Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't delete things also told I don't have permission to delete things on an admin account


  • Please log in to reply
8 replies to this topic

#1 Depraved

Depraved

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 06 April 2012 - 12:02 AM

The title pretty much says it all, just today my laptop has been acting really weird and I noticed someone tried to install a keylogger on my laptop but I can't delete the setup for it or even move it to a different folder. A box pops up telling me "windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." I even tried enabling my built in administrator account to delete it from that still wouldn't budge though. My anti virus doesn't seem too bothered by it but I don't want it there! lol please help -_- I am running Windows 7 home premium, pretty much brand new dell xps 15z.

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:24 PM

Posted 06 April 2012 - 12:06 AM

Hello,

And welcome to BleepingComputer.com, before we can assist you with your question of: Am I infected? You will need to perform the following tasks and post the logs of each if you can.

Malwarebytes Anti-Malware

NOTEMalwarebytes is now offering a free trial of their program, if you want to accept it you will need to enter some billing information, so that at the end of the trial you would be charged the cost of the product. Please decline this offer, if you are unable to provide billing information. If you want to try it out, then provide the billing information.

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


SUPERAntiSpyware:

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.

      Scan with SUPERAntiSpyware as follows:[list]
    • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes" and reboot normally.
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.[list]
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.

Instructions:

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.

#3 Depraved

Depraved
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 06 April 2012 - 01:35 AM

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.04.06.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sammi :: SAMMI-PC [administrator]

05/04/2012 9:28:34 PM
mbam-log-2012-04-05 (21-28-34).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 361359
Time elapsed: 49 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Windows\SysWOW64\MPK\Mpk.dll (Refog.Keylogger) -> Delete on reboot.

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 15
C:\ProgramData\MPK (Refog.Keylogger) -> Delete on reboot.
C:\ProgramData\MPK\1 (Refog.Keylogger) -> Delete on reboot.
C:\ProgramData\MPK\CPDA (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\CPDM (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\REFOG Personal Monitor (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK (Refog.Keylogger) -> Delete on reboot.
C:\Windows\System32\MPK\Help (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Images (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK (Refog.Keylogger) -> Delete on reboot.
C:\Windows\SysWOW64\MPK\Help (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Images (Refog.Keylogger) -> Quarantined and deleted successfully.

Files Detected: 147
C:\$RECYCLE.BIN\S-1-5-21-3707478246-1993061971-1580713667-1001\$RNGETMC.exe (Application.ActualSpy) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\M0000 (Refog.Keylogger) -> Delete on reboot.
C:\ProgramData\MPK\S0000 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\D0000 (Refog.Keylogger) -> Delete on reboot.
C:\ProgramData\MPK\1\I40969_7137754282 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_7172477546 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_7207200463 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_7241923727 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_7276645602 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_7311368518 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_7346092130 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_7380814468 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_7415537037 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_7450260417 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_7484982755 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_7519706597 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_7554429745 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_7589151620 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_8075272107 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_8109995023 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_8179440625 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_8214163079 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_8387777894 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_8422500579 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_8769728704 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_8804451620 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_8908620139 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\I40969_8943343750 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\1\S0000 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\REFOG Personal Monitor\Order now!.lnk (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\REFOG Personal Monitor\REFOG Personal Monitor on the Web.lnk (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\REFOG Personal Monitor\REFOG Personal Monitor.lnk (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\ProgramData\MPK\REFOG Personal Monitor\Uninstall REFOG Personal Monitor.lnk (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\French.lng (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\German.lng (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\icon_1.ico (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\libeay32.dll (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\logstart.vbs (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\loguninstall.vbs (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Mpk.dll (Refog.Keylogger) -> Delete on reboot.
C:\Windows\System32\MPK\MPK.exe (Refog.Keylogger) -> Delete on reboot.
C:\Windows\System32\MPK\Mpk64.dll (Refog.Keylogger) -> Delete on reboot.
C:\Windows\System32\MPK\MPK64.exe (Refog.Keylogger) -> Delete on reboot.
C:\Windows\System32\MPK\Romanian.lng (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Spanish.lng (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\sqlite3.dll (Refog.Keylogger) -> Delete on reboot.
C:\Windows\System32\MPK\ssleay32.dll (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\trial_pro.ini (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\unins000.dat (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\unins000.exe (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\zlib1.dll (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\alarms.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\clipboard.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\computer.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\delivery.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\file.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\filters.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\imhelp.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\internet.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\invisible.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\keyboard.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\logging.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\log_size.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\need_update_net.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\password.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\programs.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\screenshot.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\settings_node.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\update.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\English\users_node.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish\alarms.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish\clipboard.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish\computer.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish\delivery.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish\filters.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish\internet.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish\invisible.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish\keyboard.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish\logging.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish\log_size.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish\password.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish\programs.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish\screenshot.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish\settings_node.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Help\Spanish\users_node.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Images\english.gif (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Images\german.gif (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Images\russian.gif (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Images\vista_hide.bmp (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\MPK\Images\xp_hide.bmp (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\French.lng (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\German.lng (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\icon_1.ico (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\libeay32.dll (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\logstart.vbs (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\loguninstall.vbs (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Mpk.dll (Refog.Keylogger) -> Delete on reboot.
C:\Windows\SysWOW64\MPK\MPK.exe (Refog.Keylogger) -> Delete on reboot.
C:\Windows\SysWOW64\MPK\Mpk64.dll (Refog.Keylogger) -> Delete on reboot.
C:\Windows\SysWOW64\MPK\MPK64.exe (Refog.Keylogger) -> Delete on reboot.
C:\Windows\SysWOW64\MPK\Romanian.lng (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Spanish.lng (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\sqlite3.dll (Refog.Keylogger) -> Delete on reboot.
C:\Windows\SysWOW64\MPK\ssleay32.dll (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\trial_pro.ini (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\unins000.dat (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\unins000.exe (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\zlib1.dll (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\alarms.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\clipboard.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\computer.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\delivery.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\file.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\filters.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\imhelp.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\internet.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\invisible.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\keyboard.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\logging.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\log_size.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\need_update_net.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\password.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\programs.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\screenshot.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\settings_node.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\update.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\English\users_node.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish\alarms.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish\clipboard.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish\computer.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish\delivery.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish\filters.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish\internet.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish\invisible.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish\keyboard.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish\logging.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish\log_size.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish\password.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish\programs.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish\screenshot.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish\settings_node.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Help\Spanish\users_node.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Images\english.gif (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Images\german.gif (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Images\russian.gif (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Images\vista_hide.bmp (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\MPK\Images\xp_hide.bmp (Refog.Keylogger) -> Quarantined and deleted successfully.

(end)


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/05/2012 at 10:56 PM

Application Version : 5.0.1146

Core Rules Database Version : 8424
Trace Rules Database Version: 6236

Scan type : Complete Scan
Total Scan Time : 00:32:29

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 722
Memory threats detected : 0
Registry items scanned : 71560
Registry threats detected : 0
File items scanned : 51051
File threats detected : 408

PUP.CNETInstaller
C:\USERS\SAMMI\APPDATA\LOCAL\TEMP\ICREINSTALL\CNET2_FKEYLOGGER_ZIP.EXE
C:\$RECYCLE.BIN\S-1-5-21-3707478246-1993061971-1580713667-1001\$RC7Q4HA.LNK
C:\$RECYCLE.BIN\S-1-5-21-3707478246-1993061971-1580713667-1001\$RGK4HAF.EXE
C:\$RECYCLE.BIN\S-1-5-21-3707478246-1993061971-1580713667-1001\$RP8FH5T.LNK

