B5DEAC-ECF0-4F44-A1DE-891872943021}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{577E1FBD-D216-4E12-AB9A-2BEE8E1CFFBB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{59095EBE-9716-468A-9C73-E37108289731}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{5A79AADD-267E-4096-9C00-8EEF3B59BBCA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{6160E523-3807-4FB8-AF45-A2CD983AB18F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{71263B9D-0B6D-4B9F-A56D-BDF108DA74D3}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{752BB176-7B85-42A9-B503-1B587E4183F8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{76FC0CBB-FB80-45F3-91FF-CEB257A48F88}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{78ABD1ED-8DC9-48D9-B6A5-CF2B1FD1308B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{78B99DF2-F5A7-46F7-B2EB-47D7893E1BDB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7FEF47DD-2031-43EC-BAA1-231E1C5D975B}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{8E7792AE-869E-49BB-8A43-7486B82CBDC5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |
"{8FF935AB-D154-4D32-9442-75861086AFCE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{90AE5A6B-3BA5-4494-A1D6-F6A5B4651A16}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{954C4ABF-473A-4596-A536-14AAA8734919}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{955EB4F0-DE64-439E-AD90-26AE532857C4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{95AF68ED-3CB0-43BB-9696-67D6ED493767}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{A93E9B50-14E1-44C2-B77F-D036F56DA58A}" = protocol=6 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |
"{BAD9D936-19B1-4D47-9CEA-083E697D19CB}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{BC533160-72F8-46C2-A857-DB782952F8AF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CF4DEA2D-DEBC-4D9B-A1E8-E0910C63270D}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{D2669AB3-8472-439C-8F98-DDFE8D384CF5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D5966699-359A-4451-98D8-173CEBFCEEDA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DD6CC325-73B3-4860-BF5B-A07716838C4E}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{E701F992-CDC9-439F-812F-92647DFD4939}" = protocol=17 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe |
"{FAE91E15-F2CE-4534-A45E-D179DEE2624A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{102CBC47-7FDE-4E6C-8A3A-67B79833FAC8}" = BPDSoftware_Ini
"{11B2F891-91C8-47ce-945A-A91003EA27FB}" = BPDSoftware
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18AB082B-6584-4F74-8ABC-D5935CF46E4C}" = 8500A909_eDocs
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 33
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{32257980-61DF-4685-A72B-08683838233B}" = 7300_Help
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{377739AE-00D9-4E80-8ECB-4C8A7EFFE526}" = 7300Trb
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{432A850B-3558-4BFF-B1F9-30626835B523}" = BPD_DSWizards
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{57F60D52-630B-43C5-BD20-176F5CD4EED6}" = bpd_scan
"{5A557245-EB3E-4111-A1AA-168EFCACE4FF}" = 7400
"{624E7452-BA43-4f55-B9D5-FC75EEA0808B}" = Officejet Pro 8500 A909 Series
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security Pro
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro Internet Security Pro
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B495547C-01F8-4836-A2E6-749B5F3EA691}" = 8500A909_Help
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{CD8C5C7F-7C58-4F85-8977-A6C08C087912}" = MPM
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D5DEF057-D3BC-499f-99EE-884ED429B6D1}" = 8500A909g
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{DA8BF070-1358-4a30-A68F-21E0E9421AEF}" = ProductContext
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative OA001" = Integrated Webcam Driver (1.03.02.0919)
"Dell Video Chat" = Dell Video Chat (remove only)
"Dell Webcam Central" = Dell Webcam Central
"EPSON Printer and Utilities" = EPSON Printer Software
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"PROR" = Microsoft Office Professional 2007
"Shop for HP Supplies" = Shop for HP Supplies

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2757528240-973861508-1219799131-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.1.0.366
"Move Media Player" = Move Media Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4/29/2011 12:39:56 AM | Computer Name = CarolLaptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 4/29/2011 12:39:56 AM | Computer Name = CarolLaptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6735531

Error - 4/29/2011 12:39:56 AM | Computer Name = CarolLaptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6735531

Error - 4/29/2011 12:39:58 AM | Computer Name = CarolLaptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 4/29/2011 12:39:58 AM | Computer Name = CarolLaptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6737075

Error - 4/29/2011 12:39:58 AM | Computer Name = CarolLaptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6737075

Error - 4/29/2011 12:39:59 AM | Computer Name = CarolLaptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 4/29/2011 12:39:59 AM | Computer Name = CarolLaptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6738214

Error - 4/29/2011 12:39:59 AM | Computer Name = CarolLaptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6738214

Error - 4/29/2011 1:32:49 AM | Computer Name = CarolLaptop | Source = EventSystem | ID = 4622
Description =

[ Media Center Events ]
Error - 3/15/2009 1:27:25 PM | Computer Name = CarolLaptop | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ OSession Events ]
Error - 5/30/2010 3:46:23 PM | Computer Name = CarolLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 356
seconds with 120 seconds of active time. This session ended with a crash.

Error - 8/20/2010 11:47:32 PM | Computer Name = CarolLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 204
seconds with 180 seconds of active time. This session ended with a crash.

Error - 8/22/2010 9:33:43 PM | Computer Name = CarolLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28220
seconds with 3360 seconds of active time. This session ended with a crash.

Error - 8/28/2010 10:43:24 AM | Computer Name = CarolLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 137
seconds with 120 seconds of active time. This session ended with a crash.

Error - 9/18/2010 11:49:30 AM | Computer Name = CarolLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 655
seconds with 420 seconds of active time. This session ended with a crash.

Error - 11/15/2010 6:41:45 PM | Computer Name = CarolLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 192
seconds with 180 seconds of active time. This session ended with a crash.

Error - 11/21/2010 4:34:21 PM | Computer Name = CarolLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4953
seconds with 180 seconds of active time. This session ended with a crash.

