Results 1 to 10 of 19

Thread: Needing Help Removing Ad.Yieldmanager Malware

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. 2012-09-18, 02:36 #1
    sls0463
    sls0463 is offline
    Junior Member
    Join Date
    Aug 2012
    Posts
    14

    Default TDS Killer #2

    C:\Windows\System32\Drivers\BTHUSB.sys
    19:29:27.0642 0424 BTHUSB - ok
    19:29:27.0674 0424 [ 17D2E427EA4D2ACB8AED728F72F75D5D ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
    19:29:27.0689 0424 btwampfl - ok
    19:29:27.0752 0424 [ C4DF9BC1FBF261CADB2C73181A17CCFF ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
    19:29:27.0752 0424 btwaudio - ok
    19:29:27.0798 0424 [ A11905D0F4BD34771F195217B6AA5AE0 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
    19:29:27.0798 0424 btwavdt - ok
    19:29:27.0923 0424 [ 0AC0D9ADCE627225E2FEDF15676A0FAB ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    19:29:27.0939 0424 btwdins - ok
    19:29:27.0954 0424 [ 06E96CF5C046F7CAB4AA131DF6E2B9BC ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
    19:29:27.0954 0424 btwl2cap - ok
    19:29:27.0970 0424 [ BD776F32D64EC615BE4563DC2747224E ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
    19:29:27.0970 0424 btwrchid - ok
    19:29:28.0001 0424 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    19:29:28.0001 0424 cdfs - ok
    19:29:28.0079 0424 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
    19:29:28.0079 0424 cdrom - ok
    19:29:28.0142 0424 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
    19:29:28.0142 0424 CertPropSvc - ok
    19:29:28.0204 0424 [ 2C24DB5F78F0ACA759803001E6B4F320 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
    19:29:28.0204 0424 CinemaNow Service - ok
    19:29:28.0282 0424 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
    19:29:28.0282 0424 circlass - ok
    19:29:28.0313 0424 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
    19:29:28.0329 0424 CLFS - ok
    19:29:28.0656 0424 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    19:29:28.0672 0424 clr_optimization_v2.0.50727_32 - ok
    19:29:28.0953 0424 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    19:29:28.0953 0424 clr_optimization_v2.0.50727_64 - ok
    19:29:29.0046 0424 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    19:29:29.0046 0424 clr_optimization_v4.0.30319_32 - ok
    19:29:29.0109 0424 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    19:29:29.0109 0424 clr_optimization_v4.0.30319_64 - ok
    19:29:29.0171 0424 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    19:29:29.0171 0424 CmBatt - ok
    19:29:29.0202 0424 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
    19:29:29.0202 0424 cmdide - ok
    19:29:29.0296 0424 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
    19:29:29.0296 0424 CNG - ok
    19:29:29.0358 0424 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    19:29:29.0358 0424 Compbatt - ok
    19:29:29.0421 0424 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    19:29:29.0421 0424 CompositeBus - ok
    19:29:29.0452 0424 COMSysApp - ok
    19:29:29.0499 0424 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
    19:29:29.0499 0424 crcdisk - ok
    19:29:29.0546 0424 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
    19:29:29.0546 0424 CryptSvc - ok
    19:29:29.0608 0424 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
    19:29:29.0608 0424 dc3d - ok
    19:29:29.0702 0424 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
    19:29:29.0717 0424 DcomLaunch - ok
    19:29:29.0780 0424 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
    19:29:29.0780 0424 defragsvc - ok
    19:29:29.0811 0424 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    19:29:29.0811 0424 DfsC - ok
    19:29:29.0826 0424 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
    19:29:29.0842 0424 Dhcp - ok
    19:29:29.0858 0424 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
    19:29:29.0858 0424 discache - ok
    19:29:29.0920 0424 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
    19:29:29.0920 0424 Disk - ok
    19:29:29.0998 0424 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    19:29:29.0998 0424 Dnscache - ok
    19:29:30.0107 0424 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
    19:29:30.0123 0424 dot3svc - ok
    19:29:30.0154 0424 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
    19:29:30.0154 0424 DPS - ok
    19:29:30.0201 0424 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    19:29:30.0201 0424 drmkaud - ok
    19:29:30.0248 0424 [ A298AEA9FCA253E7EFF040A08C7C6376 ] DVMIO C:\Windows\system32\DRIVERS\dvmio.sys
    19:29:30.0263 0424 DVMIO - ok
    19:29:30.0419 0424 [ 5EB46032ECA199F4721EB1915B5383C8 ] DvmMDES C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
    19:29:30.0435 0424 DvmMDES - ok
    19:29:30.0497 0424 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    19:29:30.0513 0424 DXGKrnl - ok
    19:29:30.0560 0424 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
    19:29:30.0560 0424 EapHost - ok
    19:29:30.0653 0424 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
    19:29:30.0684 0424 ebdrv - ok
    19:29:30.0716 0424 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
    19:29:30.0716 0424 EFS - ok
    19:29:30.0825 0424 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    19:29:30.0825 0424 ehRecvr - ok
    19:29:30.0856 0424 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
    19:29:30.0872 0424 ehSched - ok
    19:29:30.0996 0424 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
    19:29:31.0012 0424 elxstor - ok
    19:29:31.0043 0424 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
    19:29:31.0043 0424 ErrDev - ok
    19:29:31.0137 0424 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
    19:29:31.0152 0424 EventSystem - ok
    19:29:31.0199 0424 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
    19:29:31.0199 0424 exfat - ok
    19:29:31.0246 0424 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
    19:29:31.0246 0424 fastfat - ok
    19:29:31.0308 0424 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
    19:29:31.0324 0424 Fax - ok
    19:29:31.0355 0424 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    19:29:31.0355 0424 fdc - ok
    19:29:31.0402 0424 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
    19:29:31.0402 0424 fdPHost - ok
    19:29:31.0433 0424 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
    19:29:31.0449 0424 FDResPub - ok
    19:29:31.0480 0424 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    19:29:31.0480 0424 FileInfo - ok
    19:29:31.0496 0424 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    19:29:31.0496 0424 Filetrace - ok
    19:29:31.0542 0424 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    19:29:31.0542 0424 flpydisk - ok
    19:29:31.0620 0424 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    19:29:31.0620 0424 FltMgr - ok
    19:29:31.0745 0424 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
    19:29:31.0761 0424 FontCache - ok
    19:29:31.0870 0424 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    19:29:31.0886 0424 FontCache3.0.0.0 - ok
    19:29:31.0948 0424 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    19:29:31.0948 0424 FsDepends - ok
    19:29:31.0995 0424 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    19:29:31.0995 0424 Fs_Rec - ok
    19:29:32.0057 0424 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    19:29:32.0057 0424 fvevol - ok
    19:29:32.0120 0424 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
    19:29:32.0120 0424 gagp30kx - ok