Adware.Tracking Cookie
ad.yieldmanager.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.warnerbros.112.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rbc.bridgetrack.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rbc.bridgetrack.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stats.royalbank.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mmotraffic.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.networldmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.networldmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.networldmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.vitamine.networldmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.vitamine.networldmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.networldmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.shawtelevision.112.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
data.coremetrics.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rbc.bridgetrack.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stats.royalbank.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rbc.bridgetrack.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.im [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.im [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediafire.im [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediafire.im [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediafire.im [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediafire.im [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediafire.im [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediafire.im [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediafire.im [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediafire.im [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserver.adreactor.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yadro.ru [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
lyricfind.rotator.hadj7.adjuggler.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
lyricfind.rotator.hadj7.adjuggler.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adjuggler.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
banners.trafficengine.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tns-counter.ru [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.harrenmedianetwork.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.wigetmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.velmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserver.valwa.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.sympatico.112.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.parentsexpert.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.parentsexpert.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.247realmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.saymedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getcracking.ca [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getcracking.ca [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getcracking.ca [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getcracking.ca [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getcracking.ca [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rambler.ru [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nextag.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nextag.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hotlog.ru [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.openstat.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
blueflameelite.go2cloud.org [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.care2.112.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findhe.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findhe.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.aim4media.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyewonder.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyewonder.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dmtracker.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.oddcast.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getclicky.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.static.getclicky.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
gotacha.rotator.hadj7.adjuggler.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www5.addfreestats.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbank.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ghmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbank.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads2.zeusclicks.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pornhublive.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
pornografish.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.sexad.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.trafficjunky.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pornhub.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pornhub.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amerisourcebergen.122.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stat.dealtime.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
optimize.indieclick.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
optimize.indieclick.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
optimize.indieclick.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdmedia.rotator.hadj7.adjuggler.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.network.realmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.msnportal.112.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.wigetmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.brighteroption.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.brighteroption.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ox.mediabistro.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.googleads.g.doubleclick.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
static.freewebs.getclicky.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rotator.adjuggler.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rotator.adjuggler.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.youtube.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.networldmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adup.rotator.hadj7.adjuggler.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adup.rotator.hadj7.adjuggler.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adup.rotator.hadj7.adjuggler.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unrulymedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.medhelpinternational.112.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads1.zenoviaexchange.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.fulltraffic.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mmotraffic.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.game-advertising-online.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.content.yieldmanager.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.hostgator.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.myroitracking.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
network.alluremedia.com.au [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdmedia.rotator.hadj7.adjuggler.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adlegend.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adlegend.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.velmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.velmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.superstats.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trackmill.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trackmill.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
dc.tremormedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.exoclick.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickfuse.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.networldmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.networldmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
vitamine.networldmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
vitamine.networldmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.thcfinder.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.thcfinder.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.thcfinder.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.thcfinder.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mm.chitika.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstnet.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
media-mgmt.armorgames.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.tunefind.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.tunefind.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
counters.gigya.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
soundtracktomyday.blogspot.ca [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
soundtracktomyday.blogspot.ca [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
soundtracktomyday.blogspot.ca [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.saymedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rbc.bridgetrack.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rbc.bridgetrack.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rbc.bridgetrack.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webstat.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webstat.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webstat.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rbc.bridgetrack.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rbc.bridgetrack.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xm.xtendmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kudosmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kudosmedia.net [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s1.adserverdisplay.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s1.adserverdisplay.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s1.adserverdisplay.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s1.adserverdisplay.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SAMMI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ia.media-imdb.com [ C:\USERS\SAMMI\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\LZ2LTBMB ]
media.heavy.com [ C:\USERS\SAMMI\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\LZ2LTBMB ]


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-04-05 23:30:44
Windows 6.1.7601 Service Pack 1
Running: 5y2fiqjl.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\88532e353382
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\88532e353382@0cdfa47fcdc8 0x60 0x7B 0x23 0xE0 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\88532e353382@44f45995f54e 0xCD 0xB3 0xA8 0x33 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\88532e353382@184617e8f395 0xDA 0x9E 0x9A 0xF0 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\88532e353382@143605c6b279 0x18 0x43 0x3C 0x4D ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\88532e353382 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\88532e353382@0cdfa47fcdc8 0x60 0x7B 0x23 0xE0 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\88532e353382@44f45995f54e 0xCD 0xB3 0xA8 0x33 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\88532e353382@184617e8f395 0xDA 0x9E 0x9A 0xF0 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\88532e353382@143605c6b279 0x18 0x43 0x3C 0x4D ...
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Sammi\Documents\Natural Threat \x2013 Ominous Shores\Natural Threat \x2013 Ominous Shores.exe 1

---- EOF - GMER 1.0.15 ----



#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:24 PM

Posted 06 April 2012 - 12:59 PM

Lets download and run TDSSKiller. If it asks you to fix anything, then PLEASE DO NOT FIX THE ANYTHING. Post the resulting log.

Lets also perform an online scan with ESET and post that log as well.

#5 Depraved

Depraved
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 07 April 2012 - 03:45 PM

Hi I ran the scans and they came up clean I am currently away for the holiday weekend and won't be able to access my laptop until sometime next week.. I just thought I'd let you know so you don't think I've abandoned this thread lol.

#6 Depraved

Depraved
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 13 April 2012 - 02:59 AM