Error - 6/2/2011 2:01:51 AM | Computer Name = CarolLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 444
seconds with 240 seconds of active time. This session ended with a crash.

Error - 7/25/2011 6:24:58 PM | Computer Name = CarolLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1899
seconds with 1800 seconds of active time. This session ended with a crash.

Error - 8/4/2011 1:46:43 PM | Computer Name = CarolLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 164
seconds with 120 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7/5/2012 5:04:06 AM | Computer Name = CarolLaptop | Source = DCOM | ID = 10010
Description =

Error - 7/5/2012 6:54:05 PM | Computer Name = CarolLaptop | Source = bowser | ID = 8003
Description =

Error - 7/6/2012 12:17:13 AM | Computer Name = CarolLaptop | Source = bowser | ID = 8003
Description =

Error - 7/14/2012 9:27:01 AM | Computer Name = CarolLaptop | Source = DCOM | ID = 10010
Description =

Error - 7/21/2012 8:09:24 PM | Computer Name = CarolLaptop | Source = bowser | ID = 8003
Description =

Error - 7/21/2012 8:43:13 PM | Computer Name = CarolLaptop | Source = Service Control Manager | ID = 7034
Description =

Error - 7/21/2012 8:43:17 PM | Computer Name = CarolLaptop | Source = Service Control Manager | ID = 7030
Description =

Error - 7/21/2012 8:47:23 PM | Computer Name = CarolLaptop | Source = Service Control Manager | ID = 7030
Description =

Error - 7/21/2012 8:50:47 PM | Computer Name = CarolLaptop | Source = Service Control Manager | ID = 7030
Description =

Error - 7/21/2012 11:50:11 PM | Computer Name = CarolLaptop | Source = bowser | ID = 8003
Description =


< End of report >
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,314 posts.
 
Join Date: Mar 2001
Location: Bradford, England
25-Jul-2012, 04:00 PM #13
Quote:
Eddie, I noticed on the ComboFix that there were "Ammyy" files under "OTHER DELETIONS". Do you have any idea what it was exactly that they downloaded on her computer?
Not really, as the folders were also deleted under that Ammyy folder, so its good to see them go

--------

Your Java is out of date, so lets do that next:

Upgrade Java : (32 bits)
  • Download the latest version of Java SE Runtime Environment (JRE) JRE 7 Update 5 .
  • Under the JAVA Platform Standard Edition, click the "Download JRE" button to the right.
  • Accept License Agreement.[/b]".
  • Click on the link to download Windows Offline Installation 32 bit ( jre-7u5-windows-i586.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista or Win 7 users, right click on the jre-7u5-windows-i586.exe and select "Run as an Administrator.")
  • Don't install any of the toolbars that are offered.


After doing the above, for the remains of the Java, can you do this:

Open Java in the Control Panel and under the General tab, under Temporary Internet Files, click the Settings button. Then click on Delete Files.

Make sure both of these options are checked:
  • Applications and Applets
  • Trace and Log Files
OK out of all the screens.


----------------

Adobe Reader is also out of date, so get the latest one here:

http://get.adobe.com/uk/reader/

Uncheck the option to install Free! McAfee Security Scan Plus.


Then, when its installed, remove the older version:

Adobe Reader 9

-------------

Firefox is also out of date, so to update that, Open Firefox and at the top in the menu's, select Tools | About, and the updates will be applied.


-------------------

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Code:
    :OTL
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Carol\AppData\Local\Temp\catchme.sys -- (catchme)
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - user.js - File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-2757528240-973861508-1219799131-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_33)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_33)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_33)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    [27 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
    :Files
    ipconfig /flushdns /c
    :Commands 
    [purity] 
    [resethosts] 
    [emptytemp] 
    [emptyjava]
    [EMPTYFLASH] 
    [CREATERESTOREPOINT] 
    [Reboot]
  • Then click the Run Fix button at the top
  • Click OK.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot. Copy/Paste the report in your next reply.
meowtweets444's Avatar
meowtweets444 meowtweets444 is offline
Computer Specs
Member with 28 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Intermediate
29-Jul-2012, 05:45 PM #14
I updated Java and Adobe but the OTL froze up. I kept checking on it, but after an hour and a half, I closed out and rebooted computer. I did copy the code and put it in the box. You DID want me to click "Run/Fix" right?

Also, my aunt was setting up a payment from her bank account online and after completing it, there was a Microsoft pop up that that read, "You are about to leave a secure internet connection. It will be possible to view information you send. Do you want to continue?" She said she's only ever seen this after this whole Ammyy situation. I'm not sure if that is so. I had her use Chrome instead of IE to process another payment and we did not get any type of warning. Any thoughts?

I'll try running the OTL again later.
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,314 posts.
 
Join Date: Mar 2001
Location: Bradford, England
30-Jul-2012, 02:53 PM #15
Yep, Run Fix was the button to press

With regards to the popup, I sometimes get that. I normally click Cancel, and it loads the page ok, but not too sure why it comes up.

If still no joy with OTL, lets see if OTS works instead:


Download OTS.exe to your Desktop.
  1. Close any open browsers.
  2. If your Real protection or Antivirus interferes with OTS, allow it to run.
  3. Double-click on OTS.exe to start the program.
  4. At the top put a check mark in the box beside "Scan All Users".
  5. Under the Additional Scans section put a check in the box next to Disabled MS Config Items, NetSvcs and EventViewer logs (Last 10 errors)
  6. Now click the Run Scan button on the toolbar.
  7. Let it run unhindered until it finishes.
  8. When the scan is complete Notepad will open with the report file loaded in it.
  9. Save that notepad file.
Use the Reply button, scroll down to the attachments section and attach the notepad file here.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