Page 1 of 3 123 LastLast
Results 1 to 10 of 30
  1. #1
    Member
    Join Date
    Dec 2008
    Location
    cornwall, new york
    Posts
    172
    Points
    0

    Default being hijacked by rivalgaming.com

    I've copied and pasted my hijack log and removed what was recommended; however, still getting pop up junk from rival gaming. Also have a fantapper up on my toolbar with firefox.

    here are logs;

    hijack this:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2:28:50 PM, on 3/2/2012
    Platform: Unknown Windows (WinNT 6.01.3505 SP1)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Safe mode

    Running processes:
    C:\Windows\Explorer.EXE
    C:\Windows\system32\ctfmon.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo!
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = blekko | spam free search
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: (no name) - {11111111-1111-1111-1111-110011221158} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - (no file)
    O2 - BHO: Spam Free Search Bar - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files\blekkotb\blekkoDx.dll (file missing)
    O2 - BHO: RivalGaming Games - {26D675AC-D925-4bbf-A720-62C2AA4A81EB} - C:\Program Files\RivalGaming\RivalGaming.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {8A86D350-37AB-410A-8531-7D1363F317B3} - (no file)
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: (no name) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Spam Free Search Bar - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files\blekkotb\blekkoDx.dll (file missing)
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
    O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\RunOnce: [SpybotDeletingB6125] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\data.xml"
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h20364.www2.hp.com/CSMWeb/Cus...ataManager.CAB
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} (Verizon Wireless Media Upload) - http://picture.vzw.com/activex/Veriz...oadControl.cab
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\aestsrv.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\SPLASH.SYS\config\DVMExportService.exe
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\Windows\system32\spool\DRIVERS\W32X86\3\HPBPRO.EXE
    O23 - Service: HP Status Server - Hewlett-Packard Company - C:\Windows\system32\spool\DRIVERS\W32X86\3\HPBOID.EXE
    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: IHA_MessageCenter - Verizon - C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
    O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\STacSV.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 8797 bytes


    malware:

    Malwarebytes Anti-Malware 1.60.1.1000
    Malwarebytes : Free anti-malware, anti-virus and spyware removal download

    Database version: v2012.03.09.09

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 9.0.8112.16421
    kmailler :: KMAILLER-PC [administrator]

    3/10/2012 6:10:23 AM
    mbam-log-2012-03-10 (06-10-23).txt

    Scan type: Full scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 69531
    Time elapsed: 33 minute(s), 26 second(s) [aborted]

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)


    Superantispyware:

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 03/07/2012 at 10:26 AM

    Application Version : 5.0.1144

    Core Rules Database Version : 8310
    Trace Rules Database Version: 6122

    Scan type : Complete Scan
    Total Scan Time : 01:51:01

    Operating System Information
    Windows 7 Starter 32-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 614
    Memory threats detected : 0
    Registry items scanned : 35038
    Registry threats detected : 0
    File items scanned : 61868
    File threats detected : 133

    Adware.Tracking Cookie
    C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Cookies\K50K0K6N.txt [ /invitemedia.com ]
    C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Cookies\CO7DVX09.txt [ /ads.pgatour.com ]
    C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Cookies\NG2ER8RJ.txt [ /yieldmanager.net ]
    C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Cookies\N7G0DLC2.txt [ /akamai.interclickproxy.com ]
    C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Cookies\G2AP42FA.txt [ /adserv.brandaffinity.net ]
    C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Cookies\TRAFN0DW.txt [ /steelhousemedia.com ]
    C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Cookies\JF4KX8DC.txt [ /a1.interclick.com ]
    C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Cookies\DW8XAS37.txt [ /interclick.com ]
    C:\USERS\KMAILLER\Cookies\K50K0K6N.txt [ Cookie:kmailler@invitemedia.com/ ]
    C:\USERS\KMAILLER\Cookies\NG2ER8RJ.txt [ Cookie:kmailler@yieldmanager.net/ ]
    C:\USERS\KMAILLER\Cookies\N7G0DLC2.txt [ Cookie:kmailler@akamai.interclickproxy.com/ ]
    C:\USERS\KMAILLER\Cookies\G2AP42FA.txt [ Cookie:kmailler-pc$@adserv.brandaffinity.net/ ]
    C:\USERS\KMAILLER\Cookies\TRAFN0DW.txt [ Cookie:kmailler@steelhousemedia.com/ ]
    C:\USERS\KMAILLER\Cookies\DW8XAS37.txt [ Cookie:kmailler@interclick.com/ ]
    adimages.scrippsnetworks.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BAXH2V8K ]
    core.insightexpressai.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BAXH2V8K ]
    ia.media-imdb.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BAXH2V8K ]
    l.content.oddcast.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BAXH2V8K ]
    .getclicky.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .static.getclicky.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    in.getclicky.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .akamai.interclickproxy.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    click2trax.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    clickhurdle.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    sales.liveperson.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    adserv.brandaffinity.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    webtracker.educationconnection.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    server.iad.liveperson.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    adserv.brandaffinity.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    adserv.brandaffinity.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    adserv.brandaffinity.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .findagrave.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .findagrave.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .findagrave.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .findagrave.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .clickfuse.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    network.realmedia.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .adserver.adtechus.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .adfarm1.adition.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .clickfuse.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    mediaforceltd.go2jump.org [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    mediaforceltd.go2jump.org [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .adxpose.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    BurstMedia [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .adfarm1.adition.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .adfarm1.adition.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    ad2.adfarm1.adition.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .adfarm1.adition.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .image2.findagrave.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .image2.findagrave.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .image2.findagrave.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    adserv.brandaffinity.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .adserver.adtechus.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .findagrave.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .findagrave.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .findagrave.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .findagrave.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]
    .findagrave.com [ C:\USERS\KMAILLER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0JSOVF5M.DEFAULT\COOKIES.SQLITE ]


    I always clean the adware junk every other day. Seems my friends at findagrave.com don't protect their site very well


    thanks for the help!

    Kathy

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hi kmailler,

    Lets get another log that will help our expert to better guide you.