00:48:44.0921 10832 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
00:48:46.0924 10832 ============================================================
00:48:46.0924 10832 Current date / time: 2012/04/13 00:48:46.0924
00:48:46.0924 10832 SystemInfo:
00:48:46.0924 10832
00:48:46.0924 10832 OS Version: 6.1.7601 ServicePack: 1.0
00:48:46.0924 10832 Product type: Workstation
00:48:46.0925 10832 ComputerName: SAMMI-PC
00:48:46.0925 10832 UserName: Sammi
00:48:46.0925 10832 Windows directory: C:\Windows
00:48:46.0925 10832 System windows directory: C:\Windows
00:48:46.0925 10832 Running under WOW64
00:48:46.0925 10832 Processor architecture: Intel x64
00:48:46.0925 10832 Number of processors: 4
00:48:46.0925 10832 Page size: 0x1000
00:48:46.0925 10832 Boot type: Normal boot
00:48:46.0925 10832 ============================================================
00:48:47.0611 10832 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:48:47.0617 10832 \Device\Harddisk0\DR0:
00:48:47.0617 10832 MBR used
00:48:47.0617 10832 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
00:48:47.0617 10832 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x54E01EF0
00:48:47.0679 10832 Initialize success
00:48:47.0680 10832 ============================================================
00:48:57.0758 3224 ============================================================
00:48:57.0758 3224 Scan started
00:48:57.0758 3224 Mode: Manual;
00:48:57.0758 3224 ============================================================
00:48:58.0073 3224 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
00:48:58.0117 3224 !SASCORE - ok
00:48:58.0207 3224 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
00:48:58.0238 3224 1394ohci - ok
00:48:58.0274 3224 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
00:48:58.0320 3224 Acceler - ok
00:48:58.0352 3224 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
00:48:58.0356 3224 ACPI - ok
00:48:58.0385 3224 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
00:48:58.0436 3224 AcpiPmi - ok
00:48:58.0554 3224 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:48:58.0595 3224 AdobeARMservice - ok
00:48:58.0674 3224 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:48:58.0679 3224 AdobeFlashPlayerUpdateSvc - ok
00:48:58.0727 3224 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
00:48:58.0750 3224 adp94xx - ok
00:48:58.0800 3224 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
00:48:58.0824 3224 adpahci - ok
00:48:58.0860 3224 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
00:48:58.0865 3224 adpu320 - ok
00:48:58.0896 3224 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
00:48:58.0900 3224 AeLookupSvc - ok
00:48:58.0935 3224 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
00:48:58.0981 3224 AERTFilters - ok
00:48:59.0077 3224 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
00:48:59.0081 3224 AFD - ok
00:48:59.0120 3224 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
00:48:59.0124 3224 agp440 - ok
00:48:59.0136 3224 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
00:48:59.0147 3224 ALG - ok
00:48:59.0176 3224 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
00:48:59.0179 3224 aliide - ok
00:48:59.0195 3224 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
00:48:59.0197 3224 amdide - ok
00:48:59.0214 3224 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
00:48:59.0217 3224 AmdK8 - ok
00:48:59.0224 3224 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
00:48:59.0227 3224 AmdPPM - ok
00:48:59.0243 3224 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
00:48:59.0274 3224 amdsata - ok
00:48:59.0329 3224 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
00:48:59.0346 3224 amdsbs - ok
00:48:59.0371 3224 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
00:48:59.0374 3224 amdxata - ok
00:48:59.0388 3224 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
00:48:59.0426 3224 AppID - ok
00:48:59.0453 3224 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
00:48:59.0456 3224 AppIDSvc - ok
00:48:59.0464 3224 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
00:48:59.0465 3224 Appinfo - ok
00:48:59.0565 3224 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:48:59.0614 3224 Apple Mobile Device - ok
00:48:59.0629 3224 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
00:48:59.0632 3224 arc - ok
00:48:59.0646 3224 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
00:48:59.0661 3224 arcsas - ok
00:48:59.0734 3224 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:48:59.0738 3224 aspnet_state - ok
00:48:59.0776 3224 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
00:48:59.0787 3224 AsyncMac - ok
00:48:59.0824 3224 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
00:48:59.0826 3224 atapi - ok
00:48:59.0873 3224 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
00:48:59.0898 3224 AudioEndpointBuilder - ok
00:48:59.0917 3224 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
00:48:59.0920 3224 AudioSrv - ok
00:48:59.0960 3224 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
00:48:59.0994 3224 AxInstSV - ok
00:49:00.0027 3224 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
00:49:00.0034 3224 b06bdrv - ok
00:49:00.0062 3224 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
00:49:00.0068 3224 b57nd60a - ok
00:49:00.0078 3224 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
00:49:00.0082 3224 BDESVC - ok
00:49:00.0100 3224 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
00:49:00.0105 3224 Beep - ok
00:49:00.0144 3224 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
00:49:00.0150 3224 BFE - ok
00:49:00.0193 3224 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
00:49:00.0259 3224 BITS - ok
00:49:00.0281 3224 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
00:49:00.0287 3224 blbdrive - ok
00:49:00.0393 3224 Bluetooth Device Monitor (c440483a5ce0e0ab03a79a33ace35d91) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
00:49:01.0289 3224 Bluetooth Device Monitor - ok
00:49:01.0320 3224 Bluetooth Media Service (c8ab8ca3557cce041ac4c88e76afbad0) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
00:49:02.0183 3224 Bluetooth Media Service - ok
00:49:02.0226 3224 Bluetooth OBEX Service (df83fb0eb35c91339f1c84c6cf426100) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
00:49:03.0103 3224 Bluetooth OBEX Service - ok
00:49:03.0184 3224 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
00:49:03.0216 3224 Bonjour Service - ok
00:49:03.0249 3224 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
00:49:03.0298 3224 bowser - ok
00:49:03.0318 3224 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
00:49:03.0322 3224 BrFiltLo - ok
00:49:03.0343 3224 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
00:49:03.0347 3224 BrFiltUp - ok
00:49:03.0379 3224 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
00:49:03.0436 3224 Browser - ok
00:49:03.0446 3224 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
00:49:03.0452 3224 Brserid - ok
00:49:03.0459 3224 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
00:49:03.0462 3224 BrSerWdm - ok
00:49:03.0469 3224 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
00:49:03.0472 3224 BrUsbMdm - ok
00:49:03.0479 3224 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
00:49:03.0481 3224 BrUsbSer - ok
00:49:03.0524 3224 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
00:49:03.0533 3224 BthEnum - ok
00:49:03.0547 3224 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
00:49:03.0552 3224 BTHMODEM - ok
00:49:03.0575 3224 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
00:49:03.0582 3224 BthPan - ok
00:49:03.0608 3224 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
00:49:03.0670 3224 BTHPORT - ok
00:49:03.0695 3224 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
00:49:03.0700 3224 bthserv - ok
00:49:03.0726 3224 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
00:49:03.0728 3224 BTHUSB - ok
00:49:03.0790 3224 btmaudio (8652c1572157bfa7e86ee41cb729eb46) C:\Windows\system32\drivers\btmaud.sys
00:49:03.0839 3224 btmaudio - ok
00:49:03.0863 3224 btmaux (ba554bfcbf21201d310738a42c9c19e1) C:\Windows\system32\DRIVERS\btmaux.sys
00:49:03.0891 3224 btmaux - ok
00:49:03.0923 3224 btmhsf (0010a54571f525a97eed8c091e96eaa9) C:\Windows\system32\DRIVERS\btmhsf.sys
00:49:03.0977 3224 btmhsf - ok
00:49:03.0990 3224 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
00:49:03.0994 3224 cdfs - ok
00:49:04.0019 3224 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
00:49:04.0071 3224 cdrom - ok
00:49:04.0094 3224 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
00:49:04.0096 3224 CertPropSvc - ok
00:49:04.0130 3224 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
00:49:04.0171 3224 cfwids - ok
00:49:04.0196 3224 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
00:49:04.0199 3224 circlass - ok
00:49:04.0222 3224 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
00:49:04.0226 3224 CLFS - ok
00:49:04.0280 3224 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:49:04.0290 3224 clr_optimization_v2.0.50727_32 - ok
00:49:04.0343 3224 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:49:04.0356 3224 clr_optimization_v2.0.50727_64 - ok
00:49:04.0430 3224 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:49:04.0439 3224 clr_optimization_v4.0.30319_32 - ok
00:49:04.0488 3224 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:49:04.0494 3224 clr_optimization_v4.0.30319_64 - ok
00:49:04.0524 3224 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
00:49:04.0534 3224 CmBatt - ok
00:49:04.0546 3224 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
00:49:04.0555 3224 cmdide - ok
00:49:04.0606 3224 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
00:49:04.0620 3224 CNG - ok
00:49:04.0655 3224 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
00:49:04.0656 3224 Compbatt - ok
00:49:04.0680 3224 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
00:49:04.0736 3224 CompositeBus - ok
00:49:04.0751 3224 COMSysApp - ok
00:49:04.0773 3224 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
00:49:04.0776 3224 crcdisk - ok
00:49:04.0833 3224 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
00:49:04.0879 3224 CryptSvc - ok
00:49:04.0916 3224 CtClsFlt (bc3d4f90978cd7c8eabd1baf3bf7873a) C:\Windows\system32\DRIVERS\CtClsFlt.sys
00:49:04.0968 3224 CtClsFlt - ok
00:49:05.0077 3224 cvhsvc (61a86809b62769643892bc0812b204aa) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
00:49:05.0081 3224 cvhsvc - ok
00:49:05.0121 3224 cyhid (6833d267db7e18e0044d5ffef872738b) C:\Windows\system32\DRIVERS\cyhid.sys
00:49:05.0160 3224 cyhid - ok
