Started Getting Redirect for 4Flush.com, and see code many times in forums including 2+2 - Computer Technical Help

WEC · 08-11-2012, 06:13 AM

I am not sure if I have missed other redirects, but I have noticed on multiple occasions when I am doing a Google Search and one of the items is on 4Flush.com, when I click on the link I get taken to a red Google/McAfee Warning that says site is unsafe, but it is not the 4Flush link. 100% the 2nd time I click same link, it sends me to the proper 4Flush link I had clicked. I have not noticed redirects on any other site.

I started to really investigate and figured something was wrong when I noticed that suddenly "code" was coming up when I was reading 2+2 (and other forums), but generally went back to proper format when I refreshed. Sometime instead of code, I just get a blank white screen when I click a forum link. But a 2nd click gets back the proper format.

To see if I had picked up something, I ran McAfee Full Scan, Malwarebytes Anti-Malware Full Scan, Downloaded and Ran SuperAntiSpyware Scan, and Downloaded Soluto.

Thus far everything has come back clean.

I use Chrome Browser majority of the time, Firefox the remainder, and IE once in a great while.

Thank You for taking a look, has me scratching my head

WEC · 08-11-2012, 06:14 AM

02:59:26.0579 2620 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
02:59:27.0078 2620 ================================================== ==========
02:59:27.0078 2620 Current date / time: 2012/08/11 02:59:27.0078
02:59:27.0078 2620 SystemInfo:
02:59:27.0078 2620
02:59:27.0078 2620 OS Version: 6.0.6002 ServicePack: 2.0
02:59:27.0078 2620 Product type: Workstation
02:59:27.0078 2620 ComputerName: WEC-PC
02:59:27.0078 2620 UserName: WEC
02:59:27.0078 2620 Windows directory: C:\Windows
02:59:27.0078 2620 System windows directory: C:\Windows
02:59:27.0078 2620 Processor architecture: Intel x86
02:59:27.0078 2620 Number of processors: 2
02:59:27.0078 2620 Page size: 0x1000
02:59:27.0078 2620 Boot type: Normal boot
02:59:27.0078 2620 ================================================== ==========
02:59:27.0983 2620 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
02:59:27.0998 2620 ================================================== ==========
02:59:27.0998 2620 \Device\Harddisk0\DR0:
02:59:27.0998 2620 MBR partitions:
02:59:27.0998 2620 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x43000, BlocksNum 0x1E00000
02:59:27.0998 2620 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E43000, BlocksNum 0x1AE81000
02:59:28.0045 2620 ================================================== ==========
02:59:28.0108 2620 C: <-> \Device\Harddisk0\DR0\Partition1
02:59:28.0139 2620 D: <-> \Device\Harddisk0\DR0\Partition0
02:59:28.0139 2620 ================================================== ==========
02:59:28.0139 2620 Initialize success
02:59:28.0139 2620 ================================================== ==========

WEC · 08-11-2012, 06:15 AM

OTL logfile created on: 8/11/2012 1:46:18 AM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\WEC\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.01 Gb Available Physical Memory | 50.53% Memory free
4.21 Gb Paging File | 2.29 Gb Available in Paging File | 54.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 215.25 Gb Total Space | 150.59 Gb Free Space | 69.96% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 9.42 Gb Free Space | 62.78% Space Free | Partition Type: NTFS

Computer Name: WEC-PC | User Name: WEC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/11 01:10:09 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\WEC\Downloads\OTL.exe
PRC - [2012/08/07 20:55:40 | 000,598,032 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoService.exe
PRC - [2012/08/07 20:55:38 | 002,143,776 | ---- | M] (Soluto) -- C:\Program Files\Soluto\Soluto.exe
PRC - [2012/07/15 00:21:39 | 000,186,832 | ---- | M] (Google Inc.) -- C:\Users\WEC\AppData\Local\Google\Update\1.3.21.11 5\GoogleCrashHandler.exe
PRC - [2012/07/09 16:38:53 | 004,777,856 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012/03/21 21:16:10 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2012/02/18 07:59:28 | 000,282,648 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\saUI.exe
PRC - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/08/11 16:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/10/20 12:13:56 | 000,927,576 | ---- | M] (Dell, Inc.) -- C:\Program Files\Dell\Dell Datasafe Online\NOBuClient.exe
PRC - [2010/10/20 12:11:14 | 002,075,480 | ---- | M] (Dell, Inc.) -- C:\Program Files\Dell\Dell Datasafe Online\NOBuAgent.exe
PRC - [2009/09/08 00:48:55 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe
PRC - [2009/09/08 00:47:07 | 004,513,792 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/05/04 02:25:32 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/05/04 02:25:26 | 000,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/05/04 02:25:26 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/05/04 02:25:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008/02/22 15:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008/01/31 14:01:38 | 000,159,744 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2007/11/12 04:07:24 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2007/11/12 04:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/11/12 04:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/11/01 13:39:28 | 000,189,736 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/03/21 11:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/21 11:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

========== Modules (No Company Name) ==========

MOD - [2012/08/11 00:58:26 | 000,065,024 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpywa re\SDDLLS\SD10006.dll
MOD - [2012/08/11 00:58:26 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpywa re\SDDLLS\SD10007.dll
MOD - [2012/08/11 00:35:04 | 000,652,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG PostBootResources\b673465d1b42d606aa46009bbef29433 \PCGPostBootResources.ni.dll
MOD - [2012/08/11 00:35:03 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG HIDProbe\e53ab0f104e2348a5be3cde5629a170a\PCGHIDPr obe.ni.dll
MOD - [2012/08/11 00:34:59 | 000,045,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG RSPProbe\45e4666c82f372873a7d122eb7af2978\PCGRSPPr obe.ni.dll
MOD - [2012/08/11 00:34:57 | 002,327,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Com munity.CsharpSql#\802a202e8df9e1d146453a0211fdbe70 \Community.CsharpSqlite.ni.dll
MOD - [2012/08/11 00:34:53 | 000,202,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG WuInfo\4ffb43b0c377b8cb8c26922d2a4c39b7\PCGWuInfo. ni.dll
MOD - [2012/08/11 00:34:51 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Int erop.IWshRuntime#\1e4138d450004582377fd9d806608f01 \Interop.IWshRuntimeLibrary.ni.dll
MOD - [2012/08/11 00:34:48 | 000,067,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG UsersCenter\a743ee7c0d30ba46dff297752550cd53\PCGUs ersCenter.ni.dll
MOD - [2012/08/11 00:34:45 | 000,177,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG AppControlPlugin#\af5d62b8980e4e3888d2ce502081f0fd \PCGAppControlPluginLoader.ni.dll
MOD - [2012/08/11 00:34:43 | 004,281,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG ClientCommon\8d8d920b5a56ed1e201b03474a3c18de\PCGC lientCommon.ni.dll
MOD - [2012/08/11 00:34:36 | 000,198,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG BootVisualizingC#\ea53f8f270fc34b878470821586b0225 \PCGBootVisualizingCommon.ni.dll
MOD - [2012/08/11 00:34:30 | 000,259,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG DriverProbe\aef6955e2e7088bda51519d2720cb27c\PCGDr iverProbe.ni.dll
MOD - [2012/08/11 00:34:28 | 000,068,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG Configuration\3edafcfbee0085ff363c3e175c8e3035\PCG Configuration.ni.dll
MOD - [2012/08/11 00:34:24 | 003,939,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG Database\0a591a0af86d98de4afd367b73a65c03\PCGDatab ase.ni.dll
MOD - [2012/08/11 00:34:17 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG AzureEntityFrame#\d80e3bd0fe6f62f2aef23653fb6fd23e \PCGAzureEntityFramework.ni.dll
MOD - [2012/08/11 00:34:13 | 001,490,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG AzureShared\5a5f46393e45f3262f4988a75d33035f\PCGAz ureShared.ni.dll
MOD - [2012/08/11 00:34:08 | 001,298,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG Communication\f78047a32c931076f889e12a76fca4cf\PCG Communication.ni.dll
MOD - [2012/08/11 00:34:00 | 002,845,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG PreCompiled\1f390824c460fb8d4b6d2f4762151f2e\PCGPr eCompiled.ni.dll
MOD - [2012/08/11 00:33:56 | 000,259,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG PrestoSerializer\3e030a547339b711de663801078a6b0f\ PCGPrestoSerializer.ni.dll
MOD - [2012/08/11 00:33:50 | 000,596,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Ion ic.Zip.Reduced\a2f4048baa0761e43e7954af9a4a68c1\Io nic.Zip.Reduced.ni.dll
MOD - [2012/08/11 00:33:46 | 002,128,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\New tonsoft.Json.Net#\72cc440f22665be1f2e72b24731a8d99 \Newtonsoft.Json.Net35.ni.dll
MOD - [2012/08/11 00:33:40 | 002,725,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCG Framework\239458caea34069cff58e6549fb44dcb\PCGFram ework.ni.dll
MOD - [2012/08/11 00:33:27 | 002,556,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sol uto\cbb1068241103427ce31f556aba44f83\Soluto.ni.exe
MOD - [2012/08/08 22:56:18 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpywa re\SDDLLS\UIREPAIR.DLL
MOD - [2012/08/08 22:56:18 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpywa re\SDDLLS\SD10005.dll
MOD - [2012/08/07 20:41:18 | 000,071,216 | ---- | M] () -- C:\Program Files\Soluto\PCGDllExportInspector.dll
MOD - [2012/08/06 23:43:40 | 000,442,392 | ---- | M] () -- C:\Users\WEC\AppData\Local\Google\Chrome\Applicati on\21.0.1180.75\ppgooglenaclpluginchrome.dll
MOD - [2012/08/06 23:43:39 | 012,235,800 | ---- | M] () -- C:\Users\WEC\AppData\Local\Google\Chrome\Applicati on\21.0.1180.75\PepperFlash\pepflashplayer.dll
MOD - [2012/08/06 23:43:37 | 003,997,720 | ---- | M] () -- C:\Users\WEC\AppData\Local\Google\Chrome\Applicati on\21.0.1180.75\pdf.dll
MOD - [2012/08/06 23:42:09 | 000,144,424 | ---- | M] () -- C:\Users\WEC\AppData\Local\Google\Chrome\Applicati on\21.0.1180.75\avutil-51.dll
MOD - [2012/08/06 23:42:08 | 000,266,792 | ---- | M] () -- C:\Users\WEC\AppData\Local\Google\Chrome\Applicati on\21.0.1180.75\avformat-54.dll
MOD - [2012/08/06 23:42:07 | 002,480,680 | ---- | M] () -- C:\Users\WEC\AppData\Local\Google\Chrome\Applicati on\21.0.1180.75\avcodec-54.dll
MOD - [2012/06/13 16:45:18 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3 \System.ServiceProcess.ni.dll
MOD - [2012/06/13 16:45:12 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web\508b444db523c5cf20ff12c7f440837b\System.We b.ni.dll
MOD - [2012/06/13 07:12:44 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Windows.Forms\f2691cfa7671cdc58179e56ba9227591 \System.Windows.Forms.ni.dll
MOD - [2012/06/13 07:12:33 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Drawing\18f9789aa214c657113e676b3a9015aa\Syste m.Drawing.ni.dll
MOD - [2012/05/12 22:46:06 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f \System.Runtime.Remoting.ni.dll
MOD - [2012/05/12 22:45:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Configuration\bd76aaaa03ddc15d1840207b5a480644 \System.Configuration.ni.dll
MOD - [2012/05/12 00:04:48 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xm l.ni.dll
MOD - [2012/05/12 00:03:36 | 002,516,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Linq\25cbbaeba2e4efdca4bee27760ffb36d\Sys tem.Data.Linq.ni.dll
MOD - [2012/05/12 00:03:20 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Core\0f2b877ed16daa577f95be735a63d19c\System.C ore.ni.dll
MOD - [2012/05/12 00:02:25 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/12 00:01:39 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\msc orlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni .dll
MOD - [2012/01/03 03:58:08 | 003,186,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5 c561934e089\System.dll
MOD - [2011/09/01 18:50:18 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2009/04/11 02:38:45 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__ b77a5c561934e089\System.Core.dll
MOD - [2009/03/29 21:42:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b 77a5c561934e089\System.Xml.dll
MOD - [2008/12/18 02:55:28 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll

========== Win32 Services (SafeList) ==========

SRV - [2012/08/07 20:55:40 | 000,598,032 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV - [2012/08/04 22:18:47 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/03 22:31:14 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpda teService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/19 08:21:16 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/11 16:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/10/20 12:11:14 | 002,075,480 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2009/09/08 00:48:55 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe -- (postgresql-8.4)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/12 04:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/12 04:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/03/21 11:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Running] -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - [2012/08/07 20:41:08 | 000,051,144 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Soluto.sys -- (Soluto)
DRV - [2012/02/22 13:29:46 | 000,464,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2012/02/22 13:29:46 | 000,340,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2012/02/22 13:29:46 | 000,180,848 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2012/02/22 13:29:46 | 000,169,608 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2012/02/22 13:29:46 | 000,121,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012/02/22 13:29:46 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2012/02/22 13:29:46 | 000,064,912 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2012/02/22 13:29:46 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2012/02/22 13:29:46 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/07/22 09:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 14:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/12/18 02:55:10 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/06/23 05:45:44 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/05/04 02:25:24 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/03/06 00:58:44 | 000,111,616 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/01/20 19:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/11/12 04:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/06 09:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/06 09:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/06 09:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/02 00:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.dell.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.dell.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_30 0_270.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\WEC\AppData\Local\Google\Update\1.3.21.11 5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\WEC\AppData\Local\Google\Update\1.3.21.11 5\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/05/09 14:27:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/08/11 01:01:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/04 22:18:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/11 00:16:53 | 000,000,000 | ---D | M]

[2011/08/15 15:00:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WEC\AppData\Roaming\Mozilla\Extensions
[2012/05/31 03:10:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WEC\AppData\Roaming\Mozilla\Firefox\Profi les\JonDoFox\extensions
[2012/05/31 03:10:37 | 000,000,000 | ---D | M] (JonDoFox) -- C:\Users\WEC\AppData\Roaming\Mozilla\Firefox\Profi les\JonDoFox\extensions\{437be45a-4114-11dd-b9ab-71d256d89593}
[2012/05/31 03:10:28 | 000,000,000 | ---D | M] (Cookie Monster) -- C:\Users\WEC\AppData\Roaming\Mozilla\Firefox\Profi les\JonDoFox\extensions\{45d8ff86-d909-11db-9705-005056c00008}
[2012/05/31 03:10:38 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\WEC\AppData\Roaming\Mozilla\Firefox\Profi les\JonDoFox\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2012/05/31 03:10:24 | 000,000,000 | ---D | M] (******* Plus) -- C:\Users\WEC\AppData\Roaming\Mozilla\Firefox\Profi les\JonDoFox\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012/05/31 03:10:42 | 000,000,000 | ---D | M] (ProfileSwitcher) -- C:\Users\WEC\AppData\Roaming\Mozilla\Firefox\Profi les\JonDoFox\extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}
[2012/05/31 03:10:36 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\WEC\AppData\Roaming\Mozilla\Firefox\Profi les\JonDoFox\extensions\https-everywhere@eff.org
[2012/05/31 03:10:41 | 000,000,000 | ---D | M] ("UnPlug") -- C:\Users\WEC\AppData\Roaming\Mozilla\Firefox\Profi les\JonDoFox\extensions\unplug@compunach
[2012/05/02 22:55:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WEC\AppData\Roaming\Mozilla\Firefox\Profi les\m1n3zp3c.default\extensions
[2012/08/11 00:23:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/08/11 00:23:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/08/11 01:01:28 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES\COMMON FILES\MCAFEE\SYSTEMCORE
[2012/05/09 14:27:30 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2012/08/04 22:18:49 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012/07/09 19:47:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/07/09 19:47:00 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ }{google:acceptedSuggestion}{google

riginalQueryF orSuggestion}{google:searchFieldtrialParameter}sou rceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}client=chrome&hl={language}&q={searc hTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\WEC\AppData\Local\Google\Chrome\Applicati on\21.0.1180.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\WEC\AppData\Local\Google\Chrome\Applicati on\21.0.1180.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\WEC\AppData\Local\Google\Chrome\Applicati on\21.0.1180.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\WEC\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_20 2_235.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\WEC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepao oicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Users\WEC\AppData\Local\Google\Update\1.3.21.11 1\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~1\mcafee\msc\npmcsn~1.dll
CHR - Extension: Angry Birds = C:\Users\WEC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmg eghloj\1.5.0.7_0\
CHR - Extension: SiteAdvisor = C:\Users\WEC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepao oicaho\3.41.123.2_0\
CHR - Extension: bitly | \u2665 your bitmarks = C:\Users\WEC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbof jbdcic\2.0.15_0\

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20120626000456.dl l (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CPN Notifier] C:\Program Files\Intertops Poker\PokerNotifier.exe File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\WEC\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe File not found
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{01C0FECF-ED65-4CD5-8F0A-EA4200E6A3A2}: DhcpNameServer = 107.17.26.1 64.134.255.2 64.134.255.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{055E2413-A985-4A49-8B08-1DD56A596F78}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: McMPFSvc - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: mcmscsvc - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet: Messenger - Service
SafeBootNet: mfefire - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SafeBootNet: mfefirek - C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfefirek.sys - C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfehidk - C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfehidk.sys - C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfevtp - C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/11 01:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/08/11 00:30:39 | 000,051,144 | ---- | C] (Soluto LTD.) -- C:\Windows\System32\drivers\Soluto.sys
[2012/08/11 00:30:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012/08/11 00:30:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soluto
[2012/08/11 00:30:08 | 000,000,000 | ---D | C] -- C:\Program Files\Soluto
[2012/08/11 00:28:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Soluto
[2012/08/11 00:20:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/08/11 00:18:25 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/08/11 00:16:53 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/08/11 00:16:52 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/08/11 00:16:05 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/08/11 00:16:05 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/08/08 22:55:30 | 000,000,000 | ---D | C] -- C:\Users\WEC\AppData\Roaming\SUPERAntiSpyware.com
[2012/08/08 22:55:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/08/08 22:55:13 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/08/08 22:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

========== Files - Modified Within 30 Days ==========

[2012/08/11 02:00:01 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task e284d25d-8a0f-4301-bf79-b695a238ff33.job
[2012/08/11 01:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/11 01:27:03 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-926648483-369203567-2311085068-1000UA.job
[2012/08/11 01:00:50 | 000,001,737 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2012/08/11 00:56:28 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/11 00:56:27 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/11 00:56:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/11 00:56:12 | 2134,994,944 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/11 00:32:10 | 000,000,098 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32. bc
[2012/08/11 00:26:07 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-926648483-369203567-2311085068-1000Core.job
[2012/08/11 00:14:33 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/08/11 00:14:32 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/08/10 22:55:00 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 004f2c1c-cc79-44da-b3b8-c8c53d114f79.job
[2012/08/08 22:55:22 | 000,001,802 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/08/08 22:30:59 | 000,002,034 | ---- | M] () -- C:\Users\WEC\Desktop\Google Chrome.lnk
[2012/08/08 22:30:59 | 000,001,996 | ---- | M] () -- C:\Users\WEC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/07 20:41:08 | 000,051,144 | ---- | M] (Soluto LTD.) -- C:\Windows\System32\drivers\Soluto.sys
[2012/08/05 15:11:44 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/03 22:31:13 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/08/03 22:31:13 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/07/23 22:24:50 | 000,005,972 | ---- | M] () -- C:\Users\WEC\AppData\Local\d3d9caps.dat

========== Files Created - No Company Name ==========

[2012/08/11 00:32:10 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32. bc
[2012/08/08 22:55:59 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 004f2c1c-cc79-44da-b3b8-c8c53d114f79.job
[2012/08/08 22:55:58 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task e284d25d-8a0f-4301-bf79-b695a238ff33.job
[2012/08/08 22:55:22 | 000,001,802 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/04/13 23:20:35 | 000,004,906 | ---- | C] () -- C:\ProgramData\bltofzsb.qlf
[2012/03/25 03:35:11 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2012/02/06 17:24:37 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012/02/06 15:52:11 | 000,000,212 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012/02/06 15:52:11 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012/02/06 15:52:11 | 000,000,065 | ---- | C] () -- C:\Windows\System32\bd7340.dat
[2012/02/06 15:46:25 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[2012/02/06 15:45:30 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2012/02/06 15:45:30 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012/02/06 15:45:27 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2012/02/06 15:37:16 | 000,031,567 | ---- | C] () -- C:\Windows\maxlink.ini
[2011/10/08 01:18:03 | 000,003,584 | ---- | C] () -- C:\Users\WEC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/13 23:02:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/08/13 23:02:28 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/08/13 09:46:09 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2011/08/13 09:46:09 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2011/08/13 09:46:08 | 000,026,112 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2011/08/10 21:28:09 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2011/08/10 21:28:09 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2011/08/10 21:28:09 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2011/08/10 21:28:09 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2011/08/10 21:28:09 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2011/08/10 21:28:06 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2009/03/03 14:06:59 | 000,007,781 | ---- | C] () -- C:\Users\WEC\NoticeOfPublicaion.pdf
[2009/03/03 13:47:28 | 000,340,327 | ---- | C] () -- C:\Users\WEC\LLCcoversheet.pdf
[2009/02/26 19:48:49 | 000,071,432 | ---- | C] () -- C:\Users\WEC\ArizonaLLCForms.pdf
[2009/02/17 22:27:06 | 000,001,202 | ---- | C] () -- C:\Users\WEC\AppData\Roaming\wklnhst.dat
[2009/01/20 17:42:20 | 000,005,972 | ---- | C] () -- C:\Users\WEC\AppData\Local\d3d9caps.dat