    We need to see some information about what is happening in your machine. Please perform the following scan:
    • Download DDS by sUBs from one of the following links. Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
    • Notepad will open with the results.
    • Follow the instructions that pop up for posting the results.
    • Close the program window, and delete the program from your desktop.
    Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

    Information on A/V control HERE

  3. #3
    Member
    Join Date
    Dec 2008
    Location
    cornwall, new york
    Posts
    172
    Points
    0

    Default

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
    Run by kmailler at 7:20:41 on 2012-03-15
    Microsoft Windows 7 Starter 6.1.7601.1.1252.1.1033.18.1015.301 [GMT -4:00]
    .
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\STacSV.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\aestsrv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\SPLASH.SYS\config\DVMExportService.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
    C:\Windows\system32\taskhost.exe
    C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Secunia\PSI\PSIA.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
    C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Secunia\PSI\sua.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\conhost.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.yahoo.com/
    uWindow Title = Windows Internet Explorer provided by Yahoo!
    uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9
    mStart Page = hxxp://www.yahoo.com
    uInternet Settings,ProxyOverride = *.local
    mURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn2\YTNavAssist.dll
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn2\YTSingleInstance.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    uRun: [ISUSPM] "c:\programdata\flexnet\connect\11\ISUSPM.exe" -scheduler
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [Anti-phishing Domain Advisor] "c:\programdata\anti-phishing domain advisor\visicom_antiphishing.exe"
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    dPolicies-system: WallpaperStyle = 2
    DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxp://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
    DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
    DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} - hxxp://picture.vzw.com/activex/VerizonWirelessUploadControl.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{5A04BA88-09FB-4038-BFA9-60C91EBAA696} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{D1FD69A4-5E71-4A67-AAB3-A3E4A0118D19} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{D1FD69A4-5E71-4A67-AAB3-A3E4A0118D19}\3363654463 : DhcpNameServer = 192.168.1.1 68.237.161.12
    TCP: Interfaces\{D1FD69A4-5E71-4A67-AAB3-A3E4A0118D19}\37471636B6 : DhcpNameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{D1FD69A4-5E71-4A67-AAB3-A3E4A0118D19}\8413233543 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{D1FD69A4-5E71-4A67-AAB3-A3E4A0118D19}\86F6573756 : DhcpNameServer = 207.69.188.185 207.69.188.186 207.69.188.187
    Handler: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - c:\program files\common files\g7ps\shared files\g7psdll\G7PS.dll
    Notify: igfxcui - igfxdev.dll
    mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\kmailler\appdata\roaming\mozilla\firefox\profiles\0jsovf5m.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
    FF - prefs.js: browser.search.selectedEngine - Blekko
    FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
    FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z208&form=ZGAADF&install_date=20111208&q=
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\livingplay games\nplplaypop.dll
    FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
    FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\2\NP_wtapp.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\users\kmailler\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
    .
    FF - user.js: extensions.autoDisableScopes - 14
    FF - user.js: security.csp.enable - false
    .
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 DVMIO;DVMIO;c:\splash.sys\config\dvmio.sys [2009-7-27 16984]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
    R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_fa0513b7754bf240\AEstSrv.exe [2009-3-2 81920]
    R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-6-15 249648]
    R2 DvmMDES;DeviceVM Meta Data Export Service;c:\splash.sys\config\DVMExportService.exe [2009-7-8 323584]
    R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\hewlett-packard\hp support framework\HPSA_Service.exe [2011-6-21 85560]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\hewlett-packard\shared\HPDrvMntSvc.exe [2011-3-28 94264]
    R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\verizon\iha_messagecenter\bin\Verizon_IHAMessageCenter.exe [2011-10-28 286736]
    R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-1-10 993848]
    R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-1-10 399416]
    R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-4-22 92592]
    R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2009-11-13 58368]
    R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-23 136176]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-7-7 195336]
    S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-23 136176]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
    S3 rcmirror;rcmirror;c:\windows\system32\drivers\rcmirror.sys [2008-10-8 3328]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-9-24 167424]
    S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
    S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
    S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-23 52224]
    S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-13 17920]
    .
    =============== Created Last 30 ================
    .
    2012-03-14 11:22:32 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-03-14 11:22:26 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-03-14 00:01:45 2343424 ----a-w- c:\windows\system32\win32k.sys
    2012-03-14 00:01:40 1077248 ----a-w- c:\windows\system32\DWrite.dll
    2012-03-14 00:00:21 826880 ----a-w- c:\windows\system32\rdpcore.dll
    2012-03-14 00:00:19 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
    2012-03-14 00:00:18 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-03-14 00:00:14 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
    2012-03-14 00:00:14 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
    2012-03-14 00:00:12 58880 ----a-w- c:\windows\system32\rdpwsx.dll
    2012-03-01 11:36:59 -------- d-----w- c:\users\kmailler\appdata\local\blekkotb_001
    2012-03-01 11:36:51 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
    2012-03-01 11:36:29 -------- d-----w- c:\programdata\Tarma Installer
    2012-02-15 11:58:28 478720 ----a-w- c:\windows\system32\timedate.cpl
    2012-02-15 11:58:13 690688 ----a-w- c:\windows\system32\msvcrt.dll
    2012-02-15 11:57:55 442880 ----a-w- c:\windows\system32\ntshrui.dll
    2012-02-14 16:46:41 -------- d-----w- c:\users\kmailler\appdata\local\APN
    2012-02-14 16:45:29 -------- d-----w- c:\program files\RivalGaming
    .
    ==================== Find3M ====================
    .
    2012-02-22 15:57:38 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-01-28 21:15:08 103720 ----a-w- c:\users\kmailler\GoToAssistDownloadHelper.exe
    .
    ============= FINISH: 7:24:17.66 ===============

  4. #4
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello kmailler,


    Please run the following tools and post their logs.


    1.
    Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
    • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
      Vista/Windows 7 users right-click and select Run As Administrator.
    • If TDSSKiller does not run, try renaming it.
    • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
    • Click the Start Scan button.
    • Do not use the computer during the scan
    • If the scan completes with nothing found, click Close to exit.
    • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
      Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
    • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C.
    • Copy and paste the contents of that file in your next reply.




    2.
    Install Recovery Console and Run ComboFix

    This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

    Download Combofix from any of the links below, and save it to your desktop.

    Link 1
    Link 2
    • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
    • Close any open windows, including this one.
    • Double click on ComboFix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    • If you did not have it installed, you will see the prompt below. Choose YES.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
    should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    • Click on Yes, to continue scanning for malware.
    • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
    Leave your computer alone while ComboFix is running.
    ComboFix will restart your computer if malware is found; allow it to do so.


    Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.