00:49:05.0230 3224 cykbfltrService (f4d88ad8fb26a239f5c9e9be40ba3c09) C:\Windows\system32\DRIVERS\cykbfltr.sys
00:49:05.0258 3224 cykbfltrService - ok
00:49:05.0298 3224 cymfltrService (182978565ce806829f9a8164ce9f159b) C:\Windows\system32\DRIVERS\cymfltr.sys
00:49:05.0327 3224 cymfltrService - ok
00:49:05.0384 3224 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
00:49:05.0451 3224 dc3d - ok
00:49:05.0484 3224 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
00:49:05.0489 3224 DcomLaunch - ok
00:49:05.0504 3224 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
00:49:05.0507 3224 defragsvc - ok
00:49:05.0520 3224 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
00:49:05.0522 3224 DfsC - ok
00:49:05.0549 3224 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
00:49:05.0558 3224 Dhcp - ok
00:49:05.0570 3224 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
00:49:05.0577 3224 discache - ok
00:49:05.0601 3224 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
00:49:05.0602 3224 Disk - ok
00:49:05.0622 3224 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
00:49:05.0661 3224 Dnscache - ok
00:49:05.0670 3224 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
00:49:05.0693 3224 dot3svc - ok
00:49:05.0705 3224 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
00:49:05.0707 3224 DPS - ok
00:49:05.0733 3224 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
00:49:05.0742 3224 drmkaud - ok
00:49:05.0779 3224 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
00:49:05.0821 3224 DXGKrnl - ok
00:49:05.0850 3224 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
00:49:05.0854 3224 EapHost - ok
00:49:05.0948 3224 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
00:49:06.0037 3224 ebdrv - ok
00:49:06.0069 3224 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
00:49:06.0119 3224 EFS - ok
00:49:06.0165 3224 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
00:49:06.0187 3224 ehRecvr - ok
00:49:06.0206 3224 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
00:49:06.0210 3224 ehSched - ok
00:49:06.0245 3224 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
00:49:06.0259 3224 elxstor - ok
00:49:06.0278 3224 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
00:49:06.0289 3224 ErrDev - ok
00:49:06.0319 3224 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
00:49:06.0324 3224 EventSystem - ok
00:49:06.0449 3224 EvtEng (ed8fbadbbaf7420adeae2d5d81f0d4a1) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:49:06.0485 3224 EvtEng - ok
00:49:06.0507 3224 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
00:49:06.0512 3224 exfat - ok
00:49:06.0535 3224 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
00:49:06.0540 3224 fastfat - ok
00:49:06.0588 3224 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
00:49:06.0614 3224 Fax - ok
00:49:06.0626 3224 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
00:49:06.0634 3224 fdc - ok
00:49:06.0649 3224 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
00:49:06.0652 3224 fdPHost - ok
00:49:06.0666 3224 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
00:49:06.0670 3224 FDResPub - ok
00:49:06.0682 3224 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
00:49:06.0689 3224 FileInfo - ok
00:49:06.0701 3224 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
00:49:06.0702 3224 Filetrace - ok
00:49:06.0790 3224 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
00:49:06.0856 3224 FLEXnet Licensing Service - ok
00:49:06.0863 3224 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
00:49:06.0866 3224 flpydisk - ok
00:49:06.0888 3224 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
00:49:06.0891 3224 FltMgr - ok
00:49:06.0935 3224 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
00:49:06.0963 3224 FontCache - ok
00:49:07.0028 3224 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:49:07.0081 3224 FontCache3.0.0.0 - ok
00:49:07.0092 3224 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
00:49:07.0094 3224 FsDepends - ok
00:49:07.0132 3224 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
00:49:07.0163 3224 Fs_Rec - ok
00:49:07.0205 3224 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
00:49:07.0210 3224 fvevol - ok
00:49:07.0241 3224 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
00:49:07.0245 3224 gagp30kx - ok
00:49:07.0298 3224 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:49:07.0327 3224 GEARAspiWDM - ok
00:49:07.0356 3224 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
00:49:07.0363 3224 gpsvc - ok
00:49:07.0384 3224 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
00:49:07.0390 3224 hcw85cir - ok
00:49:07.0427 3224 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:49:07.0468 3224 HDAudBus - ok
00:49:07.0475 3224 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
00:49:07.0477 3224 HidBatt - ok
00:49:07.0485 3224 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
00:49:07.0488 3224 HidBth - ok
00:49:07.0495 3224 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
00:49:07.0498 3224 HidIr - ok
00:49:07.0514 3224 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
00:49:07.0518 3224 hidserv - ok
00:49:07.0542 3224 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
00:49:07.0588 3224 HidUsb - ok
00:49:07.0600 3224 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
00:49:07.0622 3224 hkmsvc - ok
00:49:07.0637 3224 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
00:49:07.0640 3224 HomeGroupListener - ok
00:49:07.0670 3224 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
00:49:07.0705 3224 HomeGroupProvider - ok
00:49:07.0713 3224 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
00:49:07.0743 3224 HpSAMD - ok
00:49:07.0786 3224 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
00:49:07.0813 3224 HTTP - ok
00:49:07.0838 3224 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
00:49:07.0838 3224 hwpolicy - ok
00:49:07.0861 3224 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
00:49:07.0865 3224 i8042prt - ok
00:49:07.0915 3224 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
00:49:07.0923 3224 iaStor - ok
00:49:07.0958 3224 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
00:49:08.0036 3224 iaStorV - ok
00:49:08.0059 3224 iBtFltCoex (50b8ab6013ef9970ac85fdba0f622300) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
00:49:08.0087 3224 iBtFltCoex - ok
00:49:08.0183 3224 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
00:49:08.0221 3224 IDriverT - ok
00:49:08.0295 3224 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:49:08.0338 3224 idsvc - ok
00:49:08.0584 3224 igfx (66dc0ce2d1867b8178eaa0e11930dbd7) C:\Windows\system32\DRIVERS\igdkmd64.sys
00:49:08.0836 3224 igfx - ok
00:49:08.0874 3224 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
00:49:08.0878 3224 iirsp - ok
00:49:08.0925 3224 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
00:49:08.0952 3224 IKEEXT - ok
00:49:08.0992 3224 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
00:49:09.0053 3224 Impcd - ok
00:49:09.0103 3224 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys
00:49:09.0149 3224 intaud_WaveExtensible - ok
00:49:09.0245 3224 IntcAzAudAddService (a3c9367a02b2a1fc22536add3601b64f) C:\Windows\system32\drivers\RTKVHD64.sys
00:49:09.0394 3224 IntcAzAudAddService - ok
00:49:09.0426 3224 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
00:49:09.0477 3224 IntcDAud - ok
00:49:09.0512 3224 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
00:49:09.0514 3224 intelide - ok
00:49:09.0544 3224 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
00:49:09.0557 3224 intelppm - ok
00:49:09.0576 3224 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
00:49:09.0591 3224 IPBusEnum - ok
00:49:09.0618 3224 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:49:09.0646 3224 IpFilterDriver - ok
00:49:09.0676 3224 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
00:49:09.0679 3224 iphlpsvc - ok
00:49:09.0688 3224 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
00:49:09.0738 3224 IPMIDRV - ok
00:49:09.0746 3224 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
00:49:09.0750 3224 IPNAT - ok
00:49:09.0835 3224 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
00:49:09.0881 3224 iPod Service - ok
00:49:09.0904 3224 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
00:49:09.0905 3224 IRENUM - ok
00:49:09.0913 3224 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
00:49:09.0915 3224 isapnp - ok
00:49:09.0940 3224 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
00:49:10.0015 3224 iScsiPrt - ok
00:49:10.0048 3224 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\DRIVERS\iwdbus.sys
00:49:10.0100 3224 iwdbus - ok
00:49:10.0140 3224 JMCR (43f319de026e04b9cf9219a14bf24fe8) C:\Windows\system32\DRIVERS\jmcr.sys
00:49:10.0194 3224 JMCR - ok
00:49:10.0228 3224 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
00:49:10.0232 3224 kbdclass - ok
00:49:10.0244 3224 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
00:49:10.0272 3224 kbdhid - ok
00:49:10.0311 3224 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:49:10.0312 3224 KeyIso - ok
00:49:10.0328 3224 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
00:49:10.0332 3224 KSecDD - ok
00:49:10.0357 3224 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
00:49:10.0359 3224 KSecPkg - ok
00:49:10.0378 3224 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
00:49:10.0380 3224 ksthunk - ok
00:49:10.0419 3224 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
00:49:10.0447 3224 KtmRm - ok
00:49:10.0494 3224 L1C (0219f13ab1664005adcba884c0eb975e) C:\Windows\system32\DRIVERS\L1C62x64.sys
00:49:10.0555 3224 L1C - ok
00:49:10.0582 3224 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
00:49:10.0586 3224 LanmanServer - ok
00:49:10.0616 3224 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
00:49:10.0624 3224 LanmanWorkstation - ok
00:49:10.0656 3224 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
00:49:10.0667 3224 lltdio - ok
00:49:10.0703 3224 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
00:49:10.0721 3224 lltdsvc - ok
00:49:10.0733 3224 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
00:49:10.0747 3224 lmhosts - ok
00:49:10.0809 3224 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:49:10.0883 3224 LMS - ok
00:49:10.0916 3224 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
00:49:10.0920 3224 LSI_FC - ok
00:49:10.0931 3224 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
00:49:10.0939 3224 LSI_SAS - ok
00:49:10.0951 3224 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
00:49:10.0957 3224 LSI_SAS2 - ok
00:49:10.0966 3224 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