========== Custom Scans ==========

< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2012/08/04 22:18:49 | 000,117,728 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2012/08/04 22:18:48 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2012/08/04 22:18:47 | 000,113,120 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\maintenanceservice.exe
[2012/08/04 22:18:46 | 000,157,608 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe
[2012/08/04 22:18:43 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2012/08/04 22:18:41 | 000,265,184 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2012/08/11 00:56:27 | 000,003,616 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/11 00:56:28 | 000,003,616 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2011/08/15 15:20:27 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2012/07/31 18:42:46 | 000,000,000 | ---D | M] -- C:\Program Files\BlackChipPoker
[2011/11/30 17:20:16 | 000,000,000 | ---D | M] -- C:\Program Files\Bodog Poker
[2012/02/06 15:48:55 | 000,000,000 | ---D | M] -- C:\Program Files\Brother
[2012/05/18 22:17:03 | 000,000,000 | ---D | M] -- C:\Program Files\Cake Poker 2.0
[2012/08/10 22:37:55 | 000,000,000 | ---D | M] -- C:\Program Files\CarbonPoker
[2011/08/13 09:47:07 | 000,000,000 | ---D | M] -- C:\Program Files\Cisco
[2012/07/10 21:17:55 | 000,000,000 | ---D | M] -- C:\Program Files\Colt Poker
[2012/08/11 00:20:35 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011/08/13 04:16:37 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2011/08/13 09:50:48 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2011/08/15 15:33:47 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2011/08/13 09:46:00 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Inc
[2011/08/10 21:27:51 | 000,000,000 | ---D | M] -- C:\Program Files\DellTPad
[2011/08/13 09:45:50 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2012/02/06 15:45:23 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/08/13 09:50:11 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2012/07/11 11:39:16 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2012/05/18 22:00:00 | 000,000,000 | ---D | M] -- C:\Program Files\Intertops Poker
[2012/08/11 00:14:12 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2012/05/31 03:31:19 | 000,000,000 | ---D | M] -- C:\Program Files\JonDo
[2012/06/29 19:58:00 | 000,000,000 | ---D | M] -- C:\Program Files\Lock Poker
[2012/06/29 19:57:34 | 000,000,000 | ---D | M] -- C:\Program Files\LockPoker
[2012/08/05 15:11:46 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/07/23 22:24:47 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee
[2011/08/13 22:17:54 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee.com
[2006/11/02 05:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/08/13 09:50:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2012/05/11 23:58:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2011/09/03 03:04:11 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2011/08/16 00:24:11 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/08/13 09:43:44 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Diagnostic Tool
[2011/08/15 22:56:48 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2012/08/04 22:19:08 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2012/08/04 23:46:19 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service
[2006/11/02 05:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2012/02/08 03:02:17 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/08/13 09:44:55 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2012/02/06 15:38:02 | 000,000,000 | ---D | M] -- C:\Program Files\Nuance
[2011/09/01 18:47:52 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
[2012/08/11 00:18:25 | 000,000,000 | ---D | M] -- C:\Program Files\Oracle
[2011/08/15 17:16:39 | 000,000,000 | ---D | M] -- C:\Program Files\PokerStars
[2011/12/03 20:48:32 | 000,000,000 | ---D | M] -- C:\Program Files\PokerStars.NET
[2012/06/13 17:01:54 | 000,000,000 | ---D | M] -- C:\Program Files\PokerTracker 3
[2012/03/25 02:40:27 | 000,000,000 | ---D | M] -- C:\Program Files\PostgreSQL
[2012/03/25 02:50:34 | 000,000,000 | ---D | M] -- C:\Program Files\PSQLINSTALL
[2006/11/02 05:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2012/07/07 01:30:20 | 000,000,000 | ---D | M] -- C:\Program Files\Rovio
[2011/08/13 18:11:55 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2012/03/25 02:38:45 | 000,000,000 | ---D | M] -- C:\Program Files\RVG Software
[2012/02/06 15:35:56 | 000,000,000 | ---D | M] -- C:\Program Files\ScanSoft
[2011/08/13 04:16:25 | 000,000,000 | ---D | M] -- C:\Program Files\Sigmatel
[2012/08/11 00:30:49 | 000,000,000 | ---D | M] -- C:\Program Files\Soluto
[2012/08/08 22:55:30 | 000,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2006/11/02 06:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2012/03/09 18:04:13 | 000,000,000 | ---D | M] -- C:\Program Files\WebLog Expert Lite
[2011/08/15 22:56:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2011/08/15 22:56:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2011/08/15 22:56:46 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2012/05/11 23:56:40 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2012/03/13 12:47:17 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2011/08/15 22:56:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 05:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011/08/15 22:56:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2011/08/16 16:32:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2011/08/15 22:56:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2012/04/12 04:22:23 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo SiteBuilder

< MD5 for: EXPLORER.EXE >
[2009/04/11 10:59:39 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83 bb287ccdb7e3\explorer.exe
[2009/04/11 10:59:39 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177 ca9879e978e8\explorer.exe
[2009/04/11 10:59:39 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4 f8c7931bd1e1\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0 201e76de3a0b\explorer.exe
[2009/04/11 10:59:39 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033 cb5995cd990b\explorer.exe
[2008/01/20 19:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4 a71279bc6ebf\explorer.exe

< MD5 for: NETLOGON.DLL >
[2009/04/10 23:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/10 23:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3 304f351bb3a3\netlogon.dll
[2008/01/20 19:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7 b74337f9e857\netlogon.dll

< MD5 for: SERVICES.EXE >
[2008/01/20 19:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_ none_cf5fc067cd49010a\services.exe
[2009/04/10 23:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/10 23:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_ none_d14b3973ca6acc56\services.exe

< MD5 for: SVCHOST.EXE >
[2008/01/20 19:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 19:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb5 9a1054dbde5\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/20 19:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 19:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28 ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae 7a22d2134741\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/01/20 19:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc3 0116d4f17bf5\winlogon.exe

< hklm\SOFTWARE\Microsoft\Windows\CurrentVersion\Win dowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/08/04 22:18:41 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/08/04 22:18:41 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/08/04 22:18:41 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/08/04 22:18:48 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/08/04 22:18:48 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/08/04 22:18:48 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\WEC\AppData\Local\Google\Chrome\Applicat ion\chrome.exe" --show-icons [2012/08/06 23:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\WEC\AppData\Local\Google\Chrome\Applicat ion\chrome.exe" --hide-icons [2012/08/06 23:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\WEC\AppData\Local\Google\Chrome\Applicat ion\chrome.exe" --make-default-browser [2012/08/06 23:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\shell\open\command\\: "C:\Users\WEC\AppData\Local\Google\Chrome\Applicat ion\chrome.exe" [2012/08/06 23:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/08/16 16:05:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/08/16 16:05:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/08/16 16:05:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/06/02 02:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2012/06/02 02:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/08/04 22:18:41 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/08/04 22:18:41 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/08/04 22:18:41 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/08/04 22:18:48 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/08/04 22:18:48 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/08/04 22:18:48 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\WEC\AppData\Local\Google\Chrome\Applicat ion\chrome.exe" --show-icons [2012/08/06 23:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\WEC\AppData\Local\Google\Chrome\Applicat ion\chrome.exe" --hide-icons [2012/08/06 23:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\WEC\AppData\Local\Google\Chrome\Applicat ion\chrome.exe" --make-default-browser [2012/08/06 23:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\Google Chrome\shell\open\command\\: "C:\Users\WEC\AppData\Local\Google\Chrome\Applicat ion\chrome.exe" [2012/08/06 23:43:41 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/08/16 16:05:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/08/16 16:05:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/08/16 16:05:48 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/06/02 02:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinter net\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2012/06/02 02:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation)

< hkcu\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s >

< hklm\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s >
"" = Microsoft WBEM New Event Subsystem
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CD B-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 81 bytes -> C:\Program Files\Lock Poker:MID
@Alternate Data Stream - 81 bytes -> C:\Program Files\Intertops Poker:MID
@Alternate Data Stream - 81 bytes -> C:\Program Files\Colt Poker:MID
@Alternate Data Stream - 81 bytes -> C:\Program Files\Cake Poker 2.0:MID

< End of report >

WEC · 08-11-2012, 06:16 AM

OTL Extras logfile created on: 8/11/2012 1:46:18 AM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\WEC\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.01 Gb Available Physical Memory | 50.53% Memory free
4.21 Gb Paging File | 2.29 Gb Available in Paging File | 54.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 215.25 Gb Total Space | 150.59 Gb Free Space | 69.96% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 9.42 Gb Free Space | 62.78% Space Free | Partition Type: NTFS