    Things to include in your next reply::
    TDssKiller log
    Combofix.txt
    How is your machine running now?
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  5. #5
    Member
    Join Date
    Dec 2008
    Location
    cornwall, new york
    Posts
    172
    Points
    0

    Default

    22:31:32.0362 1324 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
    22:31:32.0842 1324 ============================================================
    22:31:32.0842 1324 Current date / time: 2012/03/18 22:31:32.0842
    22:31:32.0842 1324 SystemInfo:
    22:31:32.0842 1324
    22:31:32.0843 1324 OS Version: 6.1.7601 ServicePack: 1.0
    22:31:32.0843 1324 Product type: Workstation
    22:31:32.0843 1324 ComputerName: KMAILLER-PC
    22:31:32.0844 1324 UserName: kmailler
    22:31:32.0844 1324 Windows directory: C:\Windows
    22:31:32.0844 1324 System windows directory: C:\Windows
    22:31:32.0844 1324 Processor architecture: Intel x86
    22:31:32.0844 1324 Number of processors: 2
    22:31:32.0844 1324 Page size: 0x1000
    22:31:32.0844 1324 Boot type: Normal boot
    22:31:32.0844 1324 ============================================================
    22:31:34.0050 1324 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    22:31:34.0057 1324 \Device\Harddisk0\DR0:
    22:31:34.0058 1324 MBR used
    22:31:34.0058 1324 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x112F0800
    22:31:34.0058 1324 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x112F1000, BlocksNum 0x16C3000
    22:31:34.0058 1324 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x129B4000, BlocksNum 0x64800
    22:31:34.0141 1324 Initialize success
    22:31:34.0142 1324 ============================================================
    22:31:36.0413 3616 ============================================================
    22:31:36.0413 3616 Scan started
    22:31:36.0414 3616 Mode: Manual;
    22:31:36.0414 3616 ============================================================
    22:31:38.0165 3616 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
    22:31:38.0188 3616 1394ohci - ok
    22:31:38.0361 3616 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
    22:31:38.0370 3616 ACPI - ok
    22:31:38.0447 3616 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
    22:31:38.0451 3616 AcpiPmi - ok
    22:31:38.0516 3616 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
    22:31:38.0531 3616 adp94xx - ok
    22:31:38.0636 3616 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
    22:31:38.0647 3616 adpahci - ok
    22:31:38.0731 3616 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
    22:31:38.0750 3616 adpu320 - ok
    22:31:38.0889 3616 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
    22:31:38.0900 3616 AFD - ok
    22:31:38.0961 3616 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
    22:31:38.0967 3616 agp440 - ok
    22:31:39.0032 3616 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
    22:31:39.0037 3616 aic78xx - ok
    22:31:39.0194 3616 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
    22:31:39.0199 3616 aliide - ok
    22:31:39.0253 3616 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
    22:31:39.0258 3616 amdagp - ok
    22:31:39.0311 3616 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
    22:31:39.0316 3616 amdide - ok
    22:31:39.0424 3616 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
    22:31:39.0429 3616 AmdK8 - ok
    22:31:39.0503 3616 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
    22:31:39.0507 3616 AmdPPM - ok
    22:31:39.0582 3616 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
    22:31:39.0587 3616 amdsata - ok
    22:31:39.0683 3616 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
    22:31:39.0693 3616 amdsbs - ok
    22:31:39.0772 3616 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
    22:31:39.0778 3616 amdxata - ok
    22:31:39.0848 3616 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
    22:31:39.0852 3616 AppID - ok
    22:31:40.0051 3616 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
    22:31:40.0057 3616 arc - ok
    22:31:40.0115 3616 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
    22:31:40.0121 3616 arcsas - ok
    22:31:40.0198 3616 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
    22:31:40.0202 3616 AsyncMac - ok
    22:31:40.0262 3616 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
    22:31:40.0266 3616 atapi - ok
    22:31:40.0360 3616 athr (76bab0c824e2d05b940c4dd40a9b08bf) C:\Windows\system32\DRIVERS\athr.sys
    22:31:40.0406 3616 athr - ok
    22:31:40.0570 3616 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
    22:31:40.0584 3616 b06bdrv - ok
    22:31:40.0664 3616 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
    22:31:40.0675 3616 b57nd60x - ok
    22:31:41.0000 3616 BCM43XX (3da1c04ea8c09a9f77a951d5ae4f8cfc) C:\Windows\system32\DRIVERS\bcmwl6.sys
    22:31:41.0101 3616 BCM43XX - ok
    22:31:41.0185 3616 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
    22:31:41.0189 3616 Beep - ok
    22:31:41.0311 3616 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
    22:31:41.0315 3616 blbdrive - ok
    22:31:41.0479 3616 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
    22:31:41.0484 3616 bowser - ok
    22:31:41.0564 3616 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    22:31:41.0567 3616 BrFiltLo - ok
    22:31:41.0601 3616 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    22:31:41.0604 3616 BrFiltUp - ok
    22:31:41.0663 3616 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
    22:31:41.0673 3616 Brserid - ok
    22:31:41.0711 3616 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
    22:31:41.0717 3616 BrSerWdm - ok
    22:31:41.0762 3616 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
    22:31:41.0768 3616 BrUsbMdm - ok
    22:31:41.0805 3616 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
    22:31:41.0809 3616 BrUsbSer - ok
    22:31:41.0874 3616 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
    22:31:41.0877 3616 BthEnum - ok
    22:31:41.0926 3616 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
    22:31:41.0931 3616 BTHMODEM - ok
    22:31:41.0986 3616 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
    22:31:41.0992 3616 BthPan - ok
    22:31:42.0069 3616 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
    22:31:42.0082 3616 BTHPORT - ok
    22:31:42.0166 3616 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
    22:31:42.0173 3616 BTHUSB - ok
    22:31:42.0232 3616 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
    22:31:42.0240 3616 cdfs - ok
    22:31:42.0355 3616 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
    22:31:42.0361 3616 cdrom - ok
    22:31:42.0417 3616 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
    22:31:42.0422 3616 circlass - ok
    22:31:42.0505 3616 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
    22:31:42.0517 3616 CLFS - ok
    22:31:42.0600 3616 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
    22:31:42.0604 3616 CmBatt - ok
    22:31:42.0653 3616 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
    22:31:42.0657 3616 cmdide - ok
    22:31:42.0725 3616 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
    22:31:42.0737 3616 CNG - ok
    22:31:42.0797 3616 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
    22:31:42.0800 3616 Compbatt - ok
    22:31:42.0879 3616 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
    22:31:42.0883 3616 CompositeBus - ok
    22:31:42.0937 3616 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
    22:31:42.0941 3616 crcdisk - ok
    22:31:43.0059 3616 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
    22:31:43.0063 3616 DfsC - ok
    22:31:43.0129 3616 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
    22:31:43.0144 3616 discache - ok
    22:31:43.0286 3616 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
    22:31:43.0292 3616 Disk - ok
    22:31:43.0393 3616 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
    22:31:43.0397 3616 drmkaud - ok
    22:31:43.0502 3616 DVMIO (6368d6a6dda2e44eecc592eb50950463) C:\SPLASH.SYS\config\dvmio.sys
    22:31:43.0506 3616 DVMIO - ok
    22:31:43.0650 3616 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