00:49:10.0969 3224 LSI_SCSI - ok
00:49:10.0993 3224 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
00:49:10.0997 3224 luafv - ok
00:49:11.0059 3224 McAWFwk (b6bd99c3e23507a732c474caa620c0d7) c:\PROGRA~1\mcafee\msc\mcawfwk.exe
00:49:11.0104 3224 McAWFwk - ok
00:49:11.0183 3224 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:49:11.0239 3224 McMPFSvc - ok
00:49:11.0265 3224 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:49:11.0294 3224 mcmscsvc - ok
00:49:11.0303 3224 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:49:11.0332 3224 McNaiAnn - ok
00:49:11.0353 3224 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:49:11.0382 3224 McNASvc - ok
00:49:11.0423 3224 McODS (b3914a7c97a81acb1e9befe07e4c387f) C:\Program Files\mcafee\VirusScan\mcods.exe
00:49:11.0437 3224 McODS - ok
00:49:11.0445 3224 McOobeSv (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:49:11.0484 3224 McOobeSv - ok
00:49:11.0488 3224 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
00:49:11.0518 3224 McProxy - ok
00:49:11.0538 3224 McShield (325b166bf78d8a8ad93e44ca7a6fc332) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
00:49:11.0568 3224 McShield - ok
00:49:11.0598 3224 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
00:49:11.0621 3224 Mcx2Svc - ok
00:49:11.0628 3224 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
00:49:11.0632 3224 megasas - ok
00:49:11.0653 3224 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
00:49:11.0659 3224 MegaSR - ok
00:49:11.0705 3224 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
00:49:11.0758 3224 MEIx64 - ok
00:49:11.0776 3224 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
00:49:11.0805 3224 mfeapfk - ok
00:49:11.0838 3224 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
00:49:11.0870 3224 mfeavfk - ok
00:49:11.0885 3224 mfeavfk01 - ok
00:49:11.0892 3224 mfefire (7d8fdc43972d059907e09ee4022f77e8) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
00:49:11.0921 3224 mfefire - ok
00:49:11.0937 3224 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
00:49:11.0972 3224 mfefirek - ok
00:49:12.0009 3224 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
00:49:12.0064 3224 mfehidk - ok
00:49:12.0088 3224 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
00:49:12.0139 3224 mfenlfk - ok
00:49:12.0161 3224 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
00:49:12.0191 3224 mferkdet - ok
00:49:12.0218 3224 mfevtp (8a78905057308b084eaa29a9fe1b4f58) C:\Windows\system32\mfevtps.exe
00:49:12.0248 3224 mfevtp - ok
00:49:12.0271 3224 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
00:49:12.0274 3224 mfewfpk - ok
00:49:12.0293 3224 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
00:49:12.0295 3224 MMCSS - ok
00:49:12.0320 3224 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
00:49:12.0322 3224 Modem - ok
00:49:12.0348 3224 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
00:49:12.0349 3224 monitor - ok
00:49:12.0376 3224 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
00:49:12.0380 3224 mouclass - ok
00:49:12.0407 3224 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
00:49:12.0419 3224 mouhid - ok
00:49:12.0440 3224 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
00:49:12.0441 3224 mountmgr - ok
00:49:12.0468 3224 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
00:49:12.0534 3224 mpio - ok
00:49:12.0554 3224 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
00:49:12.0559 3224 mpsdrv - ok
00:49:12.0592 3224 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
00:49:12.0652 3224 MpsSvc - ok
00:49:12.0677 3224 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
00:49:12.0710 3224 MRxDAV - ok
00:49:12.0747 3224 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:49:12.0776 3224 mrxsmb - ok
00:49:12.0810 3224 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:49:12.0814 3224 mrxsmb10 - ok
00:49:12.0826 3224 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:49:12.0830 3224 mrxsmb20 - ok
00:49:12.0866 3224 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
00:49:12.0920 3224 msahci - ok
00:49:12.0935 3224 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
00:49:12.0970 3224 msdsm - ok
00:49:12.0986 3224 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
00:49:12.0991 3224 MSDTC - ok
00:49:13.0019 3224 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
00:49:13.0021 3224 Msfs - ok
00:49:13.0047 3224 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
00:49:13.0051 3224 mshidkmdf - ok
00:49:13.0071 3224 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
00:49:13.0072 3224 msisadrv - ok
00:49:13.0110 3224 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
00:49:13.0126 3224 MSiSCSI - ok
00:49:13.0142 3224 msiserver - ok
00:49:13.0274 3224 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
00:49:13.0322 3224 MSK80Service - ok
00:49:13.0379 3224 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
00:49:13.0389 3224 MSKSSRV - ok
00:49:13.0409 3224 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
00:49:13.0413 3224 MSPCLOCK - ok
00:49:13.0426 3224 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
00:49:13.0428 3224 MSPQM - ok
00:49:13.0456 3224 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
00:49:13.0517 3224 MsRPC - ok
00:49:13.0529 3224 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
00:49:13.0532 3224 mssmbios - ok
00:49:13.0540 3224 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
00:49:13.0543 3224 MSTEE - ok
00:49:13.0563 3224 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
00:49:13.0567 3224 MTConfig - ok
00:49:13.0600 3224 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
00:49:13.0604 3224 Mup - ok
00:49:13.0671 3224 MyWiFiDHCPDNS (f02a154fde5da779e971352256e64cff) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
00:49:13.0759 3224 MyWiFiDHCPDNS - ok
00:49:13.0783 3224 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
00:49:13.0807 3224 napagent - ok
00:49:13.0837 3224 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
00:49:13.0859 3224 NativeWifiP - ok
00:49:13.0896 3224 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
00:49:13.0909 3224 NDIS - ok
00:49:13.0946 3224 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
00:49:13.0950 3224 NdisCap - ok
00:49:13.0975 3224 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
00:49:13.0986 3224 NdisTapi - ok
00:49:14.0002 3224 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
00:49:14.0041 3224 Ndisuio - ok
00:49:14.0060 3224 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
00:49:14.0089 3224 NdisWan - ok
00:49:14.0106 3224 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
00:49:14.0134 3224 NDProxy - ok
00:49:14.0142 3224 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
00:49:14.0145 3224 NetBIOS - ok
00:49:14.0161 3224 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
00:49:14.0163 3224 NetBT - ok
00:49:14.0211 3224 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:49:14.0215 3224 Netlogon - ok
00:49:14.0249 3224 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
00:49:14.0253 3224 Netman - ok
00:49:14.0314 3224 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:49:14.0316 3224 NetMsmqActivator - ok
00:49:14.0319 3224 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:49:14.0320 3224 NetPipeActivator - ok
00:49:14.0349 3224 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
00:49:14.0354 3224 netprofm - ok
00:49:14.0359 3224 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:49:14.0360 3224 NetTcpActivator - ok
00:49:14.0363 3224 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:49:14.0363 3224 NetTcpPortSharing - ok
00:49:14.0515 3224 NETwNs64 (c3fc3eee5a0ce77a02b27cfdfaf0c758) C:\Windows\system32\DRIVERS\NETwNs64.sys
00:49:14.0640 3224 NETwNs64 - ok
00:49:14.0670 3224 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
00:49:14.0673 3224 nfrd960 - ok
00:49:14.0707 3224 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
00:49:14.0717 3224 NlaSvc - ok
00:49:14.0735 3224 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
00:49:14.0738 3224 Npfs - ok
00:49:14.0752 3224 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
00:49:14.0755 3224 nsi - ok
00:49:14.0765 3224 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
00:49:14.0766 3224 nsiproxy - ok
00:49:14.0827 3224 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
00:49:14.0935 3224 Ntfs - ok
00:49:14.0946 3224 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
00:49:14.0957 3224 Null - ok
00:49:14.0984 3224 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys
00:49:15.0012 3224 nusb3hub - ok
00:49:15.0028 3224 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys
00:49:15.0057 3224 nusb3xhc - ok
00:49:15.0255 3224 nvlddmkm (573b0941a37aebee96085d56a103f57b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:49:15.0590 3224 nvlddmkm - ok
00:49:15.0598 3224 nvpciflt (43af7ebeac2ab623468e32caddcb61a4) C:\Windows\system32\DRIVERS\nvpciflt.sys
00:49:15.0628 3224 nvpciflt - ok
00:49:15.0666 3224 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
00:49:15.0718 3224 nvraid - ok
00:49:15.0745 3224 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
00:49:15.0776 3224 nvstor - ok
00:49:15.0809 3224 NVSvc (c500760572c6059918fb0c960967695b) C:\Windows\system32\nvvsvc.exe
00:49:15.0871 3224 NVSvc - ok
00:49:15.0968 3224 nvUpdatusService (f28169a7adf7b41809cf92d369e744f0) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
00:49:16.0016 3224 nvUpdatusService - ok
00:49:16.0033 3224 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
00:49:16.0038 3224 nv_agp - ok
00:49:16.0056 3224 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
00:49:16.0068 3224 ohci1394 - ok
00:49:16.0139 3224 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:49:16.0202 3224 ose - ok
00:49:16.0334 3224 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:49:16.0484 3224 osppsvc - ok
00:49:16.0510 3224 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
00:49:16.0512 3224 p2pimsvc - ok
00:49:16.0529 3224 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
00:49:16.0544 3224 p2psvc - ok
00:49:16.0569 3224 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
00:49:16.0580 3224 Parport - ok
00:49:16.0602 3224 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
00:49:16.0604 3224 partmgr - ok
00:49:16.0620 3224 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
00:49:16.0626 3224 PcaSvc - ok
00:49:16.0654 3224 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
00:49:16.0657 3224 pci - ok
00:49:16.0682 3224 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
00:49:16.0693 3224 pciide - ok