    19:29:32.0229 0424 [ E53EE18A21C025DEABCFE0F72FC481BB ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
    19:29:32.0229 0424 GameConsoleService - ok
    19:29:32.0354 0424 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
    19:29:32.0369 0424 gpsvc - ok
    19:29:32.0525 0424 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    19:29:32.0525 0424 gupdate - ok
    19:29:32.0556 0424 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    19:29:32.0572 0424 gupdatem - ok
    19:29:32.0634 0424 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    19:29:32.0650 0424 gusvc - ok
    19:29:32.0666 0424 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    19:29:32.0666 0424 hcw85cir - ok
    19:29:32.0712 0424 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    19:29:32.0712 0424 HdAudAddService - ok
    19:29:32.0790 0424 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    19:29:32.0790 0424 HDAudBus - ok
    19:29:32.0837 0424 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
    19:29:32.0837 0424 HidBatt - ok
    19:29:32.0868 0424 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
    19:29:32.0884 0424 HidBth - ok
    19:29:32.0915 0424 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
    19:29:32.0931 0424 HidIr - ok
    19:29:33.0040 0424 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
    19:29:33.0040 0424 hidserv - ok
    19:29:33.0087 0424 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
    19:29:33.0087 0424 HidUsb - ok
    19:29:33.0165 0424 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
    19:29:33.0165 0424 hkmsvc - ok
    19:29:33.0258 0424 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    19:29:33.0274 0424 HomeGroupListener - ok
    19:29:33.0352 0424 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    19:29:33.0368 0424 HomeGroupProvider - ok
    19:29:33.0477 0424 [ C84BCC03858DAEAC4DB1E95EFCCE1934 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    19:29:33.0477 0424 HP Health Check Service - ok
    19:29:33.0570 0424 [ 9ABD12FCE4A62905731C286BB1D66789 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    19:29:33.0570 0424 HP Wireless Assistant Service - ok
    19:29:33.0633 0424 [ 05712FDDBD45A5864EB326FAABC6A4E3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
    19:29:33.0633 0424 hpdskflt - ok
    19:29:33.0680 0424 [ EF3EA06057132138B4E5895A61601DBE ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    19:29:33.0680 0424 hpqwmiex - ok
    19:29:33.0758 0424 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    19:29:33.0758 0424 HpSAMD - ok
    19:29:33.0789 0424 [ AA036CC5F5221D9B915F4D4DCE74BA9A ] hpsrv C:\Windows\system32\Hpservice.exe
    19:29:33.0804 0424 hpsrv - ok
    19:29:33.0851 0424 [ B6492D01712A22FF3FEA25A999DBD321 ] HPWMISVC C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    19:29:33.0851 0424 HPWMISVC - ok
    19:29:34.0116 0424 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    19:29:34.0132 0424 HTTP - ok
    19:29:34.0210 0424 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    19:29:34.0210 0424 hwpolicy - ok
    19:29:34.0272 0424 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    19:29:34.0288 0424 i8042prt - ok
    19:29:34.0335 0424 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    19:29:34.0350 0424 iaStorV - ok
    19:29:34.0506 0424 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    19:29:34.0522 0424 idsvc - ok
    19:29:34.0662 0424 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
    19:29:34.0725 0424 igfx - ok
    19:29:34.0787 0424 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
    19:29:34.0787 0424 iirsp - ok
    19:29:35.0006 0424 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
    19:29:35.0021 0424 IKEEXT - ok
    19:29:35.0068 0424 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
    19:29:35.0068 0424 intelide - ok
    19:29:35.0115 0424 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    19:29:35.0115 0424 intelppm - ok
    19:29:35.0162 0424 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    19:29:35.0162 0424 IPBusEnum - ok
    19:29:35.0208 0424 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    19:29:35.0208 0424 IpFilterDriver - ok
    19:29:35.0349 0424 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    19:29:35.0364 0424 iphlpsvc - ok
    19:29:35.0411 0424 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    19:29:35.0411 0424 IPMIDRV - ok
    19:29:35.0442 0424 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    19:29:35.0458 0424 IPNAT - ok
    19:29:35.0505 0424 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
    19:29:35.0505 0424 IRENUM - ok
    19:29:35.0552 0424 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    19:29:35.0552 0424 isapnp - ok
    19:29:35.0583 0424 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    19:29:35.0583 0424 iScsiPrt - ok
    19:29:35.0630 0424 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
    19:29:35.0630 0424 kbdclass - ok
    19:29:35.0676 0424 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
    19:29:35.0676 0424 kbdhid - ok
    19:29:35.0708 0424 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
    19:29:35.0708 0424 KeyIso - ok
    19:29:35.0754 0424 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    19:29:35.0770 0424 KSecDD - ok
    19:29:35.0832 0424 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    19:29:35.0832 0424 KSecPkg - ok
    19:29:35.0848 0424 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    19:29:35.0864 0424 ksthunk - ok
    19:29:35.0895 0424 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
    19:29:35.0910 0424 KtmRm - ok
    19:29:35.0973 0424 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
    19:29:35.0988 0424 LanmanServer - ok
    19:29:36.0020 0424 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    19:29:36.0020 0424 LanmanWorkstation - ok
    19:29:36.0098 0424 [ 3503F257B3203F824B1567238EBE17E2 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    19:29:36.0098 0424 LightScribeService - ok
    19:29:36.0160 0424 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    19:29:36.0160 0424 lltdio - ok
    19:29:36.0207 0424 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
    19:29:36.0207 0424 lltdsvc - ok
    19:29:36.0238 0424 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
    19:29:36.0238 0424 lmhosts - ok
    19:29:36.0285 0424 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
    19:29:36.0285 0424 LSI_FC - ok
    19:29:36.0316 0424 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
    19:29:36.0316 0424 LSI_SAS - ok
    19:29:36.0347 0424 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
    19:29:36.0347 0424 LSI_SAS2 - ok
    19:29:36.0363 0424 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
    19:29:36.0363 0424 LSI_SCSI - ok
    19:29:36.0425 0424 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
    19:29:36.0441 0424 luafv - ok
    19:29:36.0503 0424 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
    19:29:36.0503 0424 MBAMProtector - ok
    19:29:36.0581 0424 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    19:29:36.0597 0424 MBAMService - ok
    19:29:36.0628 0424 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    19:29:36.0644 0424 Mcx2Svc - ok
    19:29:36.0675 0424 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
    19:29:36.0675 0424 megasas - ok
    19:29:36.0768 0424 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
    19:29:36.0768 0424 MegaSR - ok
    19:29:36.0846 0424 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
    19:29:36.0846 0424 MMCSS - ok
    19:29:36.0878 0424 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