Computer Name: WEC-PC | User Name: WEC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{0D1AB60B-5A6C-4ADA-9978-0B06067C5647}" = protocol=17 | dir=in | app=c:\program files\colt poker\pokerclient.exe |
"{20168D5E-C340-416B-A88D-E727E194BFB3}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{23E5BA1F-122E-4AB9-B68C-894047470A56}" = protocol=17 | dir=in | app=c:\program files\lock poker\pokerclient.exe |
"{3142FA36-22C3-4BAA-BC9B-8FC016F7E30D}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{3598873D-24F3-4A1A-B1FC-DF2E278BFAE2}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{3DE09BE7-060E-4E7C-BEAC-D3BC30805A8F}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{52E88BEF-2A49-4DD0-800B-50542285197C}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{55B7F5B0-75A7-4BE3-A59A-4F0F6E03B8BB}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{56F0937A-5D81-4B77-AFB1-D07884B6D835}" = protocol=6 | dir=in | app=c:\program files\colt poker\pokerclient.exe |
"{5A2371DA-14D9-4911-8F93-D4F3D2732367}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{783E7A21-57E6-4F59-9A76-E72E26295AAE}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{8BC23C46-F5BB-458C-BDED-E0CE193E12B6}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{8E5786AA-9BCC-4775-BDAF-A959C401B2B2}" = protocol=6 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{98BCD79A-B2AB-4A0F-AC3B-01D97ECC70ED}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{A28E47FA-8966-4C84-8CD1-3B20BC483FD3}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{A616B3F8-5F88-40EB-A41A-C1882252281A}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{AEF09D4B-16FF-465B-BB53-B54A04C08748}" = protocol=6 | dir=in | app=c:\program files\lock poker\pokerclient.exe |
"{B07EF918-86ED-4CF9-9826-9E85CB3875B8}" = protocol=17 | dir=in | app=c:\program files\cake poker 2.0\pokerclient.exe |
"{B143BE91-1056-43E6-B9DF-744A01CDD66F}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{B8CF0E5C-505D-41BE-8EAD-BA3640D720AA}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{BC49B92D-4592-4635-A867-661F6D6F5501}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine. exe |
"{C187A86D-804D-4B39-8234-3D0329C0B263}" = protocol=17 | dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{CD49AA80-CF93-4D7F-82ED-291FAC574027}" = protocol=17 | dir=in | app=c:\users\wec\downloads\solutoinstaller-s8m9hoer16.exe |
"{CEB9EE0A-70C5-47B6-810F-7E901C541B76}" = protocol=17 | dir=in | app=c:\program files\intertops poker\pokerclient.exe |
"{D763D49B-A7FE-4937-8BA0-4F70C7C3083D}" = protocol=6 | dir=in | app=c:\program files\intertops poker\pokerclient.exe |
"{D9BD77CA-4C96-4E72-B519-6A24690B9E03}" = protocol=6 | dir=in | app=c:\users\wec\downloads\solutoinstaller-s8m9hoer16.exe |
"{EDC4D3C3-AE0D-4FC9-AB84-F16596FBAA2C}" = protocol=6 | dir=in | app=c:\program files\cake poker 2.0\pokerclient.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0D637670-BC00-4FAC-8E00-518EB7F65091}" = Angry Birds Rio
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CBD48C6-3A26-4986-8C59-4A6D813EECA0}" = Soluto
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{46E1B1F2-A279-4356-9B17-029F9CC72EAE}" = Brother MFL-Pro Suite
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D7CA2DF8-95CE-4C80-9296-98E21219A1E5}}_is1" = BovadaPoker
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0000C3B-FD74-4E5F-B574-CA4AB150E86F}" = Angry Birds
"{F3FDA09C-57AA-40CC-A555-FED7EF421E7E}" = Angry Birds Seasons
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"296836EA-EF3A-4C36-8C13-3A6C1DB2D4BE" = AmericasCardroom
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"Cake Poker 2.0" = Cake Poker 2.0
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F10 00F" = Conexant HDA D330 MDC V.92 Modem
"Colt Poker" = Colt Poker
"HoldemManager" = Holdem Manager
"Intertops Poker" = Intertops Poker
"JonDoUninstall" = JonDo
"Lock Poker" = Lock Poker
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"PokerStars.net" = PokerStars.net
"PokerTracker3" = PokerTracker 3 (remove only)
"PostgreSQL 8.4" = PostgreSQL 8.4
"WebLog Expert Lite_is1" = WebLog Expert Lite 6.4
"Yahoo! SiteBuilder" = Yahoo! SiteBuilder
"YTdetect" = Yahoo! Detect

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
"Black Chip Poker" = Black Chip Poker
"CarbonPoker" = CarbonPoker
"Google Chrome" = Google Chrome
"Lock Poker" = Lock Poker

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/10/2012 9:31:34 PM | Computer Name = WEC-PC | Source = PostgreSQL | ID = 0
Description = 2012-08-10 18:31:34 MSTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-08-10 18:31:34 MSTSTATEMENT: EXECUTE PKHEXECUTE(5953349648,19,to_timestamp('08/08/2012
19:10:32','MM/DD/YYYY HH24:MI:SS'),709,68,9,3,3,3,2,6,14,52,41,11,18,144 500,0,84500,84500,144500,1083500,0,0,0,2,2,False,2 ,0,0,0,14,14,14,0,-1,-1,0,9);
select currval('pokerhands_pokerhand_id_seq')

Error - 8/10/2012 9:31:34 PM | Computer Name = WEC-PC | Source = PostgreSQL | ID = 0
Description = 2012-08-10 18:31:34 MSTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-08-10 18:31:34 MSTSTATEMENT: EXECUTE PKHEXECUTE(5953349649,19,to_timestamp('08/08/2012
19:11:33','MM/DD/YYYY HH24:MI:SS'),709,69,9,0,0,0,0,7,0,0,0,0,0,216000,0 ,1255500,0,0,0,-1,-1,-1,-1,-1,False,-1,0,0,0,-1,-1,-1,2,5,-1,0,9);
select currval('pokerhands_pokerhand_id_seq')

Error - 8/10/2012 9:31:34 PM | Computer Name = WEC-PC | Source = PostgreSQL | ID = 0
Description = 2012-08-10 18:31:34 MSTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-08-10 18:31:34 MSTSTATEMENT: EXECUTE PKHEXECUTE(5953349650,19,to_timestamp('08/08/2012
19:12:09','MM/DD/YYYY HH24:MI:SS'),709,69,9,2,2,2,2,8,9,6,48,7,24,135000 0,0,2064500,2064500,2064500,2064500,32,32,32,2,3,F alse,3,0,0,0,9,9,11,-1,3,4,0,9);
select currval('pokerhands_pokerhand_id_seq')

Error - 8/10/2012 9:31:34 PM | Computer Name = WEC-PC | Source = PostgreSQL | ID = 0
Description = 2012-08-10 18:31:34 MSTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-08-10 18:31:34 MSTSTATEMENT: EXECUTE PKHEXECUTE(5953349651,19,to_timestamp('08/08/2012
19:12:56','MM/DD/YYYY HH24:MI:SS'),709,69,9,2,2,2,2,9,35,17,6,20,16,1537 000,0,2173500,2173500,2173500,2173500,0,0,0,1,2,Fa lse,3,0,0,0,9,9,9,2,3,0,0,9);
select currval('pokerhands_pokerhand_id_seq')

Error - 8/10/2012 9:31:34 PM | Computer Name = WEC-PC | Source = PostgreSQL | ID = 0
Description = 2012-08-10 18:31:34 MSTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-08-10 18:31:34 MSTSTATEMENT: EXECUTE PKHEXECUTE(5953349652,19,to_timestamp('08/08/2012
19:13:35','MM/DD/YYYY HH24:MI:SS'),709,69,9,3,3,3,3,1,26,27,1,9,8,125000 0,0,1250000,1250000,1250000,1250000,32,32,32,1,2,F alse,3,0,0,0,14,14,14,-1,2,0,0,9);
select currval('pokerhands_pokerhand_id_seq')

Error - 8/11/2012 1:29:28 AM | Computer Name = WEC-PC | Source = PostgreSQL | ID = 0
Description = 2012-08-10 22:29:28 MSTFATAL: the database system is starting up

Error - 8/11/2012 1:29:44 AM | Computer Name = WEC-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/11/2012 3:56:26 AM | Computer Name = WEC-PC | Source = PostgreSQL | ID = 0
Description = 2012-08-11 00:56:26 MSTFATAL: the database system is starting up

Error - 8/11/2012 3:57:56 AM | Computer Name = WEC-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/11/2012 5:06:45 AM | Computer Name = WEC-PC | Source = VSS | ID = 12289
Description =

[ System Events ]
Error - 8/9/2012 8:48:14 AM | Computer Name = WEC-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/10/2012 2:41:30 AM | Computer Name = WEC-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 00234DB2940A has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 8/10/2012 2:41:50 AM | Computer Name = WEC-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/10/2012 6:21:53 AM | Computer Name = WEC-PC | Source = DCOM | ID = 10010
Description =

Error - 8/10/2012 7:54:12 PM | Computer Name = WEC-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 00234DB2940A has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 8/10/2012 7:54:26 PM | Computer Name = WEC-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/11/2012 1:29:14 AM | Computer Name = WEC-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:27:02 PM on 8/10/2012 was unexpected.

Error - 8/11/2012 1:29:44 AM | Computer Name = WEC-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/11/2012 3:54:40 AM | Computer Name = WEC-PC | Source = DCOM | ID = 10010
Description =

Error - 8/11/2012 3:57:56 AM | Computer Name = WEC-PC | Source = Service Control Manager | ID = 7000
Description =

< End of report >

WEC · 08-12-2012, 02:12 AM

Just to add, based on advice here, after I posted here I:

Turned on my UAC (I Have had it off ever since downloading HEM one computer ago)
Made a New Computer Account and assigned it Admin
Changed my current Computer Account to Standard

I have had computers since the first PC by IBM was put on my desk at work, and never had any issue with Malware at all, but it seems something is up cause I still get this coding stuff.

Gabethebabe · 08-12-2012, 06:07 AM

The TDSSkiller log is incomplete.
The OTL log appears top be malware free

I assume 4flush.com is blacklisted by McAfee and the "redirect" you see is McAfee warning you for a potentially unsafe site.

Not sure what the code thing is. But it is not behavior that malware would do.

So I think whatever your problem is, it is not malware related.

You should uninstall these:
Java(TM) 6 Update 22
Java(TM) 6 Update 31

WEC · 08-12-2012, 07:38 PM

Quote:

Originally Posted by Gabethebabe

You should uninstall these:
Java(TM) 6 Update 22
Java(TM) 6 Update 31

Done

Quote:

Originally Posted by Gabethebabe

The TDSSkiller log is incomplete.