00:49:16.0723 3224 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
00:49:16.0727 3224 pcmcia - ok
00:49:16.0779 3224 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
00:49:16.0834 3224 pcouffin - ok
00:49:16.0845 3224 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
00:49:16.0847 3224 pcw - ok
00:49:16.0872 3224 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
00:49:16.0883 3224 PEAUTH - ok
00:49:16.0931 3224 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
00:49:16.0935 3224 PerfHost - ok
00:49:16.0993 3224 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
00:49:17.0091 3224 pla - ok
00:49:17.0154 3224 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
00:49:17.0167 3224 PlugPlay - ok
00:49:17.0193 3224 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
00:49:17.0194 3224 PNRPAutoReg - ok
00:49:17.0222 3224 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
00:49:17.0229 3224 PNRPsvc - ok
00:49:17.0285 3224 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
00:49:17.0338 3224 Point64 - ok
00:49:17.0370 3224 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
00:49:17.0420 3224 PolicyAgent - ok
00:49:17.0445 3224 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
00:49:17.0447 3224 Power - ok
00:49:17.0478 3224 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
00:49:17.0535 3224 PptpMiniport - ok
00:49:17.0557 3224 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
00:49:17.0560 3224 Processor - ok
00:49:17.0591 3224 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
00:49:17.0600 3224 ProfSvc - ok
00:49:17.0644 3224 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:49:17.0648 3224 ProtectedStorage - ok
00:49:17.0675 3224 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
00:49:17.0725 3224 Psched - ok
00:49:17.0748 3224 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
00:49:17.0778 3224 PxHlpa64 - ok
00:49:17.0822 3224 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
00:49:17.0887 3224 ql2300 - ok
00:49:17.0906 3224 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
00:49:17.0909 3224 ql40xx - ok
00:49:17.0926 3224 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
00:49:17.0930 3224 QWAVE - ok
00:49:17.0943 3224 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
00:49:17.0944 3224 QWAVEdrv - ok
00:49:17.0966 3224 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
00:49:17.0973 3224 RasAcd - ok
00:49:18.0009 3224 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
00:49:18.0016 3224 RasAgileVpn - ok
00:49:18.0034 3224 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
00:49:18.0038 3224 RasAuto - ok
00:49:18.0055 3224 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:49:18.0083 3224 Rasl2tp - ok
00:49:18.0102 3224 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
00:49:18.0128 3224 RasMan - ok
00:49:18.0143 3224 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
00:49:18.0148 3224 RasPppoe - ok
00:49:18.0166 3224 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
00:49:18.0169 3224 RasSstp - ok
00:49:18.0190 3224 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
00:49:18.0222 3224 rdbss - ok
00:49:18.0243 3224 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
00:49:18.0246 3224 rdpbus - ok
00:49:18.0271 3224 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:49:18.0272 3224 RDPCDD - ok
00:49:18.0299 3224 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
00:49:18.0307 3224 RDPENCDD - ok
00:49:18.0321 3224 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
00:49:18.0322 3224 RDPREFMP - ok
00:49:18.0374 3224 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
00:49:18.0420 3224 RDPWD - ok
00:49:18.0441 3224 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
00:49:18.0444 3224 rdyboost - ok
00:49:18.0544 3224 RegSrvc (3a1ef2f8d0808bece6a2fef3ea3987a5) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:49:18.0604 3224 RegSrvc - ok
00:49:18.0626 3224 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
00:49:18.0628 3224 RemoteAccess - ok
00:49:18.0645 3224 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
00:49:18.0653 3224 RemoteRegistry - ok
00:49:18.0690 3224 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
00:49:18.0695 3224 RFCOMM - ok
00:49:18.0802 3224 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
00:49:18.0906 3224 RoxMediaDB12OEM - ok
00:49:18.0959 3224 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
00:49:19.0026 3224 RoxWatch12 - ok
00:49:19.0043 3224 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
00:49:19.0045 3224 RpcEptMapper - ok
00:49:19.0064 3224 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
00:49:19.0078 3224 RpcLocator - ok
00:49:19.0100 3224 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
00:49:19.0103 3224 RpcSs - ok
00:49:19.0131 3224 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
00:49:19.0139 3224 rspndr - ok
00:49:19.0186 3224 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:49:19.0189 3224 SamSs - ok
00:49:19.0253 3224 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
00:49:19.0253 3224 SASDIFSV - ok
00:49:19.0272 3224 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
00:49:19.0273 3224 SASKUTIL - ok
00:49:19.0297 3224 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
00:49:19.0328 3224 sbp2port - ok
00:49:19.0355 3224 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
00:49:19.0358 3224 SCardSvr - ok
00:49:19.0371 3224 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
00:49:19.0372 3224 scfilter - ok
00:49:19.0400 3224 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
00:49:19.0416 3224 Schedule - ok
00:49:19.0443 3224 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
00:49:19.0444 3224 SCPolicySvc - ok
00:49:19.0492 3224 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
00:49:19.0531 3224 sdbus - ok
00:49:19.0538 3224 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
00:49:19.0561 3224 SDRSVC - ok
00:49:19.0572 3224 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
00:49:19.0574 3224 seclogon - ok
00:49:19.0592 3224 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
00:49:19.0596 3224 SENS - ok
00:49:19.0627 3224 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
00:49:19.0635 3224 SensrSvc - ok
00:49:19.0680 3224 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
00:49:19.0682 3224 Serenum - ok
00:49:19.0712 3224 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
00:49:19.0720 3224 Serial - ok
00:49:19.0743 3224 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
00:49:19.0751 3224 sermouse - ok
00:49:19.0782 3224 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
00:49:19.0784 3224 SessionEnv - ok
00:49:19.0792 3224 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
00:49:19.0795 3224 sffdisk - ok
00:49:19.0802 3224 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
00:49:19.0805 3224 sffp_mmc - ok
00:49:19.0815 3224 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
00:49:19.0859 3224 sffp_sd - ok
00:49:19.0866 3224 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
00:49:19.0870 3224 sfloppy - ok
00:49:19.0942 3224 Sftfs (d5183ed285d2795491dc15bddcbee5ad) C:\Windows\system32\DRIVERS\Sftfslh.sys
00:49:20.0012 3224 Sftfs - ok
00:49:20.0075 3224 sftlist (bfdb58616ff5ea540a5f58301d50641e) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
00:49:20.0138 3224 sftlist - ok
00:49:20.0167 3224 Sftplay (00f118b68c50d2206dd51634f9142b83) C:\Windows\system32\DRIVERS\Sftplaylh.sys
00:49:20.0199 3224 Sftplay - ok
00:49:20.0216 3224 Sftredir (76a827df5640bfe16a0cdbb4108adeca) C:\Windows\system32\DRIVERS\Sftredirlh.sys
00:49:20.0245 3224 Sftredir - ok
00:49:20.0317 3224 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
00:49:20.0368 3224 SftService - ok
00:49:20.0381 3224 Sftvol (1b4c9701645086bab8cafffce30ed284) C:\Windows\system32\DRIVERS\Sftvollh.sys
00:49:20.0409 3224 Sftvol - ok
00:49:20.0415 3224 sftvsa (b94c3c4dca2093243c76ca218ede2a97) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
00:49:20.0451 3224 sftvsa - ok
00:49:20.0479 3224 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
00:49:20.0483 3224 SharedAccess - ok
00:49:20.0504 3224 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
00:49:20.0520 3224 ShellHWDetection - ok
00:49:20.0535 3224 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
00:49:20.0539 3224 SiSRaid2 - ok
00:49:20.0554 3224 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
00:49:20.0558 3224 SiSRaid4 - ok
00:49:20.0585 3224 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
00:49:20.0597 3224 Smb - ok
00:49:20.0628 3224 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
00:49:20.0633 3224 SNMPTRAP - ok
00:49:20.0648 3224 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
00:49:20.0651 3224 spldr - ok
00:49:20.0685 3224 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
00:49:20.0698 3224 Spooler - ok
00:49:20.0796 3224 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
00:49:20.0923 3224 sppsvc - ok
00:49:20.0934 3224 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
00:49:20.0937 3224 sppuinotify - ok
00:49:20.0971 3224 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
00:49:20.0976 3224 srv - ok
00:49:21.0008 3224 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
00:49:21.0023 3224 srv2 - ok
00:49:21.0048 3224 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
00:49:21.0051 3224 srvnet - ok
00:49:21.0067 3224 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
00:49:21.0084 3224 SSDPSRV - ok
00:49:21.0101 3224 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
00:49:21.0103 3224 SstpSvc - ok
00:49:21.0138 3224 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
00:49:21.0205 3224 stdcfltn - ok
00:49:21.0270 3224 Stereo Service (0683504bbb3ffc0a73d9d217b63dd0e0) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
00:49:21.0335 3224 Stereo Service - ok
00:49:21.0360 3224 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
00:49:21.0363 3224 stexstor - ok
00:49:21.0420 3224 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
00:49:21.0498 3224 stisvc - ok
00:49:21.0534 3224 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
00:49:21.0592 3224 stllssvr - ok
00:49:21.0617 3224 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
00:49:21.0620 3224 swenum - ok
00:49:21.0649 3224 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
00:49:21.0672 3224 swprv - ok
00:49:21.0719 3224 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
00:49:21.0779 3224 SysMain - ok
00:49:21.0798 3224 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
00:49:21.0806 3224 TabletInputService - ok