    22:31:43.0686 3616 DXGKrnl - ok
    22:31:43.0875 3616 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
    22:31:43.0988 3616 ebdrv - ok
    22:31:44.0126 3616 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
    22:31:44.0152 3616 elxstor - ok
    22:31:44.0199 3616 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
    22:31:44.0202 3616 ErrDev - ok
    22:31:44.0289 3616 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
    22:31:44.0296 3616 exfat - ok
    22:31:44.0338 3616 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
    22:31:44.0346 3616 fastfat - ok
    22:31:44.0401 3616 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
    22:31:44.0404 3616 fdc - ok
    22:31:44.0512 3616 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
    22:31:44.0518 3616 FileInfo - ok
    22:31:44.0545 3616 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
    22:31:44.0549 3616 Filetrace - ok
    22:31:44.0587 3616 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
    22:31:44.0591 3616 flpydisk - ok
    22:31:44.0641 3616 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
    22:31:44.0651 3616 FltMgr - ok
    22:31:44.0771 3616 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
    22:31:44.0776 3616 FsDepends - ok
    22:31:44.0807 3616 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
    22:31:44.0811 3616 Fs_Rec - ok
    22:31:44.0878 3616 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
    22:31:44.0886 3616 fvevol - ok
    22:31:44.0980 3616 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
    22:31:44.0986 3616 gagp30kx - ok
    22:31:45.0075 3616 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    22:31:45.0079 3616 GEARAspiWDM - ok
    22:31:45.0268 3616 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
    22:31:45.0273 3616 hcw85cir - ok
    22:31:45.0341 3616 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
    22:31:45.0353 3616 HdAudAddService - ok
    22:31:45.0455 3616 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
    22:31:45.0460 3616 HDAudBus - ok
    22:31:45.0535 3616 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
    22:31:45.0538 3616 HidBatt - ok
    22:31:45.0594 3616 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
    22:31:45.0599 3616 HidBth - ok
    22:31:45.0637 3616 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
    22:31:45.0641 3616 HidIr - ok
    22:31:45.0741 3616 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
    22:31:45.0744 3616 HidUsb - ok
    22:31:46.0053 3616 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
    22:31:46.0061 3616 HpSAMD - ok
    22:31:46.0144 3616 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
    22:31:46.0177 3616 HTTP - ok
    22:31:46.0228 3616 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
    22:31:46.0232 3616 hwpolicy - ok
    22:31:46.0309 3616 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
    22:31:46.0316 3616 i8042prt - ok
    22:31:46.0380 3616 iaStor (d483687eace0c065ee772481a96e05f5) C:\Windows\system32\DRIVERS\iaStor.sys
    22:31:46.0387 3616 iaStor - ok
    22:31:46.0452 3616 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
    22:31:46.0463 3616 iaStorV - ok
    22:31:46.0699 3616 igfx (a79416044080f5ade931517c45be9d58) C:\Windows\system32\DRIVERS\igdkmd32.sys
    22:31:46.0846 3616 igfx - ok
    22:31:46.0986 3616 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
    22:31:46.0991 3616 iirsp - ok
    22:31:47.0064 3616 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
    22:31:47.0067 3616 intelide - ok
    22:31:47.0111 3616 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
    22:31:47.0115 3616 intelppm - ok
    22:31:47.0179 3616 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    22:31:47.0186 3616 IpFilterDriver - ok
    22:31:47.0257 3616 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
    22:31:47.0262 3616 IPMIDRV - ok
    22:31:47.0300 3616 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
    22:31:47.0306 3616 IPNAT - ok
    22:31:47.0380 3616 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
    22:31:47.0384 3616 IRENUM - ok
    22:31:47.0435 3616 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
    22:31:47.0439 3616 isapnp - ok
    22:31:47.0486 3616 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
    22:31:47.0495 3616 iScsiPrt - ok
    22:31:47.0557 3616 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
    22:31:47.0561 3616 kbdclass - ok
    22:31:47.0602 3616 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
    22:31:47.0606 3616 kbdhid - ok
    22:31:47.0697 3616 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
    22:31:47.0703 3616 KSecDD - ok
    22:31:47.0748 3616 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
    22:31:47.0756 3616 KSecPkg - ok
    22:31:47.0837 3616 L1C (3705b2273e8efc9a707864ab7324b614) C:\Windows\system32\DRIVERS\L1C62x86.sys
    22:31:47.0842 3616 L1C - ok
    22:31:47.0911 3616 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
    22:31:47.0915 3616 lltdio - ok
    22:31:47.0993 3616 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
    22:31:47.0998 3616 LSI_FC - ok
    22:31:48.0028 3616 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
    22:31:48.0033 3616 LSI_SAS - ok
    22:31:48.0083 3616 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    22:31:48.0089 3616 LSI_SAS2 - ok
    22:31:48.0133 3616 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    22:31:48.0139 3616 LSI_SCSI - ok
    22:31:48.0196 3616 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
    22:31:48.0204 3616 luafv - ok
    22:31:48.0327 3616 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
    22:31:48.0332 3616 megasas - ok
    22:31:48.0393 3616 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
    22:31:48.0402 3616 MegaSR - ok
    22:31:48.0484 3616 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
    22:31:48.0489 3616 Modem - ok
    22:31:48.0540 3616 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
    22:31:48.0542 3616 monitor - ok
    22:31:48.0649 3616 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
    22:31:48.0655 3616 mouclass - ok
    22:31:48.0713 3616 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
    22:31:48.0717 3616 mouhid - ok
    22:31:48.0777 3616 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
    22:31:48.0783 3616 mountmgr - ok
    22:31:48.0853 3616 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
    22:31:48.0858 3616 mpio - ok
    22:31:48.0903 3616 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
    22:31:48.0908 3616 mpsdrv - ok
    22:31:48.0971 3616 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
    22:31:48.0977 3616 MRxDAV - ok
    22:31:49.0041 3616 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
    22:31:49.0047 3616 mrxsmb - ok
    22:31:49.0111 3616 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    22:31:49.0121 3616 mrxsmb10 - ok
    22:31:49.0179 3616 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    22:31:49.0185 3616 mrxsmb20 - ok
    22:31:49.0250 3616 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
    22:31:49.0255 3616 msahci - ok
    22:31:49.0313 3616 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
    22:31:49.0320 3616 msdsm - ok
    22:31:49.0410 3616 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
    22:31:49.0415 3616 Msfs - ok
    22:31:49.0445 3616 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
    22:31:49.0450 3616 mshidkmdf - ok
    22:31:49.0508 3616 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
    22:31:49.0512 3616 msisadrv - ok
    22:31:49.0618 3616 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
    22:31:49.0623 3616 MSKSSRV - ok
    22:31:49.0673 3616 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
    22:31:49.0679 3616 MSPCLOCK - ok
    22:31:49.0714 3616 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
    22:31:49.0717 3616 MSPQM - ok
    22:31:49.0759 3616 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
    22:31:49.0768 3616 MsRPC - ok
    22:31:49.0849 3616 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
    22:31:49.0851 3616 mssmbios - ok
    22:31:49.0913 3616 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