Here is the full log, I am getting old and making silly mistakes

16:34:24.0993 5688 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
16:34:26.0195 5688 ================================================== ==========
16:34:26.0195 5688 Current date / time: 2012/08/12 16:34:26.0195
16:34:26.0195 5688 SystemInfo:
16:34:26.0195 5688
16:34:26.0195 5688 OS Version: 6.0.6002 ServicePack: 2.0
16:34:26.0195 5688 Product type: Workstation
16:34:26.0195 5688 ComputerName: WEC-PC
16:34:26.0195 5688 UserName: Sasha
16:34:26.0195 5688 Windows directory: C:\Windows
16:34:26.0195 5688 System windows directory: C:\Windows
16:34:26.0195 5688 Processor architecture: Intel x86
16:34:26.0195 5688 Number of processors: 2
16:34:26.0195 5688 Page size: 0x1000
16:34:26.0195 5688 Boot type: Normal boot
16:34:26.0195 5688 ================================================== ==========
16:34:27.0925 5688 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:34:27.0927 5688 ================================================== ==========
16:34:27.0928 5688 \Device\Harddisk0\DR0:
16:34:27.0928 5688 MBR partitions:
16:34:27.0928 5688 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x43000, BlocksNum 0x1E00000
16:34:27.0928 5688 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E43000, BlocksNum 0x1AE81000
16:34:27.0994 5688 ================================================== ==========
16:34:28.0134 5688 C: <-> \Device\Harddisk0\DR0\Partition1
16:34:28.0204 5688 D: <-> \Device\Harddisk0\DR0\Partition0
16:34:28.0204 5688 ================================================== ==========
16:34:28.0204 5688 Initialize success
16:34:28.0205 5688 ================================================== ==========
16:35:47.0691 2596 ================================================== ==========
16:35:47.0691 2596 Scan started
16:35:47.0691 2596 Mode: Manual;
16:35:47.0691 2596 ================================================== ==========
16:35:47.0956 2596 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
16:35:47.0956 2596 !SASCORE - ok
16:35:48.0923 2596 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
16:35:48.0923 2596 ACPI - ok
16:35:49.0238 2596 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:35:49.0258 2596 AdobeARMservice - ok
16:35:49.0380 2596 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe
16:35:49.0384 2596 AdobeFlashPlayerUpdateSvc - ok
16:35:49.0460 2596 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
16:35:49.0492 2596 adp94xx - ok
16:35:49.0547 2596 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
16:35:49.0570 2596 adpahci - ok
16:35:49.0618 2596 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
16:35:49.0626 2596 adpu160m - ok
16:35:49.0653 2596 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
16:35:49.0683 2596 adpu320 - ok
16:35:49.0736 2596 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
16:35:49.0739 2596 AeLookupSvc - ok
16:35:49.0799 2596 AESTFilters (ef1142512bec12f1c2c87735da1755be) C:\Windows\system32\aestsrv.exe
16:35:49.0802 2596 AESTFilters - ok
16:35:49.0875 2596 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
16:35:49.0882 2596 AFD - ok
16:35:49.0944 2596 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
16:35:49.0956 2596 agp440 - ok
16:35:49.0981 2596 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
16:35:49.0992 2596 aic78xx - ok
16:35:50.0065 2596 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
16:35:50.0073 2596 ALG - ok
16:35:50.0103 2596 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
16:35:50.0114 2596 aliide - ok
16:35:50.0148 2596 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
16:35:50.0153 2596 amdagp - ok
16:35:50.0172 2596 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
16:35:50.0184 2596 amdide - ok
16:35:50.0206 2596 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
16:35:50.0212 2596 AmdK7 - ok
16:35:50.0235 2596 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
16:35:50.0242 2596 AmdK8 - ok
16:35:50.0278 2596 ApfiltrService (a80230bd04f0b8bf05185b369bb1cbb8) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:35:50.0411 2596 ApfiltrService - ok
16:35:50.0449 2596 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
16:35:50.0451 2596 Appinfo - ok
16:35:50.0486 2596 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
16:35:50.0493 2596 arc - ok
16:35:50.0522 2596 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
16:35:50.0528 2596 arcsas - ok
16:35:50.0553 2596 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
16:35:50.0556 2596 AsyncMac - ok
16:35:50.0597 2596 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
16:35:50.0598 2596 atapi - ok
16:35:50.0686 2596 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
16:35:50.0714 2596 AudioEndpointBuilder - ok
16:35:50.0720 2596 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
16:35:50.0723 2596 Audiosrv - ok
16:35:50.0761 2596 BCM42RLY (423c7b87e886ac93d22936ea82665f83) C:\Windows\system32\drivers\BCM42RLY.sys
16:35:50.0763 2596 BCM42RLY - ok
16:35:51.0023 2596 BCM43XX (41a70777e892c3dea606758366566a77) C:\Windows\system32\DRIVERS\bcmwl6.sys
16:35:51.0065 2596 BCM43XX - ok
16:35:51.0162 2596 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
16:35:51.0166 2596 Beep - ok
16:35:51.0268 2596 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
16:35:51.0301 2596 BFE - ok
16:35:51.0413 2596 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
16:35:51.0477 2596 BITS - ok
16:35:51.0522 2596 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
16:35:51.0528 2596 blbdrive - ok
16:35:51.0554 2596 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
16:35:51.0557 2596 bowser - ok
16:35:51.0587 2596 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
16:35:51.0597 2596 BrFiltLo - ok
16:35:51.0610 2596 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
16:35:51.0621 2596 BrFiltUp - ok
16:35:51.0659 2596 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
16:35:51.0663 2596 Browser - ok
16:35:51.0710 2596 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
16:35:51.0723 2596 Brserid - ok
16:35:51.0792 2596 BrSerIf (1a5fc78e41840edf79d65ec16eff2787) C:\Windows\system32\Drivers\BrSerIf.sys
16:35:51.0943 2596 BrSerIf - ok
16:35:52.0180 2596 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
16:35:52.0207 2596 BrSerWdm - ok
16:35:52.0220 2596 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
16:35:52.0225 2596 BrUsbMdm - ok
16:35:52.0257 2596 BrUsbSer (a24c7b39602218f8dbdb2b6704325fc7) C:\Windows\system32\Drivers\BrUsbSer.sys
16:35:52.0443 2596 BrUsbSer - ok
16:35:52.0507 2596 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
16:35:52.0522 2596 BTHMODEM - ok
16:35:52.0538 2596 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
16:35:52.0538 2596 cdfs - ok
16:35:52.0585 2596 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
16:35:52.0585 2596 cdrom - ok
16:35:52.0631 2596 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
16:35:52.0647 2596 CertPropSvc - ok
16:35:52.0678 2596 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\Windows\system32\drivers\cfwids.sys
16:35:52.0881 2596 cfwids - ok
16:35:52.0912 2596 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
16:35:52.0928 2596 circlass - ok
16:35:52.0975 2596 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
16:35:52.0990 2596 CLFS - ok
16:35:53.0068 2596 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
16:35:53.0068 2596 clr_optimization_v2.0.50727_32 - ok
16:35:53.0162 2596 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe
16:35:53.0162 2596 clr_optimization_v4.0.30319_32 - ok
16:35:53.0193 2596 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
16:35:53.0193 2596 CmBatt - ok
16:35:53.0224 2596 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
16:35:53.0240 2596 cmdide - ok
16:35:53.0271 2596 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
16:35:53.0271 2596 Compbatt - ok
16:35:53.0271 2596 COMSysApp - ok
16:35:53.0333 2596 cpuz135 - ok
16:35:53.0333 2596 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
16:35:53.0349 2596 crcdisk - ok
16:35:53.0365 2596 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
16:35:53.0380 2596 Crusoe - ok
16:35:53.0427 2596 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
16:35:53.0427 2596 CryptSvc - ok
16:35:53.0521 2596 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
16:35:53.0567 2596 DcomLaunch - ok
16:35:53.0599 2596 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
16:35:53.0599 2596 DfsC - ok
16:35:53.0786 2596 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
16:35:53.0848 2596 DFSR - ok
16:35:54.0113 2596 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
16:35:54.0113 2596 Dhcp - ok
16:35:54.0191 2596 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
16:35:54.0191 2596 disk - ok
16:35:54.0254 2596 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
16:35:54.0332 2596 Dnscache - ok
16:35:54.0410 2596 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
16:35:54.0410 2596 dot3svc - ok
16:35:54.0457 2596 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
16:35:54.0457 2596 DPS - ok
16:35:54.0519 2596 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
16:35:54.0519 2596 drmkaud - ok
16:35:54.0597 2596 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
16:35:54.0613 2596 DXGKrnl - ok
16:35:54.0659 2596 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
16:35:54.0675 2596 e1express - ok
16:35:54.0722 2596 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
16:35:54.0737 2596 E1G60 - ok
16:35:54.0784 2596 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
16:35:54.0784 2596 EapHost - ok
16:35:54.0862 2596 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
16:35:54.0862 2596 Ecache - ok
16:35:54.0987 2596 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
16:35:54.0987 2596 ehRecvr - ok
16:35:55.0003 2596 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
16:35:55.0003 2596 ehSched - ok
16:35:55.0018 2596 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
16:35:55.0018 2596 ehstart - ok
16:35:55.0081 2596 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
16:35:55.0112 2596 elxstor - ok
16:35:55.0174 2596 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
16:35:55.0190 2596 EMDMgmt - ok
16:35:55.0205 2596 ErrDev (f2a80de2d1b7116052c09cb4d4ca1416) C:\Windows\system32\drivers\errdev.sys
16:35:55.0299 2596 ErrDev - ok
16:35:55.0361 2596 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
16:35:55.0393 2596 EventSystem - ok
16:35:55.0439 2596 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
16:35:55.0439 2596 exfat - ok
16:35:55.0486 2596 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
16:35:55.0486 2596 fastfat - ok
16:35:55.0517 2596 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
16:35:55.0533 2596 fdc - ok
16:35:55.0564 2596 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
16:35:55.0564 2596 fdPHost - ok
16:35:55.0564 2596 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
16:35:55.0564 2596 FDResPub - ok
16:35:55.0580 2596 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
16:35:55.0580 2596 FileInfo - ok
16:35:55.0611 2596 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
16:35:55.0611 2596 Filetrace - ok
16:35:55.0627 2596 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
16:35:55.0627 2596 flpydisk - ok
16:35:55.0658 2596 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
16:35:55.0658 2596 FltMgr - ok
16:35:56.0625 2596 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
16:35:56.0734 2596 FontCache - ok
16:35:56.0812 2596 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\Presen tationFontCache.exe
16:35:56.0812 2596 FontCache3.0.0.0 - ok
16:35:56.0859 2596 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
16:35:57.0031 2596 Fs_Rec - ok
16:35:57.0296 2596 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
16:35:57.0358 2596 gagp30kx - ok
16:35:57.0421 2596 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
16:35:57.0467 2596 gpsvc - ok
16:35:57.0545 2596 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:35:57.0577 2596 HDAudBus - ok
16:35:57.0608 2596 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
16:35:57.0608 2596 HidBth - ok
16:35:57.0623 2596 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
16:35:57.0639 2596 HidIr - ok
16:35:57.0670 2596 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
16:35:57.0670 2596 hidserv - ok
16:35:57.0701 2596 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
16:35:57.0701 2596 HidUsb - ok
16:35:57.0733 2596 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
16:35:57.0733 2596 hkmsvc - ok
16:35:57.0764 2596 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
16:35:57.0764 2596 HpCISSs - ok
16:35:57.0904 2596 HSF_DPV (99f85640054ba65190b860d878a7c9ae) C:\Windows\system32\DRIVERS\HSX_DPV.sys
16:35:58.0185 2596 HSF_DPV - ok
16:35:58.0263 2596 HSXHWAZL (cfbc2b81972e298f0e19ee68fa9e73da) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
16:35:58.0450 2596 HSXHWAZL - ok
16:35:58.0528 2596 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
16:35:58.0544 2596 HTTP - ok
16:35:58.0575 2596 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
16:35:58.0575 2596 i2omp - ok
16:35:58.0622 2596 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
16:35:58.0622 2596 i8042prt - ok
16:35:58.0809 2596 IAANTMON (ae38a12f79a4980ddb88f36514f8a1da) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
16:35:58.0809 2596 IAANTMON - ok
16:35:58.0856 2596 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
16:35:58.0856 2596 iaStor - ok
16:35:58.0903 2596 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
16:35:58.0918 2596 iaStorV - ok
16:35:59.0059 2596 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:35:59.0074 2596 idsvc - ok
16:35:59.0511 2596 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
16:35:59.0729 2596 igfx - ok
16:35:59.0948 2596 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
16:35:59.0963 2596 iirsp - ok
16:36:00.0026 2596 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
16:36:00.0057 2596 IKEEXT - ok
16:36:00.0119 2596 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
16:36:00.0119 2596 IntcHdmiAddService - ok
16:36:00.0166 2596 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
16:36:00.0166 2596 intelide - ok
16:36:00.0213 2596 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
16:36:00.0213 2596 intelppm - ok
16:36:00.0244 2596 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
16:36:00.0244 2596 IPBusEnum - ok
16:36:00.0275 2596 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:36:00.0275 2596 IpFilterDriver - ok
16:36:00.0322 2596 iphlpsvc (a989bdb1a8cd914c7e49af297d95bdb4) C:\Windows\System32\iphlpsvc.dll
16:36:00.0338 2596 iphlpsvc - ok
16:36:00.0338 2596 IpInIp - ok
16:36:00.0385 2596 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
16:36:00.0385 2596 IPMIDRV - ok
16:36:00.0416 2596 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
16:36:00.0416 2596 IPNAT - ok