    19:29:36.0878 0424 Modem - ok
    19:29:36.0893 0424 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    19:29:36.0893 0424 monitor - ok
    19:29:36.0956 0424 [ 93F5ADCAD940111F6D4D71AE1D9EC7F6 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
    19:29:36.0956 0424 motccgp - ok
    19:29:37.0018 0424 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
    19:29:37.0018 0424 motccgpfl - ok
    19:29:37.0080 0424 [ DB83DC223B9133DA3E41AFCBDECC46B5 ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
    19:29:37.0080 0424 motmodem - ok
    19:29:37.0143 0424 [ 36AC4DECEAE4226A5B5DD038C49658E1 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    19:29:37.0143 0424 MotoHelper - ok
    19:29:37.0174 0424 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
    19:29:37.0174 0424 MotoSwitchService - ok
    19:29:37.0205 0424 [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys
    19:29:37.0205 0424 Motousbnet - ok
    19:29:37.0268 0424 [ 307727F9829FB46FF4BE0E4D1DAC5002 ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys
    19:29:37.0268 0424 motusbdevice - ok
    19:29:37.0314 0424 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
    19:29:37.0314 0424 mouclass - ok
    19:29:37.0377 0424 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    19:29:37.0377 0424 mouhid - ok
    19:29:37.0424 0424 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    19:29:37.0424 0424 mountmgr - ok
    19:29:37.0502 0424 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    19:29:37.0517 0424 MozillaMaintenance - ok
    19:29:37.0626 0424 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
    19:29:37.0642 0424 MpFilter - ok
    19:29:37.0704 0424 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
    19:29:37.0704 0424 mpio - ok
    19:29:37.0736 0424 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    19:29:37.0736 0424 mpsdrv - ok
    19:29:37.0860 0424 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
    19:29:37.0876 0424 MpsSvc - ok
    19:29:37.0907 0424 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    19:29:37.0907 0424 MRxDAV - ok
    19:29:37.0954 0424 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    19:29:37.0970 0424 mrxsmb - ok
    19:29:38.0032 0424 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    19:29:38.0032 0424 mrxsmb10 - ok
    19:29:38.0094 0424 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    19:29:38.0094 0424 mrxsmb20 - ok
    19:29:38.0157 0424 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
    19:29:38.0157 0424 msahci - ok
    19:29:38.0204 0424 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    19:29:38.0204 0424 msdsm - ok
    19:29:38.0235 0424 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
    19:29:38.0235 0424 MSDTC - ok
    19:29:38.0328 0424 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    19:29:38.0328 0424 Msfs - ok
    19:29:38.0375 0424 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    19:29:38.0375 0424 mshidkmdf - ok
    19:29:38.0375 0424 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    19:29:38.0391 0424 msisadrv - ok
    19:29:38.0438 0424 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    19:29:38.0453 0424 MSiSCSI - ok
    19:29:38.0453 0424 msiserver - ok
    19:29:38.0531 0424 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    19:29:38.0531 0424 MSKSSRV - ok
    19:29:38.0812 0424 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
    19:29:38.0812 0424 MsMpSvc - ok
    19:29:38.0859 0424 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    19:29:38.0859 0424 MSPCLOCK - ok
    19:29:38.0874 0424 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    19:29:38.0874 0424 MSPQM - ok
    19:29:38.0906 0424 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    19:29:38.0921 0424 MsRPC - ok
    19:29:38.0952 0424 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    19:29:38.0952 0424 mssmbios - ok
    19:29:38.0984 0424 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    19:29:38.0984 0424 MSTEE - ok
    19:29:39.0015 0424 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
    19:29:39.0015 0424 MTConfig - ok
    19:29:39.0062 0424 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
    19:29:39.0062 0424 Mup - ok
    19:29:39.0108 0424 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
    19:29:39.0124 0424 napagent - ok
    19:29:39.0202 0424 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    19:29:39.0218 0424 NativeWifiP - ok
    19:29:39.0280 0424 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
    19:29:39.0296 0424 NDIS - ok
    19:29:39.0311 0424 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    19:29:39.0311 0424 NdisCap - ok
    19:29:39.0358 0424 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    19:29:39.0358 0424 NdisTapi - ok
    19:29:39.0389 0424 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    19:29:39.0389 0424 Ndisuio - ok
    19:29:39.0436 0424 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    19:29:39.0436 0424 NdisWan - ok
    19:29:39.0467 0424 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    19:29:39.0467 0424 NDProxy - ok
    19:29:39.0639 0424 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    19:29:39.0639 0424 NetBIOS - ok
    19:29:39.0826 0424 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    19:29:39.0826 0424 NetBT - ok
    19:29:39.0857 0424 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
    19:29:39.0857 0424 Netlogon - ok
    19:29:39.0920 0424 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
    19:29:39.0935 0424 Netman - ok
    19:29:39.0951 0424 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
    19:29:39.0951 0424 netprofm - ok
    19:29:39.0982 0424 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    19:29:39.0982 0424 NetTcpPortSharing - ok
    19:29:40.0169 0424 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
    19:29:40.0200 0424 netw5v64 - ok
    19:29:40.0263 0424 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
    19:29:40.0263 0424 nfrd960 - ok
    19:29:40.0341 0424 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    19:29:40.0356 0424 NisDrv - ok
    19:29:40.0419 0424 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
    19:29:40.0419 0424 NisSrv - ok
    19:29:40.0466 0424 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
    19:29:40.0481 0424 NlaSvc - ok
    19:29:40.0528 0424 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
    19:29:40.0528 0424 Npfs - ok
    19:29:40.0575 0424 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
    19:29:40.0575 0424 nsi - ok
    19:29:40.0590 0424 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    19:29:40.0590 0424 nsiproxy - ok
    19:29:40.0700 0424 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    19:29:40.0715 0424 Ntfs - ok
    19:29:40.0762 0424 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
    19:29:40.0762 0424 Null - ok
    19:29:40.0856 0424 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
    19:29:40.0856 0424 nvraid - ok
    19:29:40.0887 0424 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
    19:29:40.0887 0424 nvstor - ok
    19:29:40.0902 0424 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    19:29:40.0918 0424 nv_agp - ok
    19:29:40.0934 0424 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    19:29:40.0934 0424 ohci1394 - ok
    19:29:41.0012 0424 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    19:29:41.0027 0424 p2pimsvc - ok
    19:29:41.0090 0424 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
    19:29:41.0105 0424 p2psvc - ok
    19:29:41.0136 0424 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