    22:31:49.0918 3616 MSTEE - ok
    22:31:49.0979 3616 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
    22:31:49.0985 3616 MTConfig - ok
    22:31:50.0027 3616 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
    22:31:50.0032 3616 Mup - ok
    22:31:50.0122 3616 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
    22:31:50.0134 3616 NativeWifiP - ok
    22:31:50.0240 3616 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
    22:31:50.0272 3616 NDIS - ok
    22:31:50.0331 3616 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
    22:31:50.0337 3616 NdisCap - ok
    22:31:50.0399 3616 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
    22:31:50.0403 3616 NdisTapi - ok
    22:31:50.0480 3616 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
    22:31:50.0485 3616 Ndisuio - ok
    22:31:50.0584 3616 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
    22:31:50.0591 3616 NdisWan - ok
    22:31:50.0742 3616 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
    22:31:50.0748 3616 NDProxy - ok
    22:31:50.0811 3616 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
    22:31:50.0816 3616 NetBIOS - ok
    22:31:50.0874 3616 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
    22:31:50.0882 3616 NetBT - ok
    22:31:50.0974 3616 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
    22:31:50.0979 3616 nfrd960 - ok
    22:31:51.0038 3616 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
    22:31:51.0043 3616 Npfs - ok
    22:31:51.0114 3616 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
    22:31:51.0118 3616 nsiproxy - ok
    22:31:51.0236 3616 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
    22:31:51.0281 3616 Ntfs - ok
    22:31:51.0333 3616 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
    22:31:51.0337 3616 Null - ok
    22:31:51.0426 3616 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
    22:31:51.0439 3616 NVENETFD - ok
    22:31:51.0527 3616 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
    22:31:51.0534 3616 nvraid - ok
    22:31:51.0586 3616 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
    22:31:51.0593 3616 nvstor - ok
    22:31:51.0662 3616 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
    22:31:51.0668 3616 nv_agp - ok
    22:31:51.0728 3616 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
    22:31:51.0733 3616 ohci1394 - ok
    22:31:51.0805 3616 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
    22:31:51.0810 3616 Parport - ok
    22:31:51.0865 3616 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
    22:31:51.0869 3616 partmgr - ok
    22:31:51.0908 3616 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
    22:31:51.0911 3616 Parvdm - ok
    22:31:51.0973 3616 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
    22:31:51.0980 3616 pci - ok
    22:31:52.0029 3616 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
    22:31:52.0033 3616 pciide - ok
    22:31:52.0077 3616 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
    22:31:52.0085 3616 pcmcia - ok
    22:31:52.0125 3616 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
    22:31:52.0130 3616 pcw - ok
    22:31:52.0196 3616 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
    22:31:52.0230 3616 PEAUTH - ok
    22:31:52.0455 3616 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
    22:31:52.0461 3616 PptpMiniport - ok
    22:31:52.0524 3616 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
    22:31:52.0529 3616 Processor - ok
    22:31:52.0665 3616 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
    22:31:52.0671 3616 Psched - ok
    22:31:52.0727 3616 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\Windows\system32\DRIVERS\psi_mf.sys
    22:31:52.0731 3616 PSI - ok
    22:31:52.0813 3616 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
    22:31:52.0868 3616 ql2300 - ok
    22:31:52.0935 3616 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
    22:31:52.0942 3616 ql40xx - ok
    22:31:53.0011 3616 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
    22:31:53.0018 3616 QWAVEdrv - ok
    22:31:53.0063 3616 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
    22:31:53.0067 3616 RasAcd - ok
    22:31:53.0110 3616 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
    22:31:53.0116 3616 RasAgileVpn - ok
    22:31:53.0165 3616 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
    22:31:53.0171 3616 Rasl2tp - ok
    22:31:53.0284 3616 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
    22:31:53.0291 3616 RasPppoe - ok
    22:31:53.0341 3616 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
    22:31:53.0347 3616 RasSstp - ok
    22:31:53.0435 3616 rcmirror (aa3eaac5827c73ce50eff2883f986144) C:\Windows\system32\DRIVERS\rcmirror.sys
    22:31:53.0439 3616 rcmirror - ok
    22:31:53.0499 3616 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
    22:31:53.0510 3616 rdbss - ok
    22:31:53.0571 3616 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
    22:31:53.0575 3616 rdpbus - ok
    22:31:53.0625 3616 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
    22:31:53.0629 3616 RDPCDD - ok
    22:31:53.0685 3616 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
    22:31:53.0689 3616 RDPENCDD - ok
    22:31:53.0754 3616 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
    22:31:53.0758 3616 RDPREFMP - ok
    22:31:53.0815 3616 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
    22:31:53.0824 3616 RDPWD - ok
    22:31:53.0895 3616 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
    22:31:53.0904 3616 rdyboost - ok
    22:31:54.0006 3616 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
    22:31:54.0015 3616 RFCOMM - ok
    22:31:54.0138 3616 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
    22:31:54.0143 3616 rspndr - ok
    22:31:54.0214 3616 RSUSBSTOR (96f8dd546677aa5102150acc140377b3) C:\Windows\system32\Drivers\RtsUStor.sys
    22:31:54.0224 3616 RSUSBSTOR - ok
    22:31:54.0260 3616 RtsUIR - ok
    22:31:54.0394 3616 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    22:31:54.0398 3616 SASDIFSV - ok
    22:31:54.0434 3616 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    22:31:54.0439 3616 SASKUTIL - ok
    22:31:54.0554 3616 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
    22:31:54.0561 3616 sbp2port - ok
    22:31:54.0630 3616 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
    22:31:54.0635 3616 scfilter - ok
    22:31:54.0727 3616 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
    22:31:54.0733 3616 sdbus - ok
    22:31:54.0852 3616 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    22:31:54.0858 3616 secdrv - ok
    22:31:54.0953 3616 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
    22:31:54.0957 3616 Serenum - ok
    22:31:54.0994 3616 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
    22:31:54.0999 3616 Serial - ok
    22:31:55.0055 3616 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
    22:31:55.0059 3616 sermouse - ok
    22:31:55.0140 3616 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
    22:31:55.0144 3616 sffdisk - ok
    22:31:55.0189 3616 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
    22:31:55.0193 3616 sffp_mmc - ok
    22:31:55.0225 3616 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
    22:31:55.0230 3616 sffp_sd - ok
    22:31:55.0271 3616 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
    22:31:55.0275 3616 sfloppy - ok
    22:31:55.0350 3616 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
    22:31:55.0355 3616 sisagp - ok
    22:31:55.0422 3616 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    22:31:55.0427 3616 SiSRaid2 - ok
    22:31:55.0479 3616 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
    22:31:55.0485 3616 SiSRaid4 - ok
    22:31:55.0539 3616 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
    22:31:55.0545 3616 Smb - ok
    22:31:55.0691 3616 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
    22:31:55.0696 3616 spldr - ok
    22:31:55.0817 3616 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
    22:31:55.0829 3616 srv - ok
    22:31:55.0874 3616 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
    22:31:55.0890 3616 srv2 - ok
    22:31:55.0954 3616 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