16:36:00.0431 2596 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
16:36:00.0447 2596 IRENUM - ok
16:36:00.0463 2596 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
16:36:00.0463 2596 isapnp - ok
16:36:00.0509 2596 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
16:36:00.0525 2596 iScsiPrt - ok
16:36:00.0541 2596 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
16:36:00.0556 2596 iteatapi - ok
16:36:00.0572 2596 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
16:36:00.0572 2596 iteraid - ok
16:36:00.0587 2596 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
16:36:00.0587 2596 kbdclass - ok
16:36:00.0603 2596 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
16:36:00.0603 2596 kbdhid - ok
16:36:00.0650 2596 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
16:36:00.0650 2596 KeyIso - ok
16:36:00.0712 2596 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
16:36:00.0728 2596 KSecDD - ok
16:36:00.0790 2596 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
16:36:00.0806 2596 KtmRm - ok
16:36:00.0853 2596 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
16:36:00.0853 2596 LanmanServer - ok
16:36:00.0915 2596 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
16:36:00.0931 2596 LanmanWorkstation - ok
16:36:00.0962 2596 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
16:36:00.0977 2596 lltdio - ok
16:36:01.0024 2596 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
16:36:01.0040 2596 lltdsvc - ok
16:36:01.0055 2596 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
16:36:01.0055 2596 lmhosts - ok
16:36:01.0087 2596 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
16:36:01.0087 2596 LSI_FC - ok
16:36:01.0102 2596 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
16:36:01.0118 2596 LSI_SAS - ok
16:36:01.0133 2596 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
16:36:01.0149 2596 LSI_SCSI - ok
16:36:01.0165 2596 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
16:36:01.0165 2596 luafv - ok
16:36:01.0367 2596 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:36:01.0383 2596 McAfee SiteAdvisor Service - ok
16:36:01.0399 2596 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:36:01.0399 2596 McMPFSvc - ok
16:36:01.0399 2596 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:36:01.0399 2596 mcmscsvc - ok
16:36:01.0414 2596 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:36:01.0414 2596 McNaiAnn - ok
16:36:01.0430 2596 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:36:01.0430 2596 McNASvc - ok
16:36:01.0523 2596 McODS (135aa9e9e7047b7dc1f753205d421a26) C:\Program Files\McAfee\VirusScan\mcods.exe
16:36:01.0539 2596 McODS - ok
16:36:01.0570 2596 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:36:01.0586 2596 McProxy - ok
16:36:01.0633 2596 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
16:36:01.0648 2596 McShield - ok
16:36:01.0679 2596 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
16:36:01.0679 2596 Mcx2Svc - ok
16:36:01.0711 2596 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
16:36:01.0726 2596 mdmxsdk - ok
16:36:01.0773 2596 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
16:36:01.0789 2596 megasas - ok
16:36:01.0835 2596 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
16:36:01.0867 2596 MegaSR - ok
16:36:01.0913 2596 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\Windows\system32\drivers\mfeapfk.sys
16:36:01.0913 2596 mfeapfk - ok
16:36:01.0960 2596 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\Windows\system32\drivers\mfeavfk.sys
16:36:02.0116 2596 mfeavfk - ok
16:36:02.0147 2596 mfeavfk01 - ok
16:36:02.0179 2596 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\Windows\system32\drivers\mfebopk.sys
16:36:02.0179 2596 mfebopk - ok
16:36:02.0241 2596 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:36:02.0241 2596 mfefire - ok
16:36:02.0303 2596 mfefirek (4ea6ff90015424517843e931448e00f1) C:\Windows\system32\drivers\mfefirek.sys
16:36:02.0397 2596 mfefirek - ok
16:36:02.0459 2596 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\Windows\system32\drivers\mfehidk.sys
16:36:02.0475 2596 mfehidk - ok
16:36:02.0491 2596 mfenlfk (ac04a618aef3de0fce91c766f9e069da) C:\Windows\system32\DRIVERS\mfenlfk.sys
16:36:02.0584 2596 mfenlfk - ok
16:36:02.0631 2596 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\Windows\system32\drivers\mferkdet.sys
16:36:02.0771 2596 mferkdet - ok
16:36:02.0818 2596 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\Windows\system32\mfevtps.exe
16:36:02.0818 2596 mfevtp - ok
16:36:02.0849 2596 mfewfpk (f284337aedb7483df8a5fa840647e2b0) C:\Windows\system32\drivers\mfewfpk.sys
16:36:02.0959 2596 mfewfpk - ok
16:36:03.0068 2596 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
16:36:03.0099 2596 MMCSS - ok
16:36:03.0130 2596 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
16:36:03.0130 2596 Modem - ok
16:36:03.0161 2596 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
16:36:03.0161 2596 monitor - ok
16:36:03.0177 2596 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
16:36:03.0177 2596 mouclass - ok
16:36:03.0193 2596 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
16:36:03.0208 2596 mouhid - ok
16:36:03.0224 2596 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
16:36:03.0224 2596 MountMgr - ok
16:36:03.0395 2596 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:36:03.0411 2596 MozillaMaintenance - ok
16:36:03.0458 2596 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
16:36:03.0458 2596 mpio - ok
16:36:03.0489 2596 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
16:36:03.0489 2596 mpsdrv - ok
16:36:03.0551 2596 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
16:36:03.0583 2596 MpsSvc - ok
16:36:03.0629 2596 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
16:36:03.0645 2596 Mraid35x - ok
16:36:03.0676 2596 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
16:36:03.0676 2596 MRxDAV - ok
16:36:03.0707 2596 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:36:03.0707 2596 mrxsmb - ok
16:36:03.0754 2596 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:36:03.0754 2596 mrxsmb10 - ok
16:36:03.0770 2596 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:36:03.0770 2596 mrxsmb20 - ok
16:36:03.0785 2596 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
16:36:03.0926 2596 msahci - ok
16:36:03.0957 2596 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
16:36:03.0973 2596 msdsm - ok
16:36:04.0004 2596 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
16:36:04.0004 2596 MSDTC - ok
16:36:04.0035 2596 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
16:36:04.0035 2596 Msfs - ok
16:36:04.0082 2596 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
16:36:04.0082 2596 msisadrv - ok
16:36:04.0113 2596 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
16:36:04.0129 2596 MSiSCSI - ok
16:36:04.0129 2596 msiserver - ok
16:36:04.0285 2596 MSK80Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:36:04.0300 2596 MSK80Service - ok
16:36:04.0316 2596 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
16:36:04.0331 2596 MSKSSRV - ok
16:36:04.0347 2596 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
16:36:04.0347 2596 MSPCLOCK - ok
16:36:04.0363 2596 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
16:36:04.0363 2596 MSPQM - ok
16:36:04.0409 2596 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
16:36:04.0409 2596 MsRPC - ok
16:36:04.0425 2596 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
16:36:04.0441 2596 mssmbios - ok
16:36:04.0441 2596 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
16:36:04.0441 2596 MSTEE - ok
16:36:04.0472 2596 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
16:36:04.0472 2596 Mup - ok
16:36:04.0519 2596 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
16:36:04.0534 2596 napagent - ok
16:36:04.0597 2596 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
16:36:04.0597 2596 NativeWifiP - ok
16:36:04.0675 2596 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
16:36:04.0690 2596 NDIS - ok
16:36:04.0721 2596 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
16:36:04.0721 2596 NdisTapi - ok
16:36:04.0737 2596 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
16:36:04.0753 2596 Ndisuio - ok
16:36:04.0799 2596 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:36:04.0815 2596 NdisWan - ok
16:36:04.0831 2596 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
16:36:04.0831 2596 NDProxy - ok
16:36:04.0893 2596 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
16:36:04.0924 2596 NetBIOS - ok
16:36:04.0971 2596 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
16:36:04.0987 2596 netbt - ok
16:36:05.0018 2596 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
16:36:05.0033 2596 Netlogon - ok
16:36:05.0096 2596 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
16:36:05.0096 2596 Netman - ok
16:36:05.0158 2596 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
16:36:05.0158 2596 netprofm - ok
16:36:05.0236 2596 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:36:05.0236 2596 NetTcpPortSharing - ok
16:36:05.0267 2596 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
16:36:05.0283 2596 nfrd960 - ok
16:36:05.0314 2596 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
16:36:05.0330 2596 NlaSvc - ok
16:36:05.0720 2596 NOBU (bc82c8a9c46c2541c7fa7a93819fecc2) C:\Program Files\Dell\Dell Datasafe Online\NOBuAgent.exe
16:36:05.0767 2596 NOBU - ok
16:36:06.0047 2596 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
16:36:06.0047 2596 Npfs - ok
16:36:06.0079 2596 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
16:36:06.0094 2596 nsi - ok
16:36:06.0125 2596 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
16:36:06.0125 2596 nsiproxy - ok
16:36:06.0515 2596 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
16:36:06.0578 2596 Ntfs - ok
16:36:06.0609 2596 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
16:36:06.0609 2596 ntrigdigi - ok
16:36:06.0625 2596 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
16:36:06.0640 2596 Null - ok
16:36:06.0671 2596 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
16:36:06.0671 2596 nvraid - ok
16:36:06.0703 2596 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
16:36:06.0703 2596 nvstor - ok
16:36:06.0718 2596 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
16:36:06.0734 2596 nv_agp - ok
16:36:06.0734 2596 NwlnkFlt - ok
16:36:06.0749 2596 NwlnkFwd - ok
16:36:06.0796 2596 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
16:36:06.0796 2596 ohci1394 - ok
16:36:06.0859 2596 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:36:06.0890 2596 p2pimsvc - ok
16:36:06.0890 2596 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:36:06.0905 2596 p2psvc - ok
16:36:06.0937 2596 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
16:36:06.0952 2596 Parport - ok
16:36:06.0983 2596 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
16:36:06.0999 2596 partmgr - ok
16:36:07.0030 2596 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
16:36:07.0046 2596 Parvdm - ok
16:36:07.0061 2596 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
16:36:07.0077 2596 PcaSvc - ok
16:36:07.0124 2596 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
16:36:07.0124 2596 pci - ok
16:36:07.0155 2596 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
16:36:07.0155 2596 pciide - ok
16:36:07.0186 2596 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
16:36:07.0202 2596 pcmcia - ok
16:36:07.0373 2596 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
16:36:07.0405 2596 PEAUTH - ok
16:36:07.0654 2596 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
16:36:07.0701 2596 pla - ok
16:36:08.0060 2596 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
16:36:08.0107 2596 PlugPlay - ok
16:36:08.0185 2596 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:36:08.0185 2596 PNRPAutoReg - ok
16:36:08.0200 2596 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
16:36:08.0216 2596 PNRPsvc - ok
16:36:08.0356 2596 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
16:36:08.0356 2596 PolicyAgent - ok
16:36:08.0481 2596 postgresql-8.4 - ok
16:36:08.0637 2596 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
16:36:08.0637 2596 PptpMiniport - ok
16:36:08.0668 2596 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
16:36:08.0668 2596 Processor - ok
16:36:08.0715 2596 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
16:36:08.0715 2596 ProfSvc - ok
16:36:08.0746 2596 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
16:36:08.0746 2596 ProtectedStorage - ok
16:36:08.0793 2596 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
16:36:08.0809 2596 PSched - ok
16:36:08.0855 2596 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
16:36:08.0855 2596 PxHelp20 - ok
16:36:08.0965 2596 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
16:36:09.0011 2596 ql2300 - ok
16:36:09.0027 2596 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
16:36:09.0043 2596 ql40xx - ok
16:36:09.0089 2596 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
16:36:09.0105 2596 QWAVE - ok
16:36:09.0121 2596 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
16:36:09.0121 2596 QWAVEdrv - ok
16:36:09.0433 2596 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
16:36:09.0526 2596 R300 - ok
16:36:09.0667 2596 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
16:36:09.0667 2596 RasAcd - ok
16:36:09.0713 2596 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
16:36:09.0713 2596 RasAuto - ok
16:36:09.0729 2596 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:36:09.0745 2596 Rasl2tp - ok
16:36:09.0776 2596 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
16:36:09.0791 2596 RasMan - ok
16:36:10.0213 2596 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
16:36:10.0244 2596 RasPppoe - ok
16:36:10.0322 2596 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
16:36:10.0322 2596 RasSstp - ok
16:36:10.0369 2596 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
16:36:10.0384 2596 rdbss - ok
16:36:10.0431 2596 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:36:10.0431 2596 RDPCDD - ok
16:36:10.0478 2596 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
16:36:10.0478 2596 rdpdr - ok
16:36:10.0493 2596 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
16:36:10.0493 2596 RDPENCDD - ok
16:36:10.0556 2596 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
16:36:10.0743 2596 RDPWD - ok
16:36:10.0805 2596 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
16:36:10.0805 2596 RemoteAccess - ok
16:36:10.0852 2596 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
16:36:10.0852 2596 RemoteRegistry - ok
16:36:10.0883 2596 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
16:36:10.0977 2596 rimmptsk - ok
16:36:11.0008 2596 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
16:36:11.0071 2596 rimsptsk - ok
16:36:11.0086 2596 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