    19:29:41.0136 0424 Parport - ok
    19:29:41.0168 0424 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
    19:29:41.0168 0424 partmgr - ok
    19:29:41.0230 0424 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
    19:29:41.0230 0424 PcaSvc - ok
    19:29:41.0308 0424 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
    19:29:41.0308 0424 pci - ok
    19:29:41.0339 0424 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
    19:29:41.0339 0424 pciide - ok
    19:29:41.0402 0424 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
    19:29:41.0402 0424 pcmcia - ok
    19:29:41.0433 0424 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
    19:29:41.0433 0424 pcw - ok
    19:29:41.0480 0424 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    19:29:41.0495 0424 PEAUTH - ok
    19:29:41.0838 0424 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
    19:29:41.0854 0424 PerfHost - ok
    19:29:41.0994 0424 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
    19:29:42.0026 0424 pla - ok
    19:29:42.0104 0424 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    19:29:42.0104 0424 PlugPlay - ok
    19:29:42.0150 0424 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    19:29:42.0150 0424 PNRPAutoReg - ok
    19:29:42.0213 0424 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    19:29:42.0213 0424 PNRPsvc - ok
    19:29:42.0306 0424 [ B8D8EC78B0F9ED8E220506181274F3D3 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
    19:29:42.0306 0424 Point64 - ok
    19:29:42.0353 0424 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    19:29:42.0369 0424 PolicyAgent - ok
    19:29:42.0416 0424 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
    19:29:42.0431 0424 Power - ok
    19:29:42.0494 0424 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    19:29:42.0494 0424 PptpMiniport - ok
    19:29:42.0540 0424 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
    19:29:42.0540 0424 Processor - ok
    19:29:42.0618 0424 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
    19:29:42.0634 0424 ProfSvc - ok
    19:29:42.0650 0424 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    19:29:42.0665 0424 ProtectedStorage - ok
    19:29:42.0696 0424 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    19:29:42.0696 0424 Psched - ok
    19:29:42.0806 0424 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
    19:29:42.0821 0424 ql2300 - ok
    19:29:43.0024 0424 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
    19:29:43.0024 0424 ql40xx - ok
    19:29:43.0102 0424 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
    19:29:43.0118 0424 QWAVE - ok
    19:29:43.0242 0424 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    19:29:43.0258 0424 QWAVEdrv - ok
    19:29:43.0274 0424 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    19:29:43.0289 0424 RasAcd - ok
    19:29:43.0336 0424 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    19:29:43.0336 0424 RasAgileVpn - ok
    19:29:43.0383 0424 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
    19:29:43.0383 0424 RasAuto - ok
    19:29:43.0414 0424 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    19:29:43.0414 0424 Rasl2tp - ok
    19:29:43.0461 0424 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
    19:29:43.0461 0424 RasMan - ok
    19:29:43.0492 0424 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    19:29:43.0492 0424 RasPppoe - ok
    19:29:43.0492 0424 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    19:29:43.0492 0424 RasSstp - ok
    19:29:43.0554 0424 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    19:29:43.0554 0424 rdbss - ok
    19:29:43.0570 0424 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
    19:29:43.0586 0424 rdpbus - ok
    19:29:43.0601 0424 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    19:29:43.0601 0424 RDPCDD - ok
    19:29:43.0664 0424 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    19:29:43.0664 0424 RDPENCDD - ok
    19:29:43.0695 0424 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    19:29:43.0710 0424 RDPREFMP - ok
    19:29:43.0742 0424 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    19:29:43.0742 0424 RDPWD - ok
    19:29:43.0820 0424 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    19:29:43.0835 0424 rdyboost - ok
    19:29:43.0882 0424 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
    19:29:43.0882 0424 RemoteAccess - ok
    19:29:43.0976 0424 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    19:29:43.0991 0424 RemoteRegistry - ok
    19:29:44.0054 0424 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
    19:29:44.0054 0424 RFCOMM - ok
    19:29:44.0116 0424 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    19:29:44.0116 0424 RpcEptMapper - ok
    19:29:44.0194 0424 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
    19:29:44.0194 0424 RpcLocator - ok
    19:29:44.0272 0424 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
    19:29:44.0288 0424 RpcSs - ok
    19:29:44.0397 0424 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    19:29:44.0397 0424 rspndr - ok
    19:29:44.0475 0424 [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
    19:29:44.0475 0424 RSUSBSTOR - ok
    19:29:44.0506 0424 [ 777FC2C418465404E3D8A290DC247D24 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
    19:29:44.0522 0424 RTL8167 - ok
    19:29:44.0537 0424 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
    19:29:44.0537 0424 SamSs - ok
    19:29:44.0584 0424 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    19:29:44.0584 0424 sbp2port - ok
    19:29:45.0036 0424 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    19:29:45.0052 0424 SBSDWSCService - ok
    19:29:45.0130 0424 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
    19:29:45.0146 0424 SCardSvr - ok
    19:29:45.0208 0424 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    19:29:45.0208 0424 scfilter - ok
    19:29:45.0489 0424 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
    19:29:45.0504 0424 Schedule - ok
    19:29:45.0582 0424 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
    19:29:45.0582 0424 SCPolicySvc - ok
    19:29:45.0660 0424 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
    19:29:45.0676 0424 sdbus - ok
    19:29:45.0770 0424 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    19:29:45.0770 0424 SDRSVC - ok
    19:29:45.0988 0424 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    19:29:45.0988 0424 SeaPort - ok
    19:29:46.0066 0424 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    19:29:46.0066 0424 secdrv - ok
    19:29:46.0128 0424 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
    19:29:46.0144 0424 seclogon - ok
    19:29:46.0206 0424 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
    19:29:46.0206 0424 SENS - ok
    19:29:46.0316 0424 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
    19:29:46.0331 0424 SensrSvc - ok
    19:29:46.0409 0424 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
    19:29:46.0409 0424 Serenum - ok
    19:29:46.0456 0424 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
    19:29:46.0456 0424 Serial - ok
    19:29:46.0534 0424 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
    19:29:46.0534 0424 sermouse - ok
    19:29:46.0643 0424 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
    19:29:46.0659 0424 SessionEnv - ok
    19:29:46.0706 0424 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    19:29:46.0706 0424 sffdisk - ok
    19:29:46.0737 0424 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    19:29:46.0752 0424 sffp_mmc - ok