00:49:21.0831 3224 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
00:49:21.0889 3224 TapiSrv - ok
00:49:21.0906 3224 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
00:49:21.0909 3224 TBS - ok
00:49:21.0992 3224 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
00:49:22.0024 3224 Tcpip - ok
00:49:22.0079 3224 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
00:49:22.0093 3224 TCPIP6 - ok
00:49:22.0108 3224 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
00:49:22.0136 3224 tcpipreg - ok
00:49:22.0159 3224 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
00:49:22.0163 3224 TDPIPE - ok
00:49:22.0199 3224 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
00:49:22.0243 3224 TDTCP - ok
00:49:22.0261 3224 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
00:49:22.0290 3224 tdx - ok
00:49:22.0302 3224 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
00:49:22.0326 3224 TermDD - ok
00:49:22.0345 3224 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
00:49:22.0352 3224 TermService - ok
00:49:22.0402 3224 TFsExDisk (48d9d00c2e0e72c3d4f52772c80355f6) C:\Windows\System32\Drivers\TFsExDisk.sys
00:49:22.0446 3224 TFsExDisk - ok
00:49:22.0463 3224 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
00:49:22.0465 3224 Themes - ok
00:49:22.0493 3224 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
00:49:22.0501 3224 THREADORDER - ok
00:49:22.0536 3224 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
00:49:22.0552 3224 TrkWks - ok
00:49:22.0595 3224 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
00:49:22.0599 3224 TrustedInstaller - ok
00:49:22.0626 3224 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:49:22.0679 3224 tssecsrv - ok
00:49:22.0700 3224 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
00:49:22.0701 3224 TsUsbFlt - ok
00:49:22.0710 3224 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
00:49:22.0761 3224 TsUsbGD - ok
00:49:22.0789 3224 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
00:49:22.0791 3224 tunnel - ok
00:49:22.0822 3224 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
00:49:22.0878 3224 TurboB - ok
00:49:22.0933 3224 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
00:49:22.0978 3224 TurboBoost - ok
00:49:22.0998 3224 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
00:49:23.0002 3224 uagp35 - ok
00:49:23.0027 3224 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
00:49:23.0092 3224 udfs - ok
00:49:23.0121 3224 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
00:49:23.0123 3224 UI0Detect - ok
00:49:23.0148 3224 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
00:49:23.0160 3224 uliagpkx - ok
00:49:23.0204 3224 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
00:49:23.0232 3224 umbus - ok
00:49:23.0250 3224 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
00:49:23.0252 3224 UmPass - ok
00:49:23.0359 3224 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:49:23.0453 3224 UNS - ok
00:49:23.0472 3224 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
00:49:23.0476 3224 upnphost - ok
00:49:23.0521 3224 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
00:49:23.0524 3224 USBAAPL64 - ok
00:49:23.0554 3224 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
00:49:23.0605 3224 usbccgp - ok
00:49:23.0626 3224 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
00:49:23.0630 3224 usbcir - ok
00:49:23.0644 3224 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
00:49:23.0695 3224 usbehci - ok
00:49:23.0724 3224 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
00:49:23.0725 3224 usbhub - ok
00:49:23.0757 3224 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
00:49:23.0813 3224 usbohci - ok
00:49:23.0833 3224 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
00:49:23.0836 3224 usbprint - ok
00:49:23.0857 3224 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:49:23.0906 3224 USBSTOR - ok
00:49:23.0944 3224 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
00:49:23.0994 3224 usbuhci - ok
00:49:24.0027 3224 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
00:49:24.0079 3224 usbvideo - ok
00:49:24.0093 3224 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
00:49:24.0096 3224 UxSms - ok
00:49:24.0143 3224 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:49:24.0147 3224 VaultSvc - ok
00:49:24.0172 3224 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
00:49:24.0175 3224 vdrvroot - ok
00:49:24.0214 3224 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
00:49:24.0255 3224 vds - ok
00:49:24.0269 3224 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
00:49:24.0272 3224 vga - ok
00:49:24.0292 3224 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
00:49:24.0295 3224 VgaSave - ok
00:49:24.0307 3224 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
00:49:24.0382 3224 vhdmp - ok
00:49:24.0389 3224 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
00:49:24.0392 3224 viaide - ok
00:49:24.0403 3224 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
00:49:24.0405 3224 volmgr - ok
00:49:24.0424 3224 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
00:49:24.0478 3224 volmgrx - ok
00:49:24.0500 3224 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
00:49:24.0533 3224 volsnap - ok
00:49:24.0556 3224 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
00:49:24.0561 3224 vsmraid - ok
00:49:24.0602 3224 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
00:49:24.0646 3224 VSS - ok
00:49:24.0667 3224 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
00:49:24.0670 3224 vwifibus - ok
00:49:24.0693 3224 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
00:49:24.0701 3224 vwififlt - ok
00:49:24.0731 3224 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
00:49:24.0742 3224 vwifimp - ok
00:49:24.0766 3224 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
00:49:24.0770 3224 W32Time - ok
00:49:24.0780 3224 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
00:49:24.0783 3224 WacomPen - ok
00:49:24.0804 3224 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:49:24.0832 3224 WANARP - ok
00:49:24.0835 3224 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:49:24.0862 3224 Wanarpv6 - ok
00:49:24.0937 3224 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
00:49:25.0025 3224 WatAdminSvc - ok
00:49:25.0059 3224 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
00:49:25.0145 3224 wbengine - ok
00:49:25.0164 3224 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
00:49:25.0167 3224 WbioSrvc - ok
00:49:25.0190 3224 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
00:49:25.0250 3224 wcncsvc - ok
00:49:25.0272 3224 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
00:49:25.0274 3224 WcsPlugInService - ok
00:49:25.0283 3224 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
00:49:25.0287 3224 Wd - ok
00:49:25.0317 3224 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
00:49:25.0344 3224 Wdf01000 - ok
00:49:25.0364 3224 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
00:49:25.0371 3224 WdiServiceHost - ok
00:49:25.0381 3224 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
00:49:25.0387 3224 WdiSystemHost - ok
00:49:25.0416 3224 wdkmd (63ce387483e74a0bd79ee4e5eba1fd2e) C:\Windows\system32\DRIVERS\WDKMD.sys
00:49:25.0444 3224 wdkmd - ok
00:49:25.0459 3224 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
00:49:25.0463 3224 WebClient - ok
00:49:25.0473 3224 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
00:49:25.0480 3224 Wecsvc - ok
00:49:25.0511 3224 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
00:49:25.0518 3224 wercplsupport - ok
00:49:25.0552 3224 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
00:49:25.0566 3224 WerSvc - ok
00:49:25.0590 3224 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
00:49:25.0593 3224 WfpLwf - ok
00:49:25.0630 3224 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
00:49:25.0679 3224 WimFltr - ok
00:49:25.0687 3224 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
00:49:25.0689 3224 WIMMount - ok
00:49:25.0714 3224 WinDefend - ok
00:49:25.0724 3224 WinHttpAutoProxySvc - ok
00:49:25.0774 3224 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
00:49:25.0782 3224 Winmgmt - ok
00:49:25.0830 3224 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
00:49:25.0866 3224 WinRM - ok
00:49:25.0923 3224 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
00:49:25.0976 3224 WinUsb - ok
00:49:26.0004 3224 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
00:49:26.0040 3224 Wlansvc - ok
00:49:26.0104 3224 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:49:26.0157 3224 wlcrasvc - ok
00:49:26.0232 3224 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:49:26.0290 3224 wlidsvc - ok
00:49:26.0324 3224 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
00:49:26.0325 3224 WmiAcpi - ok
00:49:26.0376 3224 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
00:49:26.0381 3224 wmiApSrv - ok
00:49:26.0416 3224 WMPNetworkSvc - ok
00:49:26.0451 3224 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
00:49:26.0453 3224 WPCSvc - ok
00:49:26.0465 3224 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
00:49:26.0489 3224 WPDBusEnum - ok
00:49:26.0496 3224 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
00:49:26.0497 3224 ws2ifsl - ok
00:49:26.0515 3224 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
00:49:26.0518 3224 wscsvc - ok
00:49:26.0525 3224 WSearch - ok
00:49:26.0603 3224 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
00:49:26.0677 3224 wuauserv - ok
00:49:26.0691 3224 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
00:49:26.0719 3224 WudfPf - ok
00:49:26.0746 3224 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:49:26.0775 3224 WUDFRd - ok
00:49:26.0793 3224 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
00:49:26.0795 3224 wudfsvc - ok
00:49:26.0811 3224 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
00:49:26.0815 3224 WwanSvc - ok
00:49:26.0843 3224 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
00:49:26.0909 3224 \Device\Harddisk0\DR0 - ok
00:49:26.0915 3224 Boot (0x1200) (5469d5c151925f6f312b7c8accba5227) \Device\Harddisk0\DR0\Partition0
00:49:26.0918 3224 \Device\Harddisk0\DR0\Partition0 - ok
00:49:26.0928 3224 Boot (0x1200) (887283dad51f5ec7d226b0f64c44139c) \Device\Harddisk0\DR0\Partition1
00:49:26.0931 3224 \Device\Harddisk0\DR0\Partition1 - ok
00:49:26.0932 3224 ============================================================
00:49:26.0932 3224 Scan finished
00:49:26.0932 3224 ============================================================
00:49:26.0949 11044 Detected object count: 0
00:49:26.0949 11044 Actual detected object count: 0


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-04-13 00:59:35
Windows 6.1.7601 Service Pack 1
Running: 5y2fiqjl.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\88532e353382
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\88532e353382@0cdfa47fcdc8 0x60 0x7B 0x23 0xE0 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\88532e353382@44f45995f54e 0xCD 0xB3 0xA8 0x33 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\88532e353382@184617e8f395 0xDA 0x9E 0x9A 0xF0 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\88532e353382@143605c6b279 0x18 0x43 0x3C 0x4D ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\88532e353382 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\88532e353382@0cdfa47fcdc8 0x60 0x7B 0x23 0xE0 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\88532e353382@44f45995f54e 0xCD 0xB3 0xA8 0x33 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\88532e353382@184617e8f395 0xDA 0x9E 0x9A 0xF0 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\88532e353382@143605c6b279 0x18 0x43 0x3C 0x4D ...
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Sammi\Documents\Natural Threat \x2013 Ominous Shores\Natural Threat \x2013 Ominous Shores.exe 1

---- EOF - GMER 1.0.15 ----



#7 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:24 PM

Posted 16 April 2012 - 02:04 PM

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

#8 Depraved

Depraved
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Local time:02:24 PM

Posted 16 April 2012 - 06:40 PM

MiniToolBox by Farbar Version: 18-01-2012
Ran by Sammi (administrator) on 16-04-2012 at 16:36:09
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6230 = Wireless Network Connection (Connected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Sammi-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 88-53-2E-35-33-7F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 88-53-2E-35-33-7F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 88-53-2E-35-33-82
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6230
Physical Address. . . . . . . . . : 88-53-2E-35-33-7E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6491:74e5:1367:3ddd%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.81(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : April-13-12 2:08:54 PM
Lease Expires . . . . . . . . . . : April-17-12 4:34:24 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 243815214
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-0D-76-90-84-8F-69-AB-4B-32
DNS Servers . . . . . . . . . . . : 192.168.1.254
75.153.176.9
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : va.shawcable.net
Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 84-8F-69-AB-4B-32
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{292D15AA-00AB-4CB8-9BFA-CAD18F841AA8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{CB91F7B0-5B04-4DCC-835C-D2B1FFFFC1C0}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:280a:1cda:e8ef:de96(Preferred)
Link-local IPv6 Address . . . . . : fe80::280a:1cda:e8ef:de96%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{F0320CF9-B2BB-4B8D-A78E-B6F41A273C8B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F8CBD8CC-7B9C-42A1-B2D6-F69F19C9EDAF}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.va.shawcable.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: google.com
Addresses: 173.194.33.38
173.194.33.33
173.194.33.34
173.194.33.41
173.194.33.32
173.194.33.36
173.194.33.35
173.194.33.46
173.194.33.37
173.194.33.39
173.194.33.40


Pinging google.com [173.194.33.36] with 32 bytes of data:
Reply from 173.194.33.36: bytes=32 time=15ms TTL=55
Reply from 173.194.33.36: bytes=32 time=12ms TTL=55

Ping statistics for 173.194.33.36:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 12ms, Maximum = 15ms, Average = 13ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=97ms TTL=48
Reply from 98.139.183.24: bytes=32 time=112ms TTL=48

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 97ms, Maximum = 112ms, Average = 104ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...88 53 2e 35 33 7f ......Microsoft Virtual WiFi Miniport Adapter #2
16...88 53 2e 35 33 7f ......Microsoft Virtual WiFi Miniport Adapter
15...88 53 2e 35 33 82 ......Bluetooth Device (Personal Area Network)
13...88 53 2e 35 33 7e ......Intel® Centrino® Advanced-N 6230
11...84 8f 69 ab 4b 32 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.81 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.81 281
192.168.1.81 255.255.255.255 On-link 192.168.1.81 281
192.168.1.255 255.255.255.255 On-link 192.168.1.81 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.81 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.81 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 58 ::/0 On-link
1 306 ::1/128 On-link
18 58 2001::/32 On-link
18 306 2001:0:4137:9e76:280a:1cda:e8ef:de96/128
On-link
13 281 fe80::/64 On-link
18 306 fe80::/64 On-link
18 306 fe80::280a:1cda:e8ef:de96/128
On-link
13 281 fe80::6491:74e5:1367:3ddd/128
On-link
1 306 ff00::/8 On-link
18 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/16/2012 04:10:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10436

Error: (04/16/2012 04:10:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10436

Error: (04/16/2012 04:10:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/16/2012 04:10:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5475

Error: (04/16/2012 04:10:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5475

Error: (04/16/2012 04:10:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/16/2012 04:10:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14404337

Error: (04/16/2012 04:10:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14404337

Error: (04/16/2012 04:10:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/16/2012 04:10:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14403339


System errors:
=============
Error: (04/16/2012 10:09:18 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (04/15/2012 09:11:42 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (04/13/2012 02:10:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/11/2012 09:45:24 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MARY-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{292D15AA-00AB-4CB8-9BFA-CAD18F841AA8}.
The master browser is stopping or an election is being forced.

Error: (04/11/2012 06:44:44 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/05/2012 11:11:30 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/05/2012 10:22:07 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/05/2012 10:21:37 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/05/2012 08:55:11 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/05/2012 00:23:19 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.


Microsoft Office Sessions:
=========================
Error: (04/16/2012 04:10:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10436

Error: (04/16/2012 04:10:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10436

Error: (04/16/2012 04:10:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/16/2012 04:10:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5475

Error: (04/16/2012 04:10:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5475

Error: (04/16/2012 04:10:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/16/2012 04:10:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14404337

Error: (04/16/2012 04:10:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14404337

Error: (04/16/2012 04:10:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/16/2012 04:10:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14403339


=========================== Installed Programs ============================

AC3Filter 1.63b (Version: 1.63b)
AccelerometerP11 (Version: 2.00.11.22)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.233)
Adobe Reader X (10.1.2) MUI (Version: 10.1.2)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
BitTorrent (Version: 7.5.0)
Bonjour (Version: 3.0.0.10)
Burger Bustle (Version: 1.0.0)
CCleaner (Version: 3.16)
ConvertXtoDVD 2.2.3.258 (Version: 2.2.3.258)
Cozi (Version: 1.0.6505.38692)
Cypress TrackPad (Version: 2.3.6.5)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.5.201.0)
Dell PhotoStage (Version: 1.5.0.67)
Dell Stage (Version: 1.7.209.0)
Dell Support Center (Version: 3.1.5907.29)
Dell VideoStage (Version: 1.2.0.1712)
Dell Webcam Central (Version: 2.00.44)
DirectX 9 Runtime (Version: 1.00.0000)
DivX Setup (Version: 2.6.1.5)
ESET Online Scanner v3
Google Chrome (Version: 18.0.1025.162)
Google Earth Plug-in (Version: 6.2.1.6014)
Google Update Helper (Version: 1.3.21.111)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2321)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 1.0.2.0511)
Intel® PROSet/Wireless WiFi Software (Version: 14.1.2000)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
Intel® WiDi (Version: 2.1.39.0)
Intel® Wireless Display
iTunes (Version: 10.6.0.40)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
Legends of Atlantis - Exodus (Version: 1.0.0)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
McAfee SecurityCenter (Version: 11.0.654)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.0.61118.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mobipocket Reader 6.2 (Version: 6.2.608)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML4 Parser (Version: 1.0.0)
Next Generation Visualisations (Version: 1.0.0)
NVIDIA 3D Vision Driver 268.30 (Version: 268.30)
NVIDIA Control Panel 268.30 (Version: 268.30)
NVIDIA Graphics Driver 268.30 (Version: 268.30)
NVIDIA HD Audio Driver 1.2.22.1 (Version: 1.2.22.1)
NVIDIA Install Application (Version: 2.265.41.0)
NVIDIA Optimus 1.0.21 (Version: 1.0.21)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6830)
NVIDIA Update Components (Version: 1.0.21)
PhotoShowExpress (Version: 2.0.063)
Plant Tycoon (Version: 1.01)
Quickset64 (Version: 11.0.21)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6383)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Samsung New PC Studio (Version: 1.00.0000)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.650.0)
Skype™ 4.2 (Version: 4.2.169)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SUPERAntiSpyware (Version: 5.0.1146)
swMSM (Version: 12.0.0.1)
TrustedID (Version: 5.0)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 1.1.11 (Version: 1.1.11)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.10 beta 1 (64-bit) (Version: 4.10.1)
Zoo Tycoon 2 - Extinct Animals (Version: 1.00.0000)

========================= Memory info: ===================================

Percentage of memory in use: 22%
Total physical RAM: 8086.17 MB
Available physical RAM: 6304.86 MB
Total Pagefile: 16170.53 MB
Available Pagefile: 12994.29 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.29 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:679 GB) (Free:558.36 GB) NTFS

========================= Users: ========================================

User accounts for \\SAMMI-PC

Administrator Guest Sammi
UpdatusUser

========================= Minidump Files ==================================

No minidump file found

**** End of log ****



#9 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:24 PM

Posted 21 April 2012 - 12:23 PM

Please follow the instructions in ==>Malware Removal and Log Section Preparation Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

Most importantly please be patient till you get a reply to your topic. If you receive a reply from the HelpBot, then please follow the instructions outlined in the helpbot's post.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users