16:36:11.0086 2596 rismxdp - ok
16:36:11.0133 2596 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
16:36:11.0133 2596 RpcLocator - ok
16:36:11.0195 2596 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
16:36:11.0211 2596 RpcSs - ok
16:36:11.0258 2596 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
16:36:11.0258 2596 rspndr - ok
16:36:11.0289 2596 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
16:36:11.0289 2596 SamSs - ok
16:36:11.0429 2596 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
16:36:11.0429 2596 SASDIFSV - ok
16:36:11.0461 2596 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
16:36:11.0461 2596 SASKUTIL - ok
16:36:11.0507 2596 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
16:36:11.0507 2596 sbp2port - ok
16:36:11.0539 2596 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
16:36:11.0539 2596 SCardSvr - ok
16:36:11.0617 2596 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
16:36:11.0663 2596 Schedule - ok
16:36:11.0710 2596 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
16:36:11.0710 2596 SCPolicySvc - ok
16:36:11.0757 2596 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
16:36:11.0757 2596 sdbus - ok
16:36:11.0804 2596 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
16:36:11.0804 2596 SDRSVC - ok
16:36:11.0835 2596 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
16:36:11.0835 2596 secdrv - ok
16:36:11.0851 2596 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
16:36:11.0851 2596 seclogon - ok
16:36:11.0882 2596 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
16:36:11.0882 2596 SENS - ok
16:36:11.0897 2596 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
16:36:11.0897 2596 Serenum - ok
16:36:11.0929 2596 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
16:36:11.0944 2596 Serial - ok
16:36:11.0960 2596 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
16:36:11.0960 2596 sermouse - ok
16:36:12.0022 2596 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
16:36:12.0022 2596 SessionEnv - ok
16:36:12.0038 2596 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
16:36:12.0053 2596 sffdisk - ok
16:36:12.0069 2596 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
16:36:12.0085 2596 sffp_mmc - ok
16:36:12.0100 2596 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
16:36:12.0100 2596 sffp_sd - ok
16:36:12.0116 2596 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
16:36:12.0116 2596 sfloppy - ok
16:36:12.0163 2596 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
16:36:12.0194 2596 SharedAccess - ok
16:36:12.0256 2596 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
16:36:12.0287 2596 ShellHWDetection - ok
16:36:12.0334 2596 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
16:36:12.0334 2596 sisagp - ok
16:36:12.0350 2596 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
16:36:12.0365 2596 SiSRaid2 - ok
16:36:12.0365 2596 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
16:36:12.0381 2596 SiSRaid4 - ok
16:36:12.0615 2596 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
16:36:12.0724 2596 slsvc - ok
16:36:12.0880 2596 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
16:36:12.0880 2596 SLUINotify - ok
16:36:12.0927 2596 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
16:36:12.0927 2596 Smb - ok
16:36:12.0958 2596 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
16:36:12.0974 2596 SNMPTRAP - ok
16:36:13.0005 2596 Soluto (ff35c2d01ac36b446a1b997f305f0fc2) C:\Windows\system32\DRIVERS\Soluto.sys
16:36:13.0005 2596 Soluto - ok
16:36:13.0130 2596 SolutoService (10dee00baf67de1059071c1ecd459ac5) C:\Program Files\Soluto\SolutoService.exe
16:36:13.0192 2596 SolutoService - ok
16:36:13.0223 2596 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
16:36:13.0239 2596 spldr - ok
16:36:13.0270 2596 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
16:36:13.0286 2596 Spooler - ok
16:36:13.0333 2596 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
16:36:13.0348 2596 srv - ok
16:36:13.0411 2596 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
16:36:13.0411 2596 srv2 - ok
16:36:13.0426 2596 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
16:36:13.0426 2596 srvnet - ok
16:36:13.0473 2596 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
16:36:13.0489 2596 SSDPSRV - ok
16:36:13.0520 2596 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
16:36:13.0520 2596 SstpSvc - ok
16:36:13.0567 2596 STacSV (7e6dd4b34acd36af6c711d2bde91b040) C:\Windows\system32\STacSV.exe
16:36:13.0567 2596 STacSV - ok
16:36:13.0629 2596 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
16:36:13.0863 2596 STHDA - ok
16:36:13.0941 2596 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
16:36:13.0957 2596 stisvc - ok
16:36:14.0050 2596 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
16:36:14.0050 2596 stllssvr - ok
16:36:14.0066 2596 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
16:36:14.0081 2596 swenum - ok
16:36:14.0128 2596 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
16:36:14.0175 2596 swprv - ok
16:36:14.0206 2596 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
16:36:14.0206 2596 Symc8xx - ok
16:36:14.0222 2596 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
16:36:14.0237 2596 Sym_hi - ok
16:36:14.0253 2596 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
16:36:14.0253 2596 Sym_u3 - ok
16:36:14.0331 2596 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
16:36:14.0347 2596 SysMain - ok
16:36:14.0378 2596 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
16:36:14.0378 2596 TabletInputService - ok
16:36:14.0425 2596 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
16:36:14.0425 2596 TapiSrv - ok
16:36:14.0456 2596 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
16:36:14.0456 2596 TBS - ok
16:36:14.0549 2596 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
16:36:14.0581 2596 Tcpip - ok
16:36:14.0612 2596 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
16:36:14.0612 2596 Tcpip6 - ok
16:36:14.0659 2596 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
16:36:14.0674 2596 tcpipreg - ok
16:36:14.0705 2596 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
16:36:14.0721 2596 TDPIPE - ok
16:36:14.0737 2596 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
16:36:14.0752 2596 TDTCP - ok
16:36:14.0783 2596 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
16:36:14.0799 2596 tdx - ok
16:36:14.0830 2596 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
16:36:14.0846 2596 TermDD - ok
16:36:14.0908 2596 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
16:36:14.0924 2596 TermService - ok
16:36:14.0955 2596 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
16:36:14.0971 2596 Themes - ok
16:36:15.0002 2596 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
16:36:15.0002 2596 THREADORDER - ok
16:36:15.0049 2596 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
16:36:15.0049 2596 TrkWks - ok
16:36:15.0095 2596 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
16:36:15.0095 2596 TrustedInstaller - ok
16:36:15.0142 2596 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:36:15.0142 2596 tssecsrv - ok
16:36:15.0173 2596 tunmp (387e5f1a2e0a96faf43f11ea7a7a760e) C:\Windows\system32\DRIVERS\tunmp.sys
16:36:15.0173 2596 tunmp - ok
16:36:15.0189 2596 tunnel (4e2e4203534ebbe07bb8147a8d419143) C:\Windows\system32\DRIVERS\tunnel.sys
16:36:15.0189 2596 tunnel - ok
16:36:15.0251 2596 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
16:36:15.0251 2596 uagp35 - ok
16:36:15.0298 2596 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
16:36:15.0314 2596 udfs - ok
16:36:15.0345 2596 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
16:36:15.0361 2596 UI0Detect - ok
16:36:15.0376 2596 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
16:36:15.0376 2596 uliagpkx - ok
16:36:15.0407 2596 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
16:36:15.0423 2596 uliahci - ok
16:36:15.0439 2596 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
16:36:15.0454 2596 UlSata - ok
16:36:15.0470 2596 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
16:36:15.0485 2596 ulsata2 - ok
16:36:15.0501 2596 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
16:36:15.0517 2596 umbus - ok
16:36:15.0548 2596 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
16:36:15.0579 2596 upnphost - ok
16:36:15.0626 2596 usbccgp (922b2ebd5118b9ab120410807131a921) C:\Windows\system32\DRIVERS\usbccgp.sys
16:36:15.0704 2596 usbccgp - ok
16:36:15.0719 2596 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
16:36:15.0735 2596 usbcir - ok
16:36:15.0766 2596 usbehci (3d045eaa73414be8f877f292a84abba2) C:\Windows\system32\DRIVERS\usbehci.sys
16:36:15.0922 2596 usbehci - ok
16:36:15.0969 2596 usbhub (1ae77a4c4e4f526ef9759c31a123f2b0) C:\Windows\system32\DRIVERS\usbhub.sys
16:36:16.0094 2596 usbhub - ok
16:36:16.0156 2596 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
16:36:16.0156 2596 usbohci - ok
16:36:16.0187 2596 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
16:36:16.0187 2596 usbprint - ok
16:36:16.0234 2596 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
16:36:16.0250 2596 usbscan - ok
16:36:16.0281 2596 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:36:16.0281 2596 USBSTOR - ok
16:36:16.0312 2596 usbuhci (f69c1aad04f28415f3fbe99fbe56030b) C:\Windows\system32\DRIVERS\usbuhci.sys
16:36:16.0468 2596 usbuhci - ok
16:36:16.0499 2596 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
16:36:16.0499 2596 UxSms - ok
16:36:16.0562 2596 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
16:36:16.0609 2596 vds - ok
16:36:16.0640 2596 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
16:36:16.0640 2596 vga - ok
16:36:16.0671 2596 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
16:36:16.0671 2596 VgaSave - ok
16:36:16.0687 2596 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
16:36:16.0687 2596 viaagp - ok
16:36:16.0702 2596 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
16:36:16.0718 2596 ViaC7 - ok
16:36:16.0718 2596 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
16:36:16.0733 2596 viaide - ok
16:36:16.0749 2596 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
16:36:16.0749 2596 volmgr - ok
16:36:16.0796 2596 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
16:36:16.0811 2596 volmgrx - ok
16:36:16.0858 2596 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
16:36:16.0858 2596 volsnap - ok
16:36:16.0905 2596 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
16:36:16.0905 2596 vsmraid - ok
16:36:16.0999 2596 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
16:36:17.0030 2596 VSS - ok
16:36:17.0077 2596 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
16:36:17.0092 2596 W32Time - ok
16:36:17.0155 2596 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
16:36:17.0155 2596 WacomPen - ok
16:36:17.0170 2596 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:36:17.0186 2596 Wanarp - ok
16:36:17.0186 2596 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:36:17.0186 2596 Wanarpv6 - ok
16:36:17.0279 2596 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
16:36:17.0295 2596 wcncsvc - ok
16:36:17.0326 2596 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
16:36:17.0326 2596 WcsPlugInService - ok
16:36:17.0342 2596 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
16:36:17.0357 2596 Wd - ok
16:36:17.0389 2596 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
16:36:17.0420 2596 Wdf01000 - ok
16:36:17.0435 2596 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
16:36:17.0435 2596 WdiServiceHost - ok
16:36:17.0451 2596 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
16:36:17.0451 2596 WdiSystemHost - ok
16:36:17.0498 2596 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
16:36:17.0498 2596 WebClient - ok
16:36:17.0545 2596 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
16:36:17.0560 2596 Wecsvc - ok
16:36:17.0591 2596 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
16:36:17.0591 2596 wercplsupport - ok
16:36:17.0638 2596 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
16:36:17.0654 2596 WerSvc - ok
16:36:17.0732 2596 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
16:36:17.0997 2596 winachsf - ok
16:36:18.0091 2596 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
16:36:18.0106 2596 WinDefend - ok
16:36:18.0122 2596 WinHttpAutoProxySvc - ok
16:36:18.0184 2596 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
16:36:18.0184 2596 Winmgmt - ok
16:36:18.0309 2596 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
16:36:18.0340 2596 WinRM - ok
16:36:18.0418 2596 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
16:36:18.0434 2596 Wlansvc - ok
16:36:18.0434 2596 wltrysvc - ok
16:36:18.0512 2596 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:36:18.0512 2596 WmiAcpi - ok
16:36:18.0590 2596 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
16:36:18.0590 2596 wmiApSrv - ok
16:36:18.0715 2596 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
16:36:18.0746 2596 WMPNetworkSvc - ok
16:36:18.0777 2596 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
16:36:18.0793 2596 WPCSvc - ok
16:36:18.0839 2596 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
16:36:18.0839 2596 WPDBusEnum - ok
16:36:19.0011 2596 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe
16:36:19.0027 2596 WPFFontCache_v0400 - ok
16:36:19.0105 2596 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
16:36:19.0105 2596 ws2ifsl - ok
16:36:19.0151 2596 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
16:36:19.0151 2596 wscsvc - ok
16:36:19.0167 2596 WSearch - ok
16:36:19.0339 2596 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
16:36:19.0370 2596 wuauserv - ok
16:36:19.0510 2596 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:36:19.0526 2596 WUDFRd - ok
16:36:19.0557 2596 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
16:36:19.0557 2596 wudfsvc - ok
16:36:19.0588 2596 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
16:36:19.0713 2596 XAudio - ok
16:36:19.0760 2596 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
16:36:19.0822 2596 XAudioService - ok
16:36:19.0869 2596 yukonwlh (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
16:36:19.0900 2596 yukonwlh - ok
16:36:19.0931 2596 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
16:36:20.0197 2596 \Device\Harddisk0\DR0 - ok
16:36:20.0243 2596 Boot (0x1200) (1286e2d562fe85f2232acd0b5d2d44ca) \Device\Harddisk0\DR0\Partition0
16:36:20.0243 2596 \Device\Harddisk0\DR0\Partition0 - ok
16:36:20.0243 2596 Boot (0x1200) (480636feec0c70762bc246328e6678db) \Device\Harddisk0\DR0\Partition1
16:36:20.0259 2596 \Device\Harddisk0\DR0\Partition1 - ok
16:36:20.0259 2596 ================================================== ==========
16:36:20.0259 2596 Scan finished
16:36:20.0259 2596 ================================================== ==========
16:36:20.0275 3956 Detected object count: 0
16:36:20.0275 3956 Actual detected object count: 0

WEC · 08-12-2012, 07:48 PM

Quote:

Originally Posted by Gabethebabe

Not sure what the code thing is.

FWIW Here is example of what is happening multiple times daily:

WEC · 08-20-2012, 08:22 PM

I have not seen the code stuff in a week

But, today while doing a google search, I went to click on 4Flush.com and got a McAfee warning for protechere . com and the link was http://protechere . com/cgi-bin/r.cgi?p=10003&i=...

Any idea why I get this redirect so much just on 4Flush.com? It seems to me it is the same redirect link everytime.

Here is McAfee Warning for the site itself

http://www.siteadvisor.com/sites/protechere.com/msgpage

When I google protechere . com it comes up in several threads (amongst a bunch of other code) concerning .htaccess hacks. Is it likely it is this site that has been hacked or compromised, instead of my PC?

Should I post this to some other computer help? Should I just move along and just avoid 4flush?

AceHigh Pino · 09-03-2012, 06:54 PM

Hey WEC -- I don't know how I didn't spot this thread earlier but I noticed you posted about this here and on another webmaster forum. Anyways, I'm the owner of 4Flush.com and I apologize whole-heartedly for any issues you had from visiting my site.

Today, the site was actually hacked for a couple hours and I have been working on getting it fixed for the past several hours with my coder. I have gone and moved the site to more secured hosting on my VPS at Servint and it should be re-propagated fully cleaned up and ready to go here in the next 24 hours or so.

I noticed going through my files a ton of weird things going on through my FTP, as well as malicious code that was inserted into my .htaccess file that I never caught when I purchased the site in 2011. Combined with the AWFUL hosting at HostPapa it looks like that may have been the primary reason why it kept giving visitors warnings when they visited the site. I'm hoping that once the propagation is finished everything will be good to go again.

Again, I am sooooooo sorry you had so many issues from my site when you started surfing it man. Hopefully we can gain your trust back soon enough.

Gabethebabe · 09-04-2012, 02:08 AM

awesome