    19:29:46.0784 0424 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    19:29:46.0784 0424 sffp_sd - ok
    19:29:46.0815 0424 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
    19:29:46.0830 0424 sfloppy - ok
    19:29:46.0940 0424 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
    19:29:46.0955 0424 SharedAccess - ok
    19:29:47.0018 0424 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    19:29:47.0033 0424 ShellHWDetection - ok
    19:29:47.0127 0424 [ 720088AAD691FF1D90BE8EC28727F6CA ] silabenm C:\Windows\system32\DRIVERS\silabenm.sys
    19:29:47.0142 0424 silabenm - ok
    19:29:47.0174 0424 [ 3A639FC33AD3D4897C301130214D7FF0 ] silabser C:\Windows\system32\DRIVERS\silabser.sys
    19:29:47.0174 0424 silabser - ok
    19:29:47.0252 0424 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
    19:29:47.0252 0424 SiSRaid2 - ok
    19:29:47.0330 0424 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
    19:29:47.0330 0424 SiSRaid4 - ok
    19:29:47.0423 0424 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    19:29:47.0439 0424 Smb - ok
    19:29:47.0517 0424 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    19:29:47.0517 0424 SNMPTRAP - ok
    19:29:47.0564 0424 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
    19:29:47.0564 0424 spldr - ok
    19:29:47.0688 0424 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
    19:29:47.0704 0424 Spooler - ok
    19:29:48.0172 0424 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
    19:29:48.0188 0424 sppsvc - ok
    19:29:48.0266 0424 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    19:29:48.0266 0424 sppuinotify - ok
    19:29:48.0344 0424 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
    19:29:48.0359 0424 srv - ok
    19:29:48.0453 0424 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    19:29:48.0468 0424 srv2 - ok
    19:29:48.0593 0424 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
    19:29:48.0609 0424 SrvHsfHDA - ok
    19:29:48.0968 0424 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
    19:29:48.0983 0424 SrvHsfV92 - ok
    19:29:49.0186 0424 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
    19:29:49.0202 0424 SrvHsfWinac - ok
    19:29:49.0248 0424 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    19:29:49.0248 0424 srvnet - ok
    19:29:49.0389 0424 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    19:29:49.0404 0424 SSDPSRV - ok
    19:29:49.0451 0424 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
    19:29:49.0451 0424 SstpSvc - ok
    19:29:49.0748 0424 [ 7F30633A5AEC81140DBC6DAAAEBD0CBE ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe
    19:29:49.0748 0424 STacSV - ok
    19:29:49.0794 0424 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
    19:29:49.0794 0424 stexstor - ok
    19:29:49.0982 0424 [ F991751C2477257BBCEDB364A0F449B4 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
    19:29:49.0982 0424 STHDA - ok
    19:29:50.0075 0424 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
    19:29:50.0091 0424 stisvc - ok
    19:29:50.0153 0424 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
    19:29:50.0153 0424 swenum - ok
    19:29:50.0247 0424 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
    19:29:50.0262 0424 swprv - ok
    19:29:50.0356 0424 [ 91853F78B68F9F036670291F5EDD4EAE ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
    19:29:50.0356 0424 SynTP - ok
    19:29:50.0434 0424 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
    19:29:50.0450 0424 SysMain - ok
    19:29:50.0496 0424 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    19:29:50.0512 0424 TabletInputService - ok
    19:29:50.0637 0424 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
    19:29:50.0637 0424 TapiSrv - ok
    19:29:50.0684 0424 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
    19:29:50.0684 0424 TBS - ok
    19:29:50.0793 0424 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    19:29:50.0824 0424 Tcpip - ok
    19:29:51.0183 0424 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    19:29:51.0198 0424 TCPIP6 - ok
    19:29:51.0245 0424 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    19:29:51.0245 0424 tcpipreg - ok
    19:29:51.0323 0424 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    19:29:51.0323 0424 TDPIPE - ok
    19:29:51.0401 0424 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    19:29:51.0401 0424 TDTCP - ok
    19:29:51.0448 0424 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    19:29:51.0448 0424 tdx - ok
    19:29:51.0510 0424 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
    19:29:51.0510 0424 TermDD - ok
    19:29:51.0666 0424 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
    19:29:51.0682 0424 TermService - ok
    19:29:51.0729 0424 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
    19:29:51.0744 0424 Themes - ok
    19:29:51.0822 0424 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
    19:29:51.0822 0424 THREADORDER - ok
    19:29:51.0854 0424 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
    19:29:51.0869 0424 TrkWks - ok
    19:29:51.0932 0424 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    19:29:51.0932 0424 TrustedInstaller - ok
    19:29:51.0978 0424 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    19:29:51.0978 0424 tssecsrv - ok
    19:29:52.0072 0424 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    19:29:52.0072 0424 TsUsbFlt - ok
    19:29:52.0119 0424 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    19:29:52.0134 0424 tunnel - ok
    19:29:52.0181 0424 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
    19:29:52.0181 0424 uagp35 - ok
    19:29:52.0275 0424 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    19:29:52.0275 0424 udfs - ok
    19:29:52.0322 0424 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    19:29:52.0322 0424 UI0Detect - ok
    19:29:52.0337 0424 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    19:29:52.0337 0424 uliagpkx - ok
    19:29:52.0400 0424 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
    19:29:52.0400 0424 umbus - ok
    19:29:52.0462 0424 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    19:29:52.0462 0424 UmPass - ok
    19:29:52.0571 0424 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
    19:29:52.0587 0424 upnphost - ok
    19:29:52.0618 0424 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    19:29:52.0634 0424 usbccgp - ok
    19:29:52.0680 0424 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    19:29:52.0680 0424 usbcir - ok
    19:29:52.0696 0424 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
    19:29:52.0696 0424 usbehci - ok
    19:29:52.0758 0424 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
    19:29:52.0758 0424 usbfilter - ok
    19:29:52.0774 0424 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    19:29:52.0774 0424 usbhub - ok
    19:29:52.0852 0424 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
    19:29:52.0852 0424 usbohci - ok
    19:29:52.0930 0424 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    19:29:52.0930 0424 usbprint - ok
    19:29:52.0977 0424 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
    19:29:52.0992 0424 usbscan - ok
    19:29:53.0039 0424 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
    19:29:53.0039 0424 USBSTOR - ok
    19:29:53.0086 0424 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    19:29:53.0086 0424 usbuhci - ok
    19:29:53.0133 0424 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
    19:29:53.0148 0424 usbvideo - ok
    19:29:53.0211 0424 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
    19:29:53.0211 0424 UxSms - ok
    19:29:53.0226 0424 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