    22:31:55.0963 3616 SrvHsfHDA - ok
    22:31:56.0037 3616 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
    22:31:56.0075 3616 SrvHsfV92 - ok
    22:31:56.0126 3616 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
    22:31:56.0172 3616 SrvHsfWinac - ok
    22:31:56.0274 3616 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
    22:31:56.0281 3616 srvnet - ok
    22:31:56.0458 3616 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
    22:31:56.0463 3616 stexstor - ok
    22:31:56.0560 3616 STHDA (ffe2d0a09c9c806b005c97076cc1034c) C:\Windows\system32\DRIVERS\stwrt.sys
    22:31:56.0584 3616 STHDA - ok
    22:31:56.0723 3616 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
    22:31:56.0727 3616 swenum - ok
    22:31:56.0776 3616 SWMX00 (7d3bd1ef302997506362e9ca4181412c) C:\Windows\system32\DRIVERS\swmx00.sys
    22:31:56.0783 3616 SWMX00 - ok
    22:31:56.0859 3616 SWNC5E00 (7390c1889dbf097e2e9a1130e5c57191) C:\Windows\system32\DRIVERS\SWNC5E00.sys
    22:31:56.0864 3616 SWNC5E00 - ok
    22:31:56.0938 3616 SynTP (502986ad48c1169072cff1e087f45a2d) C:\Windows\system32\DRIVERS\SynTP.sys
    22:31:56.0945 3616 SynTP - ok
    22:31:57.0069 3616 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
    22:31:57.0146 3616 Tcpip - ok
    22:31:57.0291 3616 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
    22:31:57.0311 3616 TCPIP6 - ok
    22:31:57.0404 3616 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
    22:31:57.0408 3616 tcpipreg - ok
    22:31:57.0485 3616 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
    22:31:57.0490 3616 TDPIPE - ok
    22:31:57.0542 3616 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
    22:31:57.0547 3616 TDTCP - ok
    22:31:57.0604 3616 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
    22:31:57.0610 3616 tdx - ok
    22:31:57.0667 3616 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
    22:31:57.0672 3616 TermDD - ok
    22:31:57.0814 3616 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
    22:31:57.0818 3616 tssecsrv - ok
    22:31:57.0893 3616 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
    22:31:57.0901 3616 TsUsbFlt - ok
    22:31:57.0970 3616 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
    22:31:57.0976 3616 tunnel - ok
    22:31:58.0013 3616 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
    22:31:58.0018 3616 uagp35 - ok
    22:31:58.0071 3616 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
    22:31:58.0079 3616 udfs - ok
    22:31:58.0176 3616 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
    22:31:58.0182 3616 uliagpkx - ok
    22:31:58.0305 3616 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
    22:31:58.0310 3616 umbus - ok
    22:31:58.0415 3616 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
    22:31:58.0418 3616 UmPass - ok
    22:31:58.0479 3616 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
    22:31:58.0485 3616 USBAAPL - ok
    22:31:58.0548 3616 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
    22:31:58.0554 3616 usbccgp - ok
    22:31:58.0603 3616 USBCCID - ok
    22:31:58.0654 3616 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
    22:31:58.0660 3616 usbcir - ok
    22:31:58.0701 3616 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
    22:31:58.0706 3616 usbehci - ok
    22:31:58.0767 3616 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
    22:31:58.0777 3616 usbhub - ok
    22:31:58.0832 3616 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
    22:31:58.0836 3616 usbohci - ok
    22:31:58.0897 3616 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
    22:31:58.0901 3616 usbprint - ok
    22:31:58.0957 3616 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
    22:31:58.0962 3616 usbscan - ok
    22:31:59.0042 3616 usbser (31181de6190b39fc8007dffd1a48ffd6) C:\Windows\system32\DRIVERS\usbser.sys
    22:31:59.0047 3616 usbser - ok
    22:31:59.0110 3616 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\drivers\USBSTOR.SYS
    22:31:59.0116 3616 USBSTOR - ok
    22:31:59.0160 3616 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
    22:31:59.0164 3616 usbuhci - ok
    22:31:59.0237 3616 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
    22:31:59.0246 3616 usbvideo - ok
    22:31:59.0333 3616 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
    22:31:59.0338 3616 vdrvroot - ok
    22:31:59.0393 3616 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
    22:31:59.0398 3616 vga - ok
    22:31:59.0446 3616 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
    22:31:59.0451 3616 VgaSave - ok
    22:31:59.0511 3616 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
    22:31:59.0545 3616 vhdmp - ok
    22:31:59.0608 3616 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
    22:31:59.0613 3616 viaagp - ok
    22:31:59.0664 3616 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
    22:31:59.0669 3616 ViaC7 - ok
    22:31:59.0730 3616 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
    22:31:59.0735 3616 viaide - ok
    22:31:59.0774 3616 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
    22:31:59.0797 3616 volmgr - ok
    22:31:59.0848 3616 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
    22:31:59.0861 3616 volmgrx - ok
    22:31:59.0921 3616 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
    22:31:59.0931 3616 volsnap - ok
    22:31:59.0990 3616 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
    22:31:59.0997 3616 vsmraid - ok
    22:32:00.0063 3616 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
    22:32:00.0066 3616 vwifibus - ok
    22:32:00.0113 3616 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
    22:32:00.0117 3616 vwififlt - ok
    22:32:00.0171 3616 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
    22:32:00.0174 3616 vwifimp - ok
    22:32:00.0282 3616 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
    22:32:00.0287 3616 WacomPen - ok
    22:32:00.0356 3616 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
    22:32:00.0361 3616 WANARP - ok
    22:32:00.0374 3616 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
    22:32:00.0377 3616 Wanarpv6 - ok
    22:32:00.0467 3616 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
    22:32:00.0471 3616 Wd - ok
    22:32:00.0526 3616 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    22:32:00.0554 3616 Wdf01000 - ok
    22:32:00.0695 3616 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
    22:32:00.0703 3616 WfpLwf - ok
    22:32:00.0739 3616 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
    22:32:00.0743 3616 WIMMount - ok
    22:32:00.0985 3616 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
    22:32:00.0990 3616 WinUsb - ok
    22:32:01.0058 3616 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
    22:32:01.0060 3616 WmiAcpi - ok
    22:32:01.0192 3616 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
    22:32:01.0198 3616 ws2ifsl - ok
    22:32:01.0271 3616 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys
    22:32:01.0276 3616 WSDPrintDevice - ok
    22:32:01.0375 3616 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
    22:32:01.0381 3616 WudfPf - ok
    22:32:01.0475 3616 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
    22:32:01.0482 3616 WUDFRd - ok
    22:32:01.0607 3616 MBR (0x1B8) (d645dd0274f8f5c9f4843dec2a01384f) \Device\Harddisk0\DR0
    22:32:01.0649 3616 \Device\Harddisk0\DR0 - ok
    22:32:01.0709 3616 Boot (0x1200) (ac41370ccc2c10a14511f2df0a906a1d) \Device\Harddisk0\DR0\Partition0
    22:32:01.0713 3616 \Device\Harddisk0\DR0\Partition0 - ok
    22:32:01.0749 3616 Boot (0x1200) (1498d7ef0fe7eb91fd9abb6ddd7c4fca) \Device\Harddisk0\DR0\Partition1
    22:32:01.0753 3616 \Device\Harddisk0\DR0\Partition1 - ok
    22:32:01.0778 3616 Boot (0x1200) (61a9b6634edfaf25122a761b4349e7fc) \Device\Harddisk0\DR0\Partition2
    22:32:01.0782 3616 \Device\Harddisk0\DR0\Partition2 - ok
    22:32:01.0795 3616 ============================================================
    22:32:01.0796 3616 Scan finished
    22:32:01.0796 3616 ============================================================
    22:32:01.0835 1684 Detected object count: 0
    22:32:01.0835 1684 Actual detected object count: 0

  6. #6
    Member
    Join Date
    Dec 2008
    Location
    cornwall, new york
    Posts
    172
    Points
    0

    Default

    ComboFix 12-03-18.01 - kmailler 03/18/2012 22:41:01.3.2 - x86
    Microsoft Windows 7 Starter 6.1.7601.1.1252.1.1033.18.1015.379 [GMT -4:00]
    Running from: c:\users\kmailler\Documents\ComboFix.exe
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\Tarma Installer
    c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setup.dll
    c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll
    c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.dat
    c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.exe
    c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.ico
    c:\users\kmailler\GoToAssistDownloadHelper.exe
    c:\windows\security\Database\tmp.edb
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-02-19 to 2012-03-19 )))))))))))))))))))))))))))))))
    .
    .
    2012-03-19 02:59 . 2012-03-19 03:03 -------- d-----w- c:\users\kmailler\AppData\Local\temp
    2012-03-19 02:59 . 2012-03-19 02:59 -------- d-----w- c:\users\Public\AppData\Local\temp
    2012-03-19 02:59 . 2012-03-19 02:59 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-03-14 11:22 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-03-14 11:22 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-03-14 00:01 . 2012-02-03 03:54 2343424 ----a-w- c:\windows\system32\win32k.sys
    2012-03-14 00:01 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\system32\DWrite.dll
    2012-03-14 00:00 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll
    2012-03-14 00:00 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
    2012-03-14 00:00 . 2012-02-17 04:14 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-03-14 00:00 . 2012-01-25 05:32 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
    2012-03-14 00:00 . 2012-01-25 05:27 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
    2012-03-14 00:00 . 2012-01-25 05:32 58880 ----a-w- c:\windows\system32\rdpwsx.dll
    2012-03-01 11:36 . 2012-03-01 11:37 -------- d-----w- c:\users\kmailler\AppData\Local\blekkotb_001
    2012-03-01 11:36 . 2012-03-01 11:36 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-02-22 15:57 . 2011-07-05 17:18 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-01-04 08:58 . 2012-02-15 11:57 442880 ----a-w- c:\windows\system32\ntshrui.dll
    2011-12-30 05:27 . 2012-02-15 11:58 478720 ----a-w- c:\windows\system32\timedate.cpl
    2011-12-14 11:25 . 2011-07-22 18:02 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-03-10 3905920]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
    "Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-01-17 232616]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
    "WallpaperStyle"= 2
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\rundisabled]
    "AppleSyncNotifier"=c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
    "UpdatePRCShortCut"="c:\program files\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "c:\program files\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
    "HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
    "WirelessAssistant"=c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    "YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe"
    "SysTrayApp"=c:\program files\IDT\WDM\sttray.exe
    "IgfxTray"=c:\windows\system32\igfxtray.exe
    "HotKeysCmds"=c:\windows\system32\hkcmd.exe
    "Persistence"=c:\windows\system32\igfxpers.exe
    "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-23 136176]
    R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
    R3 GamesAppService;GamesAppService;c:\program files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-23 136176]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
    R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys [2008-10-08 3328]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 167424]
    R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
    R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
    S1 DVMIO;DVMIO;c:\splash.sys\config\dvmio.sys [2009-07-27 16984]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
    S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\aestsrv.exe [2009-03-02 81920]
    S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
    S2 DvmMDES;DeviceVM Meta Data Export Service;c:\splash.sys\config\DVMExportService.exe [2009-07-09 323584]
    S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
    S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
    S2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2011-10-28 286736]
    S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2011-01-10 993848]
    S2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [2011-01-10 399416]
    S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592]
    S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2009-11-13 58368]
    S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - 58381318
    *Deregistered* - 58381318
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
    2009-07-14 01:14 126464 ----a-w- c:\windows\System32\advpack.dll
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-23 21:07]
    .
    2012-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-23 21:07]
    .
    2012-02-26 c:\windows\Tasks\HPCeeScheduleForkmailler.job
    - c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 09:22]
    .
    2011-09-26 c:\windows\Tasks\RegInOut Scheduled Scan - kmailler.job
    - c:\program files\RegInOut\RegInOut.exe [2011-02-07 21:24]
    .
    2011-01-06 c:\windows\Tasks\SDMsgUpdate (TE).job
    - c:\smartd~1\Messages\SDNotify.exe [2011-01-06 17:29]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.yahoo.com/
    mStart Page = hxxp://www.yahoo.com
    uInternet Settings,ProxyOverride = *.local
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\kmailler\AppData\Roaming\Mozilla\Firefox\Profiles\0jsovf5m.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
    FF - prefs.js: browser.search.selectedEngine - Blekko
    FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
    FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z208&form=ZGAADF&install_date=20111208&q=
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
    FF - user.js: extensions.autoDisableScopes - 14
    FF - user.js: security.csp.enable - false
    .
    - - - - ORPHANS REMOVED - - - -
    .
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    HKCU-Run-ISUSPM - c:\programdata\FLEXnet\Connect\11\ISUSPM.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
    @Denied: (2) (LocalSystem)
    "{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,
    eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c
    "{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
    8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
    "{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
    89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
    "{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,
    06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64
    "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
    94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
    "{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
    d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
    "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
    df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
    "{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,
    f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95
    "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
    27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
    "{11111111-1111-1111-1111-110011221158}"=hex:51,66,7a,6c,4c,1d,38,12,7f,12,02,
    15,23,5f,7f,54,6e,07,52,40,14,7c,55,4c
    "{20A0BE68-8FD9-4539-8712-CE3D1C1FDFC6}"=hex:51,66,7a,6c,4c,1d,38,12,06,bd,b3,
    24,eb,c1,57,00,f8,04,8d,7d,19,41,9b,d2
    "{26D675AC-D925-4BBF-A720-62C2AA4A81EB}"=hex:51,66,7a,6c,4c,1d,38,12,c2,76,c5,
    22,17,97,d1,0e,d8,36,21,82,af,14,c5,ff
    "{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
    57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
    "{8A86D350-37AB-410A-8531-7D1363F317B3}"=hex:51,66,7a,6c,4c,1d,38,12,3e,d0,95,
    8e,99,79,64,04,fa,27,3e,53,66,ad,53,a7
    "{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
    ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
    "{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,38,12,70,05,61,
    f9,ec,d1,23,0d,da,9c,48,eb,44,0f,8e,cc
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
    @Denied: (2) (LocalSystem)
    "Timestamp"=hex:b9,77,6b,50,e5,f7,cc,01
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2012-03-18 23:09:01
    ComboFix-quarantined-files.txt 2012-03-19 03:09
    .
    Pre-Run: 94,861,352,960 bytes free
    Post-Run: 94,784,094,208 bytes free
    .
    - - End Of File - - 3E19AAC55FE3DA2DEF7CF7F8D792DD1B

  7. #7
    Member
    Join Date
    Dec 2008
    Location
    cornwall, new york
    Posts
    172
    Points
    0

    Default

    After I posted both logs I rebooted and it looks like the pop up junk is gone. I do still see a toolbar called fantapper. Ever heard of this one and how to delete it?

  8. #8
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello,

    When you ran DDS it should have produced a file on your desktop named Attach.txt. Please post that file for my review.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  9. #9
    Member
    Join Date
    Dec 2008
    Location
    cornwall, new york
    Posts
    172
    Points
    0

    Default

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Starter
    Boot Device: \Device\HarddiskVolume3
    Install Date: 12/25/2009 6:42:55 AM
    System Uptime: 3/21/2012 6:57:15 AM (1 hours ago)
    .
    Motherboard: Hewlett-Packard | | 308F
    Processor: Intel(R) Atom(TM) CPU N270 @ 1.60GHz | CPU 1 | 1600/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 137 GiB total, 87.928 GiB free.
    D: is FIXED (NTFS) - 11 GiB total, 1.906 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP529: 2/21/2012 11:25:03 AM - Removed ASPCA Tri Reminder by We-Care.com v4.0.13.5
    RP530: 2/21/2012 11:26:35 AM - Removed ASPCA Tri Reminder by We-Care.com v4.0.13.5
    RP531: 2/21/2012 11:31:32 AM - Removed ASPCA Tri Reminder by We-Care.com v4.0.13.5
    RP532: 3/1/2012 7:04:01 AM - Scheduled Checkpoint
    RP533: 3/1/2012 2:49:34 PM - Removed Fantapper Player
    RP534: 3/2/2012 3:25:20 PM - Windows Update
    RP535: 3/14/2012 7:20:50 AM - Windows Update
    RP536: 3/15/2012 7:14:17 AM - avast! Free Antivirus Setup
    RP537: 3/18/2012 10:37:14 PM - ComboFix created restore point
    .
    ==== Installed Programs ======================
    .
    4 Elements II
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.0.1)
    Adobe Shockwave Player
    Adobe Shockwave Player 11.5
    AIM 7
    Amazon Kindle For PC
    Amazon MP3 Uploader
    Anti-phishing Domain Advisor
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ArcSoft WebCam Companion 3
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    Bing Bar
    Bonjour
    Broadcom 802.11 Wireless LAN Adapter
    Choice Guard
    Compatibility Pack for the 2007 Office system
    CopyTrans Suite Remove Only
    Coupon Printer for Windows
    Customer Support Tool A206
    CyberLink DVD Suite
    Download Updater (AOL LLC)
    ESET Online Scanner v3
    Google Chrome
    Google Earth
    Google Toolbar for Internet Explorer
    Google Update Helper
    Hewlett-Packard ACLM.NET v1.1.1.0
    HijackThis 2.0.2
    HostsMan 3.2.73
    HP Customer Experience Enhancements
    HP Games
    HP Instant Web
    HP QuickSync
    HP Setup
    HP Update
    HP User Guides 0166
    HP Wireless Assistant
    iCloud
    IDT Audio
    IHA_MessageCenter
    InstallIQ Updater
    Intel(R) Graphics Media Accelerator Driver
    Intel® Matrix Storage Manager
    IrfanView (remove only)
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 26
    Magic Academy 2
    Malwarebytes Anti-Malware version 1.60.1.1000
    McAfee Security Scan Plus
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Live Search Toolbar
    Microsoft Office Home and Student 60 day trial
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Works
    MobileMe Control Panel
    Mozilla Firefox 8.0.1 (x86 en-US)
    MSVCRT
    MSXML 4.0 SP3 Parser (KB973685)
    MWSnap 3
    NOOK for PC
    OGA Notifier 2.0.0048.0
    Personal Ancestral File 5
    Power2Go
    PowerRecover
    QuickTime
    Realtek USB 2.0 Card Reader
    Redist
    Reel Deal Slots: American Adventure
    RegInOut System Utilities
    Safari
    Secunia PSI (2.0.0.3001)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    SkyCaddie Desktop
    SpywareBlaster 4.4
    Startup Optimizer 1.6
    SUPERAntiSpyware
    Synaptics Pointing Device Driver
    TomTom HOME 2.8.2.2264
    TomTom HOME Visual Studio Merge Modules
    Uniblue RegistryBooster
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update Installer for WildTangent Games App
    Verizon FiOS Activation
    Verizon Media Manager
    VersaCheck 2005 Gold
    Vz In Home Agent
    WildTangent Games App (HP Games)
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Upload Tool
    Windows Media Player Firefox Plugin
    Winkflash Transporter
    WinX DVD Ripper Platinum 6.0.1
    Yahoo! BrowserPlus 2.9.8
    Yahoo! Messenger
    Yahoo! Search Protection
    Yahoo! Software Update
    Yahoo! Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    3/21/2012 6:57:54 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
    3/18/2012 11:03:19 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    3/18/2012 10:25:48 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    3/15/2012 8:09:25 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
    3/14/2012 4:55:10 PM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
    3/14/2012 4:55:10 PM, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.
    3/14/2012 4:55:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
    3/14/2012 10:50:25 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
    .
    ==== End Of File ===========================

  10. #10
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello,

    Is the fantapper tool bar only in Firefox?
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




Page 1 of 3 123 LastLast