    19:29:53.0226 0424 VaultSvc - ok
    19:29:53.0273 0424 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    19:29:53.0289 0424 vdrvroot - ok
    19:29:53.0429 0424 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
    19:29:53.0429 0424 vds - ok
    19:29:53.0476 0424 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    19:29:53.0492 0424 vga - ok
    19:29:53.0507 0424 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
    19:29:53.0507 0424 VgaSave - ok
    19:29:53.0585 0424 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    19:29:53.0601 0424 vhdmp - ok
    19:29:53.0648 0424 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
    19:29:53.0648 0424 viaide - ok
    19:29:53.0694 0424 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    19:29:53.0694 0424 volmgr - ok
    19:29:53.0804 0424 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    19:29:53.0804 0424 volmgrx - ok
    19:29:53.0897 0424 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
    19:29:53.0897 0424 volsnap - ok
    19:29:53.0975 0424 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
    19:29:53.0975 0424 vsmraid - ok
    19:29:54.0443 0424 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
    19:29:54.0474 0424 VSS - ok
    19:29:54.0552 0424 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    19:29:54.0552 0424 vwifibus - ok
    19:29:54.0568 0424 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    19:29:54.0584 0424 vwififlt - ok
    19:29:54.0662 0424 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
    19:29:54.0677 0424 W32Time - ok
    19:29:54.0724 0424 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
    19:29:54.0724 0424 WacomPen - ok
    19:29:54.0771 0424 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    19:29:54.0786 0424 WANARP - ok
    19:29:54.0786 0424 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    19:29:54.0786 0424 Wanarpv6 - ok
    19:29:54.0880 0424 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    19:29:54.0896 0424 WatAdminSvc - ok
    19:29:55.0083 0424 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
    19:29:55.0114 0424 wbengine - ok
    19:29:55.0176 0424 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    19:29:55.0192 0424 WbioSrvc - ok
    19:29:55.0270 0424 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
    19:29:55.0286 0424 wcncsvc - ok
    19:29:55.0332 0424 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    19:29:55.0332 0424 WcsPlugInService - ok
    19:29:55.0379 0424 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
    19:29:55.0379 0424 Wd - ok
    19:29:55.0582 0424 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    19:29:55.0598 0424 Wdf01000 - ok
    19:29:55.0629 0424 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
    19:29:55.0644 0424 WdiServiceHost - ok
    19:29:55.0644 0424 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
    19:29:55.0660 0424 WdiSystemHost - ok
    19:29:55.0754 0424 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
    19:29:55.0769 0424 WebClient - ok
    19:29:55.0832 0424 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
    19:29:55.0832 0424 Wecsvc - ok
    19:29:55.0863 0424 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    19:29:55.0863 0424 wercplsupport - ok
    19:29:55.0910 0424 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
    19:29:55.0925 0424 WerSvc - ok
    19:29:55.0972 0424 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    19:29:55.0972 0424 WfpLwf - ok
    19:29:56.0003 0424 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    19:29:56.0003 0424 WIMMount - ok
    19:29:56.0034 0424 WinDefend - ok
    19:29:56.0050 0424 WinHttpAutoProxySvc - ok
    19:29:56.0378 0424 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    19:29:56.0378 0424 Winmgmt - ok
    19:29:56.0658 0424 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
    19:29:56.0674 0424 WinRM - ok
    19:29:56.0752 0424 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
    19:29:56.0752 0424 WinUsb - ok
    19:29:56.0814 0424 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
    19:29:56.0846 0424 Wlansvc - ok
    19:29:57.0189 0424 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    19:29:57.0220 0424 wlidsvc - ok
    19:29:57.0251 0424 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    19:29:57.0251 0424 WmiAcpi - ok
    19:29:57.0345 0424 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    19:29:57.0345 0424 wmiApSrv - ok
    19:29:57.0423 0424 WMPNetworkSvc - ok
    19:29:57.0548 0424 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
    19:29:57.0548 0424 WPCSvc - ok
    19:29:57.0610 0424 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    19:29:57.0626 0424 WPDBusEnum - ok
    19:29:57.0657 0424 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    19:29:57.0657 0424 ws2ifsl - ok
    19:29:57.0672 0424 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
    19:29:57.0688 0424 wscsvc - ok
    19:29:57.0688 0424 WSearch - ok
    19:29:57.0984 0424 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
    19:29:58.0016 0424 wuauserv - ok
    19:29:58.0047 0424 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    19:29:58.0047 0424 WudfPf - ok
    19:29:58.0094 0424 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    19:29:58.0094 0424 WUDFRd - ok
    19:29:58.0172 0424 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    19:29:58.0172 0424 wudfsvc - ok
    19:29:58.0234 0424 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
    19:29:58.0250 0424 WwanSvc - ok
    19:29:58.0421 0424 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    19:29:58.0421 0424 YahooAUService - ok
    19:29:58.0499 0424 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
    19:29:58.0515 0424 yukonw7 - ok
    19:29:58.0546 0424 ================ Scan global ===============================
    19:29:58.0577 0424 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    19:29:58.0640 0424 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
    19:29:58.0655 0424 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
    19:29:58.0702 0424 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    19:29:58.0780 0424 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    19:29:58.0796 0424 [Global] - ok
    19:29:58.0796 0424 ================ Scan MBR ==================================
    19:29:58.0827 0424 [ BDD3CFA7D4C103871B2A8A57BD6DA235 ] \Device\Harddisk0\DR0
    19:29:59.0622 0424 \Device\Harddisk0\DR0 - ok
    19:29:59.0622 0424 ================ Scan VBR ==================================
    19:29:59.0654 0424 [ 1AFBF4A297084A4FF4363FB6BB258BF8 ] \Device\Harddisk0\DR0\Partition1
    19:29:59.0654 0424 \Device\Harddisk0\DR0\Partition1 - ok
    19:29:59.0669 0424 [ 05E4B7EDDDC82CC3D0A07D48EC870EBA ] \Device\Harddisk0\DR0\Partition2
    19:29:59.0685 0424 \Device\Harddisk0\DR0\Partition2 - ok
    19:29:59.0716 0424 [ A19864966E39CA2505B9D5F4A6D183A9 ] \Device\Harddisk0\DR0\Partition3
    19:29:59.0716 0424 \Device\Harddisk0\DR0\Partition3 - ok
    19:29:59.0732 0424 [ F15AF17865D63C90FFD4B7652B59240A ] \Device\Harddisk0\DR0\Partition4
    19:29:59.0794 0424 \Device\Harddisk0\DR0\Partition4 - ok
    19:29:59.0810 0424 ============================================================
    19:29:59.0810 0424 Scan finished
    19:29:59.0810 0424 ============================================================
    19:29:59.0825 5004 Detected object count: 0
    19:29:59.0825 5004 Actual detected object count: 0
  2. 2012-09-18, 02:55 #2
    sls0463
    sls0463 is offline
    Junior Member
    Join Date
    Aug 2012
    Posts
    14

    Default MBAM Scan

    Malwarebytes Anti-Malware 1.65.0.1400
    www.malwarebytes.org

    Database version: v2012.09.07.13

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Shawn :: SHAWN-LAPTOP [administrator]

    9/17/2012 7:44:18 PM
    mbam-log-2012-09-17 (19-44-18).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 215525
    Time elapsed: 10 minute(s), 9 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
  3. 2012-09-18, 09:17 #3
    torreattack
    torreattack is offline
    Senior Member
    Join Date
    Jun 2012
    Location
    Malaysia
    Posts
    121

    Default

    hi sls0463:

    You did not provide me an update about your computer problem.


    1. Are you running two antivirus? Avast and MSE? Are they able to update and run?
    2. What is the symptoms that make you think you are infected? Any re-direction, strange sound, email hacked, pop-up?
    3. Since when this incident happen?
    4. Any other issue?


    thanks,
    torreattack
    Graduate of Malware Removal University, - You too could train to help others
  4. 2012-09-19, 01:59 #4
    sls0463
    sls0463 is offline
    Junior Member
    Join Date
    Aug 2012
    Posts
    14

    Default Update

    I am running Avast (based on an earlier recommendation from the forum).

    I am still getting the pop up in the lower left corner.

    I occasionally get a redirect.

    The ad.yieldmanager popup started about 4 weeks ago.

    THANK YOU for taking the time to try and help me. I do appreciate it.
  5. 2012-09-20, 00:37 #5
    torreattack
    torreattack is offline
    Senior Member
    Join Date
    Jun 2012
    Location
    Malaysia
    Posts
    121

    Default

    Hi sls0463 :

    1. remove program
    Some of the following programs are outdated, useless or not recommended to keep. Please uninstall them.
    • Click start>> Control Panel >> Under Programs, click on Uninstall a program.
    • Locate the following program(s):
      Adobe Reader 9.3.3
      Java(TM) 6 Update 17
      Microsoft Security Essentials
      Java(TM) 6 Update 22
    • Select the program above and click on Uninstall to uninstall it.
    NOTE: Take extra care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.


    2. OTL fix
    Please make sure OTL.exe is on your Desktop.
    Important! Close all applications and windows so that you have nothing open and are at your Desktop
    • Right click on OTL.exe and select "Run As Administrator" to run it. If prompted by UAC, please allow it.
    • Copy the following text... do not include the quote box title "Quote'
      :OTL
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{C1B40DC2-6909-4C87-9F4A-8B87D13B16CD}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
      IE - HKU\S-1-5-21-1057294972-859772879-3047662534-1001\..\SearchScopes,DefaultScope = {9D3676F2-C158-46AA-904C-C97C63544026}
      IE - HKU\S-1-5-21-1057294972-859772879-3047662534-1001\..\SearchScopes\{9D3676F2-C158-46AA-904C-C97C63544026}: "URL" = http://findgala.com/?&uid=5618&q={searchTerms}
      IE - HKU\S-1-5-21-1057294972-859772879-3047662534-1001\..\SearchScopes\{C1B40DC2-6909-4C87-9F4A-8B87D13B16CD}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
      [2012/01/05 21:22:40 | 000,001,210 | ---- | M] () -- C:\Users\Shawn\AppData\Roaming\Mozilla\Firefox\Profiles\9a6wlzdk.default\searchplugins\search.xml
      [2012/07/27 19:16:29 | 000,002,519 | ---- | M] () -- C:\Users\Shawn\AppData\Roaming\Mozilla\Firefox\Profiles\9a6wlzdk.default\searchplugins\Search_Results.xml
      [2012/07/27 19:16:29 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
      CHR - homepage: http://www.searchnu.com/406
      CHR - default_search_provider: Search Results ()
      CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&appid=287&systemid=406&sr=0&q={searchTerms}
      CHR - homepage: http://www.searchnu.com/406
      O1 - Hosts: 93.115.241.28 www.google-analytics.com.
      O1 - Hosts: 93.115.241.28 ad-emea.doubleclick.net.
      O1 - Hosts: 93.115.241.28 www.statcounter.com.
      O1 - Hosts: 69.72.252.254 www.google-analytics.com.
      O1 - Hosts: 69.72.252.254 ad-emea.doubleclick.net.
      O1 - Hosts: 69.72.252.254 www.statcounter.com.
      O4 - HKLM..\Run: [] File not found
      O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
      O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
      O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
      O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
      O16 - DPF: Web-Based Email Tools http://email00.secureserver.net/Download.CAB (Reg Error: Key error.)

      :Files
      ipconfig /flushdns /c

      :Commands
      [EmptyTemp]
      [ResetHosts]
      [CreateRestorePoint]
    • Click under the Custom Scan/Fixes box and paste the copied text.
    • Click the Run Fix button. If prompted... click OK.
    • When the scan completes, Notepad will open with the scan results.
    • Please post the contents of report in your next reply.

    note: The OTL fix log was located at c:\_OTL\MovedFiles with the format MMDDYYY_HHMMSS.log.


    3. SystemLook
    Please download SystemLook from one of the links below, and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2
    • Double-click SystemLook_x64.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:
      :filefind
*Fun4IM*
*Bandoo*
*Searchqu*
*iLivid*
*whitesmoke*
*datamngr*
*trolltech*

:folderfind
*Fun4IM*
*Bandoo*
*Searchqu*
*iLivid*
*whitesmoke*
*datamngr*
*trolltech*

:Regfind
Fun4IM
Bandoo
Searchqu
iLivid
whitesmoke
datamngr
kelkoopartners
trolltech
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt
    This scan can take some time to run so please be patient.



    4. Do you know these folder?
    C:\Users\Shawn\AppData\Local\{11d5d328-f14f-7572-15b5-f747154d7971}\@
    C:\Users\Shawn\AppData\Local\2uk67pt227ow1c80w8mf060k0iqg3xc1pex7kb5n
    C:\ProgramData\2uk67pt227ow1c80w8mf060k0iqg3xc1pex7kb5n

    Thanks,
    torreattack
    Graduate of Malware Removal University, - You too could train to help others
  6. 2012-09-20, 03:06 #6
    sls0463
    sls0463 is offline
    Junior Member
    Join Date
    Aug 2012
    Posts
    14

    Default OTL Scan 9/19/12

    All processes killed
    ========== OTL ==========
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C1B40DC2-6909-4C87-9F4A-8B87D13B16CD}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C1B40DC2-6909-4C87-9F4A-8B87D13B16CD}\ not found.
    HKEY_USERS\S-1-5-21-1057294972-859772879-3047662534-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_USERS\S-1-5-21-1057294972-859772879-3047662534-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9D3676F2-C158-46AA-904C-C97C63544026}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D3676F2-C158-46AA-904C-C97C63544026}\ not found.
    Registry key HKEY_USERS\S-1-5-21-1057294972-859772879-3047662534-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C1B40DC2-6909-4C87-9F4A-8B87D13B16CD}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C1B40DC2-6909-4C87-9F4A-8B87D13B16CD}\ not found.
    File C:\Users\Shawn\AppData\Roaming\Mozilla\Firefox\Profiles\9a6wlzdk.default\searchplugins\search.xml not found.
    File C:\Users\Shawn\AppData\Roaming\Mozilla\Firefox\Profiles\9a6wlzdk.default\searchplugins\Search_Results.xml not found.
    File C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml not found.
    Use Chrome's Settings page to change the HomePage.
    Use Chrome's Settings page to remove the default_search_provider items.
    Use Chrome's Settings page to remove the default_search_provider items.
    Use Chrome's Settings page to change the HomePage.
    93.115.241.28 www.google-analytics.com. removed from HOSTS file successfully
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
    Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control Web-Based Email Tools
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Web-Based Email Tools\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Web-Based Email Tools\ not found.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Users\Shawn\Desktop\cmd.bat deleted successfully.
    C:\Users\Shawn\Desktop\cmd.txt deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public

    User: Shawn
    ->Temp folder emptied: 65536 bytes
    ->Temporary Internet Files folder emptied: 3383645 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 0 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 291 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 67674 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
    RecycleBin emptied: 839201393 bytes

    Total Files Cleaned = 804.00 mb

    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully
    Restore point Set: OTL Restore Point

    OTL by OldTimer - Version 3.2.61.4 log created on 09192012_200118

    Files\Folders moved on Reboot...
    File\Folder C:\Users\Shawn\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
    C:\Users\Shawn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PG1EZX7O\showthread[2].htm moved successfully.
    C:\Users\Shawn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
    C:\Users\Shawn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
  7. 2012-09-20, 03:20 #7
    sls0463
    sls0463 is offline
    Junior Member
    Join Date
    Aug 2012
    Posts
    14

    Default SystemLook Scan 9/19/12

    SystemLook 30.07.11 by jpshortstuff
    Log created at 20:10 on 19/09/2012 by Shawn
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "*Fun4IM*"
    No files found.

    Searching for "*Bandoo*"
    No files found.

    Searching for "*Searchqu*"
    No files found.

    Searching for "*iLivid*"
    No files found.

    Searching for "*whitesmoke*"
    No files found.

    Searching for "*datamngr*"
    No files found.

    Searching for "*trolltech*"
    No files found.

    ========== folderfind ==========

    Searching for "*Fun4IM*"
    No folders found.

    Searching for "*Bandoo*"
    No folders found.

    Searching for "*Searchqu*"
    No folders found.

    Searching for "*iLivid*"
    C:\Users\Shawn\AppData\Local\Ilivid Player d------ [00:27 28/07/2012]

    Searching for "*whitesmoke*"
    No folders found.

    Searching for "*datamngr*"
    C:\Users\Shawn\AppData\LocalLow\DataMngr d------ [00:26 28/07/2012]

    Searching for "*trolltech*"
    No folders found.

    ========== Regfind ==========

    Searching for "Fun4IM"
    No data found.

    Searching for "Bandoo"
    No data found.

    Searching for "Searchqu"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
    @="ISearchQueryHelper"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
    @="ISearchQueryHelper"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
    @="ISearchQueryHelper"

    Searching for "iLivid"
    No data found.

    Searching for "whitesmoke"
    No data found.

    Searching for "datamngr"
    No data found.

    Searching for "kelkoopartners"
    No data found.

    Searching for "trolltech"
    [HKEY_CURRENT_USER\Software\Trolltech]
    [HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.5\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
    [HKEY_USERS\S-1-5-21-1057294972-859772879-3047662534-1001\Software\Trolltech]
    [HKEY_USERS\S-1-5-21-1057294972-859772879-3047662534-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.5\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]

    -= EOF =-
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules