Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suddenly I get a FAP message that I am using too much bandwidth


  • Please log in to reply
25 replies to this topic

#1 mojavemystic

mojavemystic

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Ohio
  • Local time:04:25 AM

Posted 05 July 2012 - 07:13 PM

Hello,
Two days ago I clicked a link that was supposed to direct me to an online video tutorial. The link took me to my email sign in page instead and absent mindedly, I logged in. The next day I was locked out of my email, but changing my password allowed me to get back in. Then today I get an email from my internet provider stating: "To ensure that all DISH Network customers have equitable access to the satellite network, we have set a rolling 30-day limit on data customer usage per customer, called Usage Threshold, which is detailed in our Fair Access Policy (FAP).
DISH Network has been made aware that your bandwidth usage over the past 30 days is approaching the Usage Threshold. As a result, we suggest that you decrease your usage of the service to ensure that your service speed is not lowered temporarily, in accordance with the FAP."

Here is the problem: I have not used my computer more than I usually do. In fact, have used it LESS as I took a week vacation from work and we had a 24 hour power outage due to storms. There is no way I could be reaching the limit.

In addition to the message, my hard drive had been cycling like crazy! I have experienced no other oddities with my connection other than what I stated. I would like some help with this issue and hope you can provide it.

Sincerely,

Joy
Spelunking Rocks!

BC AdBot (Login to Remove)

 


#2 mojavemystic

mojavemystic
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Ohio
  • Local time:04:25 AM

Posted 05 July 2012 - 07:15 PM

In addition, I should add that I use Norton's anti-Virus (husband insists and I do not like it) and I used Super Anti Spyware to see if it could detect anything. It only found cookies and App Data/Roaming files.
Spelunking Rocks!

#3 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:25 AM

Posted 05 July 2012 - 07:42 PM

Can you post the log from Super Anti-Spyware?

As well can you run the below scans:


Please download and run Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Malwarebytes Anti-Malware

NOTEMalwarebytes is now offering a free trial of their program, if you want to accept it you will need to enter some billing information, so that at the end of the trial you would be charged the cost of the product. Please decline this offer, if you are unable to provide billing information. If you want to try it out, then provide the billing information.

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.


Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


#4 mojavemystic

mojavemystic
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Ohio
  • Local time:04:25 AM

Posted 05 July 2012 - 08:01 PM

I will be able to post some tonight and then the rest Monday of next week. I really do appreciate your time in this. Thank you.

Edited by mojavemystic, 05 July 2012 - 08:24 PM.

Spelunking Rocks!

#5 mojavemystic

mojavemystic
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Ohio
  • Local time:04:25 AM

Posted 05 July 2012 - 08:05 PM

RESULTS OF SECURITY CHECK:

Results of screen317's Security Check version 0.99.42
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
SUPERAntiSpyware
JavaFX 2.1.1
Java™ 6 Update 32
Java™ 7 Update 5
Java™ SE Runtime Environment 6 Update 1
Java™ 6 Update 3
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 10.0.32.18 Flash Player out of Date!
Adobe Reader 8 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1 %
````````````````````End of Log``````````````````````
Spelunking Rocks!

#6 mojavemystic

mojavemystic
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Ohio
  • Local time:04:25 AM

Posted 05 July 2012 - 08:21 PM

Super anti Spyware Log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/05/2012 at 09:07 PM

Application Version : 5.5.1006

Core Rules Database Version : 8853
Trace Rules Database Version: 6665

Scan type : Complete Scan
Total Scan Time : 01:19:44

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC Off - Administrator (Limited User)

Memory items scanned : 627
Memory threats detected : 0
Registry items scanned : 37407
Registry threats detected : 2
File items scanned : 49242
File threats detected : 332

Adware.Tracking Cookie
C:\USERS\GUEST\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@doubleclick[1].txt [ Cookie:guest@doubleclick.net/ ]
C:\USERS\GUEST\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@advertising[2].txt [ Cookie:guest@advertising.com/ ]
C:\USERS\GUEST\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@ads.revsci[1].txt [ Cookie:guest@ads.revsci.net/adserver ]
C:\USERS\JOY\AppData\Roaming\Microsoft\Windows\Cookies\Low\9RXJ1OEE.txt [ Cookie:joy@accounts.google.com/ ]
C:\USERS\JOY\AppData\Roaming\Microsoft\Windows\Cookies\Low\D23U5I3D.txt [ Cookie:joy@www.google.com/accounts ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\XSZNISUH.txt [ Cookie:norm@adbrite.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\5GZZHTDY.txt [ Cookie:norm@www.tirediscounters.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\9RDP3QAM.txt [ Cookie:norm@tacoda.at.atwola.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\C1ALCETU.txt [ Cookie:norm@geconsumerfinance.112.2o7.net/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\ASDGWJP8.txt [ Cookie:norm@adxpose.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\M921IPTG.txt [ Cookie:norm@dc.tremormedia.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\3KRDKYEU.txt [ Cookie:norm@careers.peopleclick.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\9TP256R4.txt [ Cookie:norm@interclick.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\6IHNLWYV.txt [ Cookie:norm@revsci.net/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\G7N4EIYP.txt [ Cookie:norm@zedo.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\M24OXD9O.txt [ Cookie:norm@fastclick.net/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\20ZWXPYD.txt [ Cookie:norm@imrworldwide.com/cgi-bin ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\VTANAAPQ.txt [ Cookie:norm@liveperson.net/hc/69606660 ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\KMQWHN1C.txt [ Cookie:norm@casalemedia.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\8DKYZPPD.txt [ Cookie:norm@advertising.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\I8XXR8S8.txt [ Cookie:norm@ads.pointroll.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\3F2NAGOP.txt [ Cookie:norm@media6degrees.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\ATV8ANW8.txt [ Cookie:norm@lucidmedia.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\JNHATMPM.txt [ Cookie:norm@at.atwola.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\XLQ984R4.txt [ Cookie:norm@www.blueprintfinder.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\FQY81SHT.txt [ Cookie:norm@www.highlandcountypress.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\1VUEP0M6.txt [ Cookie:norm@specificclick.net/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\80Y4953C.txt [ Cookie:norm@kanoodle.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\YAL17IUR.txt [ Cookie:norm@e-2dj6wfmieoczohp.stats.esomniture.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\LS1GKYTN.txt [ Cookie:norm@apmebf.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\1ESLHLAX.txt [ Cookie:norm@legolas-media.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\MD28QPX3.txt [ Cookie:norm@ru4.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\81SCBI95.txt [ Cookie:norm@atwola.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\4AIZI5BV.txt [ Cookie:norm@serving-sys.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\Q1C53J1N.txt [ Cookie:norm@liveperson.net/hc/37457093 ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\5GP4ED7A.txt [ Cookie:norm@www.google.com/accounts ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\EX3QOLVF.txt [ Cookie:norm@a1.interclick.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\KBPZCT4O.txt [ Cookie:norm@amazon-adsystem.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\AOKIOE57.txt [ Cookie:norm@tribalfusion.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\9CAP6OT5.txt [ Cookie:norm@steelhousemedia.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\I6MR0RXJ.txt [ Cookie:norm@pointroll.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\X5U9ZQP3.txt [ Cookie:norm@questionmarket.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\U4YW88K3.txt [ Cookie:norm@yieldmanager.net/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\QJ84DMXP.txt [ Cookie:norm@doubleclick.net/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\O2LI6P0W.txt [ Cookie:norm@stats.ebay.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\I1ASCBZI.txt [ Cookie:norm@invitemedia.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\EA00S0V1.txt [ Cookie:norm@collective-media.net/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\JG5CNXY5.txt [ Cookie:norm@nextag.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\2SYY75WP.txt [ Cookie:norm@e-2dj6wfmyolczscp.stats.esomniture.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\8438MU6Z.txt [ Cookie:norm@ox-d.mediaforge.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\0WXCB5EL.txt [ Cookie:norm@solvemedia.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\JUPDT84N.txt [ Cookie:norm@accounts.google.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\XEF43YT9.txt [ Cookie:norm@pro-market.net/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\J75XVIUT.txt [ Cookie:norm@banner.motorcycle-usa.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\FDVA8JY3.txt [ Cookie:norm@statse.webtrendslive.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\TH10X9PX.txt [ Cookie:norm@intermundomedia.com/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\KR6CW76B.txt [ Cookie:norm@liveperson.net/ ]
C:\USERS\NORM\AppData\Roaming\Microsoft\Windows\Cookies\SZ1V3ZM1.txt [ Cookie:norm@clickbooth.com/ ]
C:\USERS\NORM\Cookies\XSZNISUH.txt [ Cookie:norm@adbrite.com/ ]
C:\USERS\NORM\Cookies\5GZZHTDY.txt [ Cookie:norm@www.tirediscounters.com/ ]
C:\USERS\NORM\Cookies\9RDP3QAM.txt [ Cookie:norm@tacoda.at.atwola.com/ ]
C:\USERS\NORM\Cookies\C1ALCETU.txt [ Cookie:norm@geconsumerfinance.112.2o7.net/ ]
C:\USERS\NORM\Cookies\ASDGWJP8.txt [ Cookie:norm@adxpose.com/ ]
C:\USERS\NORM\Cookies\M921IPTG.txt [ Cookie:norm@dc.tremormedia.com/ ]
C:\USERS\NORM\Cookies\3KRDKYEU.txt [ Cookie:norm@careers.peopleclick.com/ ]
C:\USERS\NORM\Cookies\9TP256R4.txt [ Cookie:norm@interclick.com/ ]
C:\USERS\NORM\Cookies\6IHNLWYV.txt [ Cookie:norm@revsci.net/ ]
C:\USERS\NORM\Cookies\G7N4EIYP.txt [ Cookie:norm@zedo.com/ ]
C:\USERS\NORM\Cookies\M24OXD9O.txt [ Cookie:norm@fastclick.net/ ]
C:\USERS\NORM\Cookies\20ZWXPYD.txt [ Cookie:norm@imrworldwide.com/cgi-bin ]
C:\USERS\NORM\Cookies\VTANAAPQ.txt [ Cookie:norm@liveperson.net/hc/69606660 ]
C:\USERS\NORM\Cookies\KMQWHN1C.txt [ Cookie:norm@casalemedia.com/ ]
C:\USERS\NORM\Cookies\8DKYZPPD.txt [ Cookie:norm@advertising.com/ ]
C:\USERS\NORM\Cookies\I8XXR8S8.txt [ Cookie:norm@ads.pointroll.com/ ]
C:\USERS\NORM\Cookies\3F2NAGOP.txt [ Cookie:norm@media6degrees.com/ ]
C:\USERS\NORM\Cookies\ATV8ANW8.txt [ Cookie:norm@lucidmedia.com/ ]
C:\USERS\NORM\Cookies\JNHATMPM.txt [ Cookie:norm@at.atwola.com/ ]
C:\USERS\NORM\Cookies\XLQ984R4.txt [ Cookie:norm@www.blueprintfinder.com/ ]
C:\USERS\NORM\Cookies\FQY81SHT.txt [ Cookie:norm@www.highlandcountypress.com/ ]
C:\USERS\NORM\Cookies\1VUEP0M6.txt [ Cookie:norm@specificclick.net/ ]
C:\USERS\NORM\Cookies\80Y4953C.txt [ Cookie:norm@kanoodle.com/ ]
C:\USERS\NORM\Cookies\YAL17IUR.txt [ Cookie:norm@e-2dj6wfmieoczohp.stats.esomniture.com/ ]
C:\USERS\NORM\Cookies\LS1GKYTN.txt [ Cookie:norm@apmebf.com/ ]
C:\USERS\NORM\Cookies\1ESLHLAX.txt [ Cookie:norm@legolas-media.com/ ]
C:\USERS\NORM\Cookies\MD28QPX3.txt [ Cookie:norm@ru4.com/ ]
C:\USERS\NORM\Cookies\81SCBI95.txt [ Cookie:norm@atwola.com/ ]
C:\USERS\NORM\Cookies\4AIZI5BV.txt [ Cookie:norm@serving-sys.com/ ]
C:\USERS\NORM\Cookies\Q1C53J1N.txt [ Cookie:norm@liveperson.net/hc/37457093 ]
C:\USERS\NORM\Cookies\5GP4ED7A.txt [ Cookie:norm@www.google.com/accounts ]
C:\USERS\NORM\Cookies\EX3QOLVF.txt [ Cookie:norm@a1.interclick.com/ ]
C:\USERS\NORM\Cookies\KBPZCT4O.txt [ Cookie:norm@amazon-adsystem.com/ ]
C:\USERS\NORM\Cookies\AOKIOE57.txt [ Cookie:norm@tribalfusion.com/ ]
C:\USERS\NORM\Cookies\9CAP6OT5.txt [ Cookie:norm@steelhousemedia.com/ ]
C:\USERS\NORM\Cookies\I6MR0RXJ.txt [ Cookie:norm@pointroll.com/ ]
C:\USERS\NORM\Cookies\X5U9ZQP3.txt [ Cookie:norm@questionmarket.com/ ]
C:\USERS\NORM\Cookies\U4YW88K3.txt [ Cookie:norm@yieldmanager.net/ ]
C:\USERS\NORM\Cookies\QJ84DMXP.txt [ Cookie:norm@doubleclick.net/ ]
C:\USERS\NORM\Cookies\O2LI6P0W.txt [ Cookie:norm@stats.ebay.com/ ]
C:\USERS\NORM\Cookies\I1ASCBZI.txt [ Cookie:norm@invitemedia.com/ ]
C:\USERS\NORM\Cookies\EA00S0V1.txt [ Cookie:norm@collective-media.net/ ]
C:\USERS\NORM\Cookies\JG5CNXY5.txt [ Cookie:norm@nextag.com/ ]
C:\USERS\NORM\Cookies\2SYY75WP.txt [ Cookie:norm@e-2dj6wfmyolczscp.stats.esomniture.com/ ]
C:\USERS\NORM\Cookies\8438MU6Z.txt [ Cookie:norm@ox-d.mediaforge.com/ ]
C:\USERS\NORM\Cookies\0WXCB5EL.txt [ Cookie:norm@solvemedia.com/ ]
C:\USERS\NORM\Cookies\JUPDT84N.txt [ Cookie:norm@accounts.google.com/ ]
C:\USERS\NORM\Cookies\XEF43YT9.txt [ Cookie:norm@pro-market.net/ ]
C:\USERS\NORM\Cookies\J75XVIUT.txt [ Cookie:norm@banner.motorcycle-usa.com/ ]
C:\USERS\NORM\Cookies\FDVA8JY3.txt [ Cookie:norm@statse.webtrendslive.com/ ]
C:\USERS\NORM\Cookies\TH10X9PX.txt [ Cookie:norm@intermundomedia.com/ ]
C:\USERS\NORM\Cookies\KR6CW76B.txt [ Cookie:norm@liveperson.net/ ]
C:\USERS\NORM\Cookies\SZ1V3ZM1.txt [ Cookie:norm@clickbooth.com/ ]
C:\USERS\GUEST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GUEST@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
.imrworldwide.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.care2.112.2o7.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wstat.wibiya.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.saymedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.247realmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultswim.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.microsoftsto.112.2o7.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c1.atdmt.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.cannaclicks.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserver.avalonsunsplash.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dmtracker.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.survey.g.doubleclick.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rtst.122.2o7.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wjmiokajkdo.stats.esomniture.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
insight.torbit.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
dc.tremormedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstnet.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.msnbc.112.2o7.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.420click.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
matcher.realmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
network.realmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbooth.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cdn.lfstmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cdn.lfstmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dminsite.112.2o7.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mm.chitika.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wjlowjdjaep.stats.esomniture.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6afkiggcjelp.stats.esomniture.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.bridgetrack.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.bridgetrack.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.bridgetrack.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.bridgetrack.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.paypal.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.paypal.112.2o7.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.prd1.netshelter.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
myaccount.dishmail.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
myaccount.dishmail.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
myaccount.dishmail.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
myaccount.dishmail.net [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\JOY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
core.insightexpressai.com [ C:\USERS\NORM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BLFCJA7N ]
ia.media-imdb.com [ C:\USERS\NORM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BLFCJA7N ]
media.nbcwashington.com [ C:\USERS\NORM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BLFCJA7N ]
s0.2mdn.net [ C:\USERS\NORM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BLFCJA7N ]
vhss-a.oddcast.com [ C:\USERS\NORM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BLFCJA7N ]

Virus.FunLove
D:\HP\APPS\APP13356\SRC\INSNTMSI.EXE

Adware.CouponBar
HKU\S-1-5-21-2851053518-1522930678-3806364449-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{5BED3930-2E9E-76D8-BACC-80DF2188D455}
HKCR\CLSID\{5BED3930-2E9E-76D8-BACC-80DF2188D455}

Heur.Agent/Gen-WhiteBox
C:\USERS\JOY\DOWNLOADS\AVAST.EXE

PUP.CNETInstaller
C:\USERS\NORM\DOWNLOADS\CNET_WB_ZIP.EXE
Spelunking Rocks!

#7 mojavemystic

mojavemystic
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Ohio
  • Local time:04:25 AM

Posted 05 July 2012 - 08:42 PM

After I ran the Super anti spyware I either quarantined or deleted what it found. The Malwarebytes log is forthcoming.
Spelunking Rocks!

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:25 AM

Posted 05 July 2012 - 08:54 PM

kk I will check in the morning when I get to work

#9 mojavemystic

mojavemystic
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Ohio
  • Local time:04:25 AM

Posted 06 July 2012 - 05:17 AM

Here is the Malwarebytes log:


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.06.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
norm :: NORM-PC [administrator]

7/5/2012 9:17:46 PM
mbam-log-2012-07-05 (21-17-46).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 401425
Time elapsed: 1 hour(s), 14 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
Spelunking Rocks!

#10 mojavemystic

mojavemystic
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Ohio
  • Local time:04:25 AM

Posted 06 July 2012 - 05:40 AM

Usage Meter
Downloaded Uploaded
Your usage 5,351 MB 867 MB
Your usage threshold 7,500 MB 2,300 MB
Percent used 71.4 % 37.7 %

That is probably difficult to read, but the problem lies with the download useage. It states that my download usage for the last 40 days is at 71.4% which is impossible as I have only downloaded the programs to complete your requests!! It says that I downloaded 7,500 MB of information to the internet. My husband has not downloaded anything either.
Spelunking Rocks!

#11 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:25 AM

Posted 06 July 2012 - 07:05 AM

No that is your max. You have another 29% to go before you meet your threshold.

#12 mojavemystic

mojavemystic
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Ohio
  • Local time:04:25 AM

Posted 06 July 2012 - 07:29 PM

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-07-06 20:20:20
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\00000092 Hitachi_ rev.V5CO
Running: lk2glmny.exe; Driver: C:\Users\norm\AppData\Local\Temp\kwldqpoc.sys


---- System - GMER 1.0.15 ----

SSDT 91BF64E0 ZwAlertResumeThread
SSDT 91BF65C0 ZwAlertThread
SSDT 91BF6FC0 ZwAllocateVirtualMemory
SSDT 91AC95F0 ZwAlpcConnectPort
SSDT 91BF7C40 ZwAssignProcessToJobObject
SSDT 91BF6230 ZwCreateMutant
SSDT 91BF7960 ZwCreateSymbolicLinkObject
SSDT 91BF54C0 ZwCreateThread
SSDT 91BF7D20 ZwDebugActiveProcess
SSDT 91BF5188 ZwDuplicateObject
SSDT 91BF6DE0 ZwFreeVirtualMemory
SSDT 91BF6320 ZwImpersonateAnonymousToken
SSDT 91BF6400 ZwImpersonateThread
SSDT 91AC9578 ZwLoadDriver
SSDT 91BF6CE0 ZwMapViewOfSection
SSDT 91BF6150 ZwOpenEvent
SSDT 91BF5368 ZwOpenProcess
SSDT 91BF50A8 ZwOpenProcessToken
SSDT 91BF7F48 ZwOpenSection
SSDT 91BF5278 ZwOpenThread
SSDT 91BF7B50 ZwProtectVirtualMemory
SSDT 91BF66A0 ZwResumeThread
SSDT 91BF7008 ZwSetContextThread
SSDT 91BF6B10 ZwSetInformationProcess
SSDT 91BF7E00 ZwSetSystemInformation
SSDT 91BF6070 ZwSuspendProcess
SSDT 91BF6780 ZwSuspendThread
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS ZwTerminateProcess [0x92642640]
SSDT 91BF6860 ZwTerminateThread
SSDT 91BF6C00 ZwUnmapViewOfSection
SSDT 91BF6ED0 ZwWriteVirtualMemory
SSDT 91BF7A50 ZwCreateThreadEx

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 11D 820B58A0 8 Bytes [E0, 64, BF, 91, C0, 65, BF, ...] {LOOPNZ 0x66; MOV EDI, 0xbf65c091; XCHG ECX, EAX}
.text ntkrnlpa.exe!KeSetEvent + 131 820B58B4 4 Bytes [C0, 6F, BF, 91] {SHR BYTE [EDI-0x41], 0x91}
.text ntkrnlpa.exe!KeSetEvent + 13D 820B58C0 4 Bytes [F0, 95, AC, 91]
.text ntkrnlpa.exe!KeSetEvent + 191 820B5914 4 Bytes [40, 7C, BF, 91] {INC EAX; JL 0xffffffffffffffc2; XCHG ECX, EAX}
.text ntkrnlpa.exe!KeSetEvent + 1F5 820B5978 4 Bytes [30, 62, BF, 91] {XOR [EDX-0x41], AH; XCHG ECX, EAX}
.text ...
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8E80B340, 0x3DA8C7, 0xE8000020]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [738B7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7390A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [738BBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [738AF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [738B75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [738AE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [738E8395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [738BDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [738AFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [738AFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [738A71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7393CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [738DC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [738AD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [738A6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [738A687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2716] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [738B2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
Spelunking Rocks!

#13 mojavemystic

mojavemystic
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Ohio
  • Local time:04:25 AM

Posted 06 July 2012 - 07:51 PM

Farbar Service Scanner Version: 02-07-2012
Ran by Joy on 06-07-2012 at 20:48:45
Running from "C:\Users\Joy\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Nsi Service is not running. Checking service configuration:
The start type of Nsi service is OK.
The ImagePath of Nsi service is OK.
Checking ServiceDll: ATTENTION!=====> Unable to open Nsi registry key. The service key does not exist.

nsiproxy Service is not running. Checking service configuration:
The start type of nsiproxy service is OK.
The ImagePath of nsiproxy service is OK.

tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.


Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.

winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt: "%systemroot%\system32\svchost.exe -k netsvcs".
The ServiceDll of winmgmt service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.

cryptsvc Service is not running. Checking service configuration:
The start type of cryptsvc service is OK.
The ImagePath of cryptsvc service is OK.
The ServiceDll of cryptsvc service is OK.


Windows Autoupdate Disabled Policy:
============================

PlugPlay Service is not running. Checking service configuration:
The start type of PlugPlay service is OK.
The ImagePath of PlugPlay service is OK.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
Spelunking Rocks!

#14 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:25 AM

Posted 07 July 2012 - 08:09 AM

I am seeing nothing malicious in any of your scans. The only thing i see that is an issue is one of your service's has a registry key missing.

Please download and run TDSS Killer and if it asks you to fix anything, then please dont. Post the log that is generated and saved in C:\. Make sure all options are checked.

#15 mojavemystic

mojavemystic
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Ohio
  • Local time:04:25 AM

Posted 07 July 2012 - 09:05 AM

10:03:47.0776 2988 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
10:03:49.0779 2988 ============================================================
10:03:49.0779 2988 Current date / time: 2012/07/07 10:03:49.0779
10:03:49.0779 2988 SystemInfo:
10:03:49.0779 2988
10:03:49.0779 2988 OS Version: 6.0.6002 ServicePack: 2.0
10:03:49.0779 2988 Product type: Workstation
10:03:49.0780 2988 ComputerName: NORM-PC
10:03:49.0780 2988 UserName: norm
10:03:49.0780 2988 Windows directory: C:\Windows
10:03:49.0780 2988 System windows directory: C:\Windows
10:03:49.0780 2988 Processor architecture: Intel x86
10:03:49.0780 2988 Number of processors: 2
10:03:49.0780 2988 Page size: 0x1000
10:03:49.0780 2988 Boot type: Normal boot
10:03:49.0780 2988 ============================================================
10:03:52.0402 2988 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xC9E1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
10:03:52.0566 2988 ============================================================
10:03:52.0566 2988 \Device\Harddisk0\DR0:
10:03:52.0566 2988 MBR partitions:
10:03:52.0566 2988 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2D782811
10:03:52.0566 2988 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2D782850, BlocksNum 0x11B50C0
10:03:52.0566 2988 ============================================================
10:03:52.0637 2988 C: <-> \Device\Harddisk0\DR0\Partition0
10:03:52.0750 2988 D: <-> \Device\Harddisk0\DR0\Partition1
10:03:52.0750 2988 ============================================================
10:03:52.0750 2988 Initialize success
10:03:52.0750 2988 ============================================================
10:04:02.0369 5728 ============================================================
10:04:02.0369 5728 Scan started
10:04:02.0369 5728 Mode: Manual;
10:04:02.0369 5728 ============================================================
10:04:03.0825 5728 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
10:04:03.0841 5728 !SASCORE - ok
10:04:04.0059 5728 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:04:04.0059 5728 ACPI - ok
10:04:04.0121 5728 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
10:04:04.0121 5728 adp94xx - ok
10:04:04.0153 5728 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
10:04:04.0168 5728 adpahci - ok
10:04:04.0184 5728 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
10:04:04.0184 5728 adpu160m - ok
10:04:04.0215 5728 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
10:04:04.0215 5728 adpu320 - ok
10:04:04.0262 5728 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
10:04:04.0262 5728 AeLookupSvc - ok
10:04:04.0277 5728 Afc - ok
10:04:04.0324 5728 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
10:04:04.0340 5728 AFD - ok
10:04:04.0387 5728 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
10:04:04.0387 5728 agp440 - ok
10:04:04.0402 5728 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:04:04.0402 5728 aic78xx - ok
10:04:04.0433 5728 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
10:04:04.0433 5728 ALG - ok
10:04:04.0449 5728 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
10:04:04.0449 5728 aliide - ok
10:04:04.0480 5728 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
10:04:04.0480 5728 amdagp - ok
10:04:04.0496 5728 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
10:04:04.0496 5728 amdide - ok
10:04:04.0511 5728 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
10:04:04.0511 5728 AmdK7 - ok
10:04:04.0543 5728 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
10:04:04.0543 5728 AmdK8 - ok
10:04:04.0574 5728 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
10:04:04.0574 5728 Appinfo - ok
10:04:04.0589 5728 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
10:04:04.0589 5728 arc - ok
10:04:04.0621 5728 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
10:04:04.0621 5728 arcsas - ok
10:04:04.0652 5728 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:04:04.0667 5728 AsyncMac - ok
10:04:04.0699 5728 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:04:04.0699 5728 atapi - ok
10:04:04.0745 5728 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:04:04.0761 5728 AudioEndpointBuilder - ok
10:04:04.0761 5728 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:04:04.0777 5728 Audiosrv - ok
10:04:04.0870 5728 Automatic LiveUpdate Scheduler (ae9560c298d847aef346bdd5fad3b0e3) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
10:04:04.0870 5728 Automatic LiveUpdate Scheduler - ok
10:04:04.0948 5728 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:04:04.0948 5728 Beep - ok
10:04:04.0995 5728 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
10:04:05.0011 5728 BFE - ok
10:04:05.0213 5728 BHDrvx86 (a9e111a358ac5f7eba7ac61e43fc6725) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120619.001\BHDrvx86.sys
10:04:05.0245 5728 BHDrvx86 - ok
10:04:05.0354 5728 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
10:04:05.0369 5728 BITS - ok
10:04:05.0401 5728 blbdrive - ok
10:04:05.0463 5728 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
10:04:05.0479 5728 bowser - ok
10:04:05.0494 5728 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:04:05.0510 5728 BrFiltLo - ok
10:04:05.0557 5728 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:04:05.0557 5728 BrFiltUp - ok
10:04:05.0619 5728 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
10:04:05.0619 5728 Browser - ok
10:04:05.0666 5728 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:04:05.0681 5728 Brserid - ok
10:04:05.0713 5728 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:04:05.0713 5728 BrSerWdm - ok
10:04:05.0759 5728 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:04:05.0759 5728 BrUsbMdm - ok
10:04:05.0806 5728 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:04:05.0822 5728 BrUsbSer - ok
10:04:05.0837 5728 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:04:05.0853 5728 BTHMODEM - ok
10:04:05.0915 5728 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:04:05.0915 5728 cdfs - ok
10:04:05.0962 5728 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:04:05.0962 5728 cdrom - ok
10:04:06.0009 5728 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:04:06.0009 5728 CertPropSvc - ok
10:04:06.0025 5728 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
10:04:06.0025 5728 circlass - ok
10:04:06.0056 5728 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:04:06.0056 5728 CLFS - ok
10:04:06.0103 5728 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:04:06.0118 5728 clr_optimization_v2.0.50727_32 - ok
10:04:06.0149 5728 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:04:06.0165 5728 clr_optimization_v4.0.30319_32 - ok
10:04:06.0181 5728 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
10:04:06.0181 5728 cmdide - ok
10:04:06.0181 5728 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
10:04:06.0181 5728 Compbatt - ok
10:04:06.0181 5728 COMSysApp - ok
10:04:06.0212 5728 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
10:04:06.0212 5728 crcdisk - ok
10:04:06.0212 5728 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
10:04:06.0227 5728 Crusoe - ok
10:04:06.0259 5728 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
10:04:06.0259 5728 CryptSvc - ok
10:04:06.0321 5728 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:04:06.0321 5728 DcomLaunch - ok
10:04:06.0322 5728 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
10:04:06.0322 5728 DfsC - ok
10:04:06.0416 5728 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
10:04:06.0454 5728 DFSR - ok
10:04:06.0565 5728 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
10:04:06.0567 5728 Dhcp - ok
10:04:06.0596 5728 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:04:06.0597 5728 disk - ok
10:04:06.0635 5728 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
10:04:06.0637 5728 Dnscache - ok
10:04:06.0662 5728 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
10:04:06.0665 5728 dot3svc - ok
10:04:06.0687 5728 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
10:04:06.0690 5728 DPS - ok
10:04:06.0721 5728 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:04:06.0723 5728 drmkaud - ok
10:04:06.0764 5728 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
10:04:06.0774 5728 DXGKrnl - ok
10:04:06.0810 5728 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:04:06.0819 5728 E1G60 - ok
10:04:06.0845 5728 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
10:04:06.0847 5728 EapHost - ok
10:04:06.0881 5728 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:04:06.0885 5728 Ecache - ok
10:04:06.0968 5728 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
10:04:06.0975 5728 eeCtrl - ok
10:04:07.0025 5728 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
10:04:07.0031 5728 ehRecvr - ok
10:04:07.0065 5728 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
10:04:07.0068 5728 ehSched - ok
10:04:07.0095 5728 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
10:04:07.0097 5728 ehstart - ok
10:04:07.0128 5728 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
10:04:07.0134 5728 elxstor - ok
10:04:07.0184 5728 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
10:04:07.0191 5728 EMDMgmt - ok
10:04:07.0324 5728 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:04:07.0324 5728 EraserUtilRebootDrv - ok
10:04:07.0387 5728 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
10:04:07.0402 5728 EventSystem - ok
10:04:07.0449 5728 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:04:07.0465 5728 exfat - ok
10:04:07.0480 5728 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:04:07.0496 5728 fastfat - ok
10:04:07.0543 5728 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
10:04:07.0543 5728 fdc - ok
10:04:07.0558 5728 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
10:04:07.0558 5728 fdPHost - ok
10:04:07.0589 5728 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
10:04:07.0589 5728 FDResPub - ok
10:04:07.0605 5728 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:04:07.0621 5728 FileInfo - ok
10:04:07.0720 5728 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:04:07.0722 5728 Filetrace - ok
10:04:07.0809 5728 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
10:04:07.0812 5728 flpydisk - ok
10:04:07.0884 5728 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:04:07.0890 5728 FltMgr - ok
10:04:08.0015 5728 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
10:04:08.0035 5728 FontCache - ok
10:04:08.0117 5728 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:04:08.0119 5728 FontCache3.0.0.0 - ok
10:04:08.0153 5728 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
10:04:08.0156 5728 Fs_Rec - ok
10:04:08.0181 5728 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
10:04:08.0185 5728 gagp30kx - ok
10:04:08.0216 5728 GEARAspiWDM (ab8a6a87d9d7255c3884d5b9541a6e80) C:\Windows\system32\Drivers\GEARAspiWDM.sys
10:04:08.0219 5728 GEARAspiWDM - ok
10:04:08.0324 5728 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
10:04:08.0337 5728 gpsvc - ok
10:04:08.0382 5728 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
10:04:08.0389 5728 HdAudAddService - ok
10:04:08.0448 5728 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:04:08.0462 5728 HDAudBus - ok
10:04:08.0482 5728 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:04:08.0485 5728 HidBth - ok
10:04:08.0499 5728 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:04:08.0501 5728 HidIr - ok
10:04:08.0541 5728 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
10:04:08.0543 5728 hidserv - ok
10:04:08.0566 5728 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:04:08.0568 5728 HidUsb - ok
10:04:08.0590 5728 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
10:04:08.0594 5728 hkmsvc - ok
10:04:08.0679 5728 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
10:04:08.0681 5728 HP Health Check Service - ok
10:04:08.0708 5728 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
10:04:08.0710 5728 HpCISSs - ok
10:04:08.0780 5728 HSF_DP (88749fbf8beb18c90e7d6626c8c1910b) C:\Windows\system32\DRIVERS\HSX_DP.sys
10:04:08.0795 5728 HSF_DP - ok
10:04:08.0827 5728 HSXHWBS2 (fe440536bd98af772130dc3a6fe1915f) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
10:04:08.0862 5728 HSXHWBS2 - ok
10:04:08.0902 5728 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
10:04:08.0909 5728 HTTP - ok
10:04:08.0925 5728 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
10:04:08.0927 5728 i2omp - ok
10:04:08.0970 5728 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:04:08.0973 5728 i8042prt - ok
10:04:09.0007 5728 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
10:04:09.0011 5728 iaStorV - ok
10:04:09.0075 5728 IDriverT (6f95324909b502e2651442c1548ab12f) c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:04:09.0078 5728 IDriverT - ok
10:04:09.0176 5728 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:04:09.0197 5728 idsvc - ok
10:04:09.0312 5728 IDSVix86 (6262c22a913bd255a0795d070b82aa47) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120704.001\IDSvix86.sys
10:04:09.0319 5728 IDSVix86 - ok
10:04:09.0385 5728 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:04:09.0386 5728 iirsp - ok
10:04:09.0423 5728 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
10:04:09.0429 5728 IKEEXT - ok
10:04:09.0541 5728 IntcAzAudAddService (edc37b918e583a5a813c53d4f5588255) C:\Windows\system32\drivers\RTKVHDA.sys
10:04:09.0571 5728 IntcAzAudAddService - ok
10:04:09.0687 5728 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
10:04:09.0691 5728 intelide - ok
10:04:09.0735 5728 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
10:04:09.0735 5728 intelppm - ok
10:04:09.0766 5728 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
10:04:09.0766 5728 IPBusEnum - ok
10:04:09.0769 5728 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:04:09.0771 5728 IpFilterDriver - ok
10:04:09.0801 5728 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
10:04:09.0804 5728 iphlpsvc - ok
10:04:09.0813 5728 IpInIp - ok
10:04:09.0844 5728 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
10:04:09.0847 5728 IPMIDRV - ok
10:04:09.0871 5728 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:04:09.0874 5728 IPNAT - ok
10:04:09.0891 5728 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:04:09.0893 5728 IRENUM - ok
10:04:09.0904 5728 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
10:04:09.0907 5728 isapnp - ok
10:04:09.0943 5728 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:04:09.0947 5728 iScsiPrt - ok
10:04:09.0957 5728 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:04:09.0959 5728 iteatapi - ok
10:04:09.0977 5728 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:04:09.0978 5728 iteraid - ok
10:04:09.0999 5728 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:04:10.0001 5728 kbdclass - ok
10:04:10.0024 5728 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
10:04:10.0026 5728 kbdhid - ok
10:04:10.0054 5728 KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:04:10.0056 5728 KeyIso - ok
10:04:10.0083 5728 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
10:04:10.0091 5728 KSecDD - ok
10:04:10.0136 5728 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
10:04:10.0144 5728 KtmRm - ok
10:04:10.0182 5728 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
10:04:10.0186 5728 LanmanServer - ok
10:04:10.0210 5728 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
10:04:10.0215 5728 LanmanWorkstation - ok
10:04:10.0262 5728 Lavasoft Kernexplorer - ok
10:04:10.0320 5728 LightScribeService (683a07b982832426128b684b7366710f) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:04:10.0322 5728 LightScribeService - ok
10:04:10.0386 5728 LinksysUpdater (06dc2fdc6282f0d68910417b1150c848) C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
10:04:10.0390 5728 LinksysUpdater - ok
10:04:10.0614 5728 LiveUpdate (36375738dc0b3cd1f764268008e74fdf) C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
10:04:10.0668 5728 LiveUpdate - ok
10:04:10.0752 5728 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:04:10.0753 5728 lltdio - ok
10:04:10.0787 5728 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
10:04:10.0791 5728 lltdsvc - ok
10:04:10.0819 5728 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
10:04:10.0821 5728 lmhosts - ok
10:04:10.0862 5728 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
10:04:10.0865 5728 LSI_FC - ok
10:04:10.0876 5728 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
10:04:10.0878 5728 LSI_SAS - ok
10:04:10.0889 5728 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
10:04:10.0892 5728 LSI_SCSI - ok
10:04:10.0916 5728 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:04:10.0918 5728 luafv - ok
10:04:10.0939 5728 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
10:04:11.0006 5728 Mcx2Svc - ok
10:04:11.0028 5728 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:04:11.0029 5728 mdmxsdk - ok
10:04:11.0051 5728 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
10:04:11.0052 5728 megasas - ok
10:04:11.0064 5728 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:04:11.0067 5728 MMCSS - ok
10:04:11.0084 5728 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:04:11.0085 5728 Modem - ok
10:04:11.0109 5728 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:04:11.0110 5728 monitor - ok
10:04:11.0131 5728 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:04:11.0133 5728 mouclass - ok
10:04:11.0155 5728 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:04:11.0156 5728 mouhid - ok
10:04:11.0185 5728 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:04:11.0187 5728 MountMgr - ok
10:04:11.0216 5728 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
10:04:11.0219 5728 mpio - ok
10:04:11.0250 5728 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:04:11.0252 5728 mpsdrv - ok
10:04:11.0305 5728 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
10:04:11.0313 5728 MpsSvc - ok
10:04:11.0338 5728 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:04:11.0340 5728 Mraid35x - ok
10:04:11.0358 5728 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:04:11.0361 5728 MRxDAV - ok
10:04:11.0384 5728 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:04:11.0386 5728 mrxsmb - ok
10:04:11.0411 5728 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:04:11.0415 5728 mrxsmb10 - ok
10:04:11.0430 5728 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:04:11.0432 5728 mrxsmb20 - ok
10:04:11.0450 5728 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
10:04:11.0452 5728 msahci - ok
10:04:11.0466 5728 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
10:04:11.0468 5728 msdsm - ok
10:04:11.0488 5728 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
10:04:11.0493 5728 MSDTC - ok
10:04:11.0526 5728 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:04:11.0527 5728 Msfs - ok
10:04:11.0554 5728 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:04:11.0556 5728 msisadrv - ok
10:04:11.0583 5728 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
10:04:11.0587 5728 MSiSCSI - ok
10:04:11.0592 5728 msiserver - ok
10:04:11.0616 5728 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:04:11.0617 5728 MSKSSRV - ok
10:04:11.0627 5728 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:04:11.0629 5728 MSPCLOCK - ok
10:04:11.0653 5728 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:04:11.0655 5728 MSPQM - ok
10:04:11.0687 5728 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:04:11.0691 5728 MsRPC - ok
10:04:11.0710 5728 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:04:11.0712 5728 mssmbios - ok
10:04:11.0727 5728 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:04:11.0729 5728 MSTEE - ok
10:04:11.0735 5728 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:04:11.0738 5728 Mup - ok
10:04:11.0773 5728 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
10:04:11.0780 5728 napagent - ok
10:04:11.0830 5728 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:04:11.0830 5728 NativeWifiP - ok
10:04:11.0928 5728 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120704.017\NAVENG.SYS
10:04:11.0930 5728 NAVENG - ok
10:04:12.0022 5728 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120704.017\NAVEX15.SYS
10:04:12.0043 5728 NAVEX15 - ok
10:04:12.0181 5728 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:04:12.0189 5728 NDIS - ok
10:04:12.0238 5728 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:04:12.0240 5728 NdisTapi - ok
10:04:12.0259 5728 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:04:12.0261 5728 Ndisuio - ok
10:04:12.0289 5728 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:04:12.0291 5728 NdisWan - ok
10:04:12.0317 5728 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:04:12.0319 5728 NDProxy - ok
10:04:12.0329 5728 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:04:12.0331 5728 NetBIOS - ok
10:04:12.0359 5728 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:04:12.0363 5728 netbt - ok
10:04:12.0387 5728 Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:04:12.0389 5728 Netlogon - ok
10:04:12.0413 5728 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
10:04:12.0417 5728 Netman - ok
10:04:12.0458 5728 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
10:04:12.0462 5728 netprofm - ok
10:04:12.0495 5728 netr73 (987549e56f122ae7a70a4717c1572b5b) C:\Windows\system32\DRIVERS\netr73.sys
10:04:12.0500 5728 netr73 - ok
10:04:12.0567 5728 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:04:12.0570 5728 NetTcpPortSharing - ok
10:04:12.0592 5728 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:04:12.0594 5728 nfrd960 - ok
10:04:12.0669 5728 NIS (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
10:04:12.0671 5728 NIS - ok
10:04:12.0702 5728 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
10:04:12.0706 5728 NlaSvc - ok
10:04:12.0790 5728 nmservice (82c5a813e8ea7e94dc1afa24cd803b80) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
10:04:12.0800 5728 nmservice - ok
10:04:12.0829 5728 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:04:12.0831 5728 Npfs - ok
10:04:12.0879 5728 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
10:04:12.0882 5728 nsi - ok
10:04:12.0895 5728 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:04:12.0897 5728 nsiproxy - ok
10:04:12.0959 5728 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:04:12.0976 5728 Ntfs - ok
10:04:12.0996 5728 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:04:12.0998 5728 ntrigdigi - ok
10:04:13.0020 5728 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
10:04:13.0022 5728 NuidFltr - ok
10:04:13.0040 5728 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:04:13.0042 5728 Null - ok
10:04:13.0113 5728 NVENETFD (74c825c573aa6e115590d94e7bf86901) C:\Windows\system32\DRIVERS\nvmfdx32.sys
10:04:13.0129 5728 NVENETFD - ok
10:04:13.0477 5728 nvlddmkm (fbba09782f2fac5a57619df378ba9372) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:04:13.0585 5728 nvlddmkm - ok
10:04:13.0684 5728 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
10:04:13.0687 5728 nvraid - ok
10:04:13.0700 5728 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
10:04:13.0702 5728 nvstor - ok
10:04:13.0727 5728 nvstor32 (a1ce1a6fd74c046f029448fcfa5e386d) C:\Windows\system32\drivers\nvstor32.sys
10:04:13.0729 5728 nvstor32 - ok
10:04:13.0753 5728 nvsvc (cf7769f13b3ecc5e2bf1b3d1c5831ae8) C:\Windows\system32\nvvsvc.exe
10:04:13.0758 5728 nvsvc - ok
10:04:13.0774 5728 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
10:04:13.0778 5728 nv_agp - ok
10:04:13.0783 5728 NwlnkFlt - ok
10:04:13.0795 5728 NwlnkFwd - ok
10:04:13.0919 5728 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:04:13.0919 5728 odserv - ok
10:04:13.0944 5728 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
10:04:13.0946 5728 ohci1394 - ok
10:04:13.0990 5728 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:04:13.0995 5728 ose - ok
10:04:14.0052 5728 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:04:14.0062 5728 p2pimsvc - ok
10:04:14.0073 5728 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:04:14.0081 5728 p2psvc - ok
10:04:14.0110 5728 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
10:04:14.0113 5728 Parport - ok
10:04:14.0140 5728 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
10:04:14.0143 5728 partmgr - ok
10:04:14.0157 5728 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:04:14.0159 5728 Parvdm - ok
10:04:14.0187 5728 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
10:04:14.0190 5728 PcaSvc - ok
10:04:14.0234 5728 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:04:14.0238 5728 pci - ok
10:04:14.0264 5728 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
10:04:14.0265 5728 pciide - ok
10:04:14.0301 5728 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
10:04:14.0305 5728 pcmcia - ok
10:04:14.0396 5728 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:04:14.0409 5728 PEAUTH - ok
10:04:14.0518 5728 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
10:04:14.0544 5728 pla - ok
10:04:14.0639 5728 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
10:04:14.0645 5728 PlugPlay - ok
10:04:14.0690 5728 pnarp (b63a3ae87ed0ac525b3aa88b39608bfc) C:\Windows\system32\DRIVERS\pnarp.sys
10:04:14.0693 5728 pnarp - ok
10:04:14.0740 5728 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:04:14.0749 5728 PNRPAutoReg - ok
10:04:14.0760 5728 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:04:14.0768 5728 PNRPsvc - ok
10:04:14.0793 5728 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
10:04:14.0800 5728 PolicyAgent - ok
10:04:14.0835 5728 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:04:14.0839 5728 PptpMiniport - ok
10:04:14.0882 5728 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
10:04:14.0884 5728 Processor - ok
10:04:14.0918 5728 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
10:04:14.0923 5728 ProfSvc - ok
10:04:14.0945 5728 ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:04:14.0947 5728 ProtectedStorage - ok
10:04:14.0983 5728 Ps2 (390c204ced3785609ab24e9c52054a84) C:\Windows\system32\DRIVERS\PS2.sys
10:04:14.0984 5728 Ps2 - ok
10:04:15.0004 5728 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:04:15.0006 5728 PSched - ok
10:04:15.0048 5728 purendis (633cc728d6493c4263368a86928b0bfd) C:\Windows\system32\DRIVERS\purendis.sys
10:04:15.0050 5728 purendis - ok
10:04:15.0083 5728 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
10:04:15.0085 5728 PxHelp20 - ok
10:04:15.0141 5728 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
10:04:15.0155 5728 ql2300 - ok
10:04:15.0176 5728 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:04:15.0179 5728 ql40xx - ok
10:04:15.0211 5728 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
10:04:15.0219 5728 QWAVE - ok
10:04:15.0245 5728 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:04:15.0247 5728 QWAVEdrv - ok
10:04:15.0269 5728 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:04:15.0270 5728 RasAcd - ok
10:04:15.0318 5728 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
10:04:15.0323 5728 RasAuto - ok
10:04:15.0354 5728 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:04:15.0357 5728 Rasl2tp - ok
10:04:15.0404 5728 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
10:04:15.0409 5728 RasMan - ok
10:04:15.0439 5728 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:04:15.0441 5728 RasPppoe - ok
10:04:15.0466 5728 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:04:15.0468 5728 RasSstp - ok
10:04:15.0494 5728 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:04:15.0499 5728 rdbss - ok
10:04:15.0505 5728 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:04:15.0507 5728 RDPCDD - ok
10:04:15.0545 5728 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
10:04:15.0550 5728 rdpdr - ok
10:04:15.0574 5728 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:04:15.0575 5728 RDPENCDD - ok
10:04:15.0609 5728 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
10:04:15.0613 5728 RDPWD - ok
10:04:15.0646 5728 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
10:04:15.0650 5728 RemoteAccess - ok
10:04:15.0682 5728 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
10:04:15.0687 5728 RemoteRegistry - ok
10:04:15.0809 5728 RoxMediaDB9 (2dac86f10c42b55f2511f14cbcee7284) c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
10:04:15.0826 5728 RoxMediaDB9 - ok
10:04:15.0867 5728 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
10:04:15.0872 5728 RpcLocator - ok
10:04:15.0931 5728 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:04:15.0945 5728 RpcSs - ok
10:04:16.0011 5728 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:04:16.0011 5728 rspndr - ok
10:04:16.0026 5728 SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:04:16.0042 5728 SamSs - ok
10:04:16.0087 5728 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
10:04:16.0089 5728 SASDIFSV - ok
10:04:16.0119 5728 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
10:04:16.0122 5728 SASKUTIL - ok
10:04:16.0158 5728 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:04:16.0162 5728 sbp2port - ok
10:04:16.0208 5728 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
10:04:16.0216 5728 SCardSvr - ok
10:04:16.0305 5728 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
10:04:16.0320 5728 Schedule - ok
10:04:16.0340 5728 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:04:16.0342 5728 SCPolicySvc - ok
10:04:16.0370 5728 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
10:04:16.0375 5728 SDRSVC - ok
10:04:16.0380 5728 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:04:16.0382 5728 secdrv - ok
10:04:16.0401 5728 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
10:04:16.0403 5728 seclogon - ok
10:04:16.0414 5728 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
10:04:16.0417 5728 SENS - ok
10:04:16.0473 5728 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:04:16.0482 5728 Serenum - ok
10:04:16.0522 5728 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:04:16.0524 5728 Serial - ok
10:04:16.0541 5728 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:04:16.0544 5728 sermouse - ok
10:04:16.0573 5728 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
10:04:16.0577 5728 SessionEnv - ok
10:04:16.0590 5728 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
10:04:16.0592 5728 sffdisk - ok
10:04:16.0600 5728 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
10:04:16.0602 5728 sffp_mmc - ok
10:04:16.0613 5728 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
10:04:16.0614 5728 sffp_sd - ok
10:04:16.0624 5728 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:04:16.0626 5728 sfloppy - ok
10:04:16.0647 5728 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
10:04:16.0653 5728 SharedAccess - ok
10:04:16.0690 5728 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
10:04:16.0695 5728 ShellHWDetection - ok
10:04:16.0712 5728 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
10:04:16.0714 5728 sisagp - ok
10:04:16.0728 5728 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
10:04:16.0730 5728 SiSRaid2 - ok
10:04:16.0740 5728 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
10:04:16.0742 5728 SiSRaid4 - ok
10:04:16.0914 5728 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
10:04:16.0958 5728 slsvc - ok
10:04:17.0052 5728 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
10:04:17.0056 5728 SLUINotify - ok
10:04:17.0086 5728 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:04:17.0088 5728 Smb - ok
10:04:17.0118 5728 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
10:04:17.0121 5728 SNMPTRAP - ok
10:04:17.0153 5728 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:04:17.0155 5728 spldr - ok
10:04:17.0187 5728 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
10:04:17.0192 5728 Spooler - ok
10:04:17.0303 5728 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\NIS\1207010.003\SRTSP.SYS
10:04:17.0313 5728 SRTSP - ok
10:04:17.0346 5728 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\NIS\1207010.003\SRTSPX.SYS
10:04:17.0348 5728 SRTSPX - ok
10:04:17.0385 5728 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
10:04:17.0391 5728 srv - ok
10:04:17.0422 5728 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
10:04:17.0425 5728 srv2 - ok
10:04:17.0437 5728 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
10:04:17.0440 5728 srvnet - ok
10:04:17.0476 5728 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
10:04:17.0480 5728 SSDPSRV - ok
10:04:17.0525 5728 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
10:04:17.0529 5728 SstpSvc - ok
10:04:17.0591 5728 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
10:04:17.0601 5728 stisvc - ok
10:04:17.0659 5728 stllssvr (e5ff667e416dac99bff16b626234a379) c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
10:04:17.0662 5728 stllssvr - ok
10:04:17.0691 5728 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:04:17.0692 5728 swenum - ok
10:04:17.0727 5728 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
10:04:17.0735 5728 swprv - ok
10:04:17.0759 5728 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:04:17.0761 5728 Symc8xx - ok
10:04:17.0832 5728 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\NIS\1207010.003\SYMDS.SYS
10:04:17.0838 5728 SymDS - ok
10:04:17.0885 5728 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\NIS\1207010.003\SYMEFA.SYS
10:04:17.0897 5728 SymEFA - ok
10:04:17.0930 5728 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
10:04:17.0933 5728 SymEvent - ok
10:04:17.0955 5728 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\NIS\1207010.003\Ironx86.SYS
10:04:17.0959 5728 SymIRON - ok
10:04:17.0985 5728 SYMTDIv (d42a7229e333af725f1445f785e4658d) C:\Windows\System32\Drivers\NIS\1207010.003\SYMTDIV.SYS
10:04:17.0991 5728 SYMTDIv - ok
10:04:18.0009 5728 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:04:18.0011 5728 Sym_hi - ok
10:04:18.0025 5728 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:04:18.0027 5728 Sym_u3 - ok
10:04:18.0100 5728 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
10:04:18.0100 5728 SysMain - ok
10:04:18.0116 5728 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
10:04:18.0116 5728 TabletInputService - ok
10:04:18.0133 5728 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
10:04:18.0139 5728 TapiSrv - ok
10:04:18.0163 5728 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
10:04:18.0167 5728 TBS - ok
10:04:18.0223 5728 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
10:04:18.0236 5728 Tcpip - ok
10:04:18.0250 5728 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
10:04:18.0259 5728 Tcpip6 - ok
10:04:18.0339 5728 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
10:04:18.0341 5728 tcpipreg - ok
10:04:18.0395 5728 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:04:18.0397 5728 TDPIPE - ok
10:04:18.0414 5728 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:04:18.0415 5728 TDTCP - ok
10:04:18.0444 5728 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:04:18.0447 5728 tdx - ok
10:04:18.0467 5728 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:04:18.0469 5728 TermDD - ok
10:04:18.0511 5728 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
10:04:18.0520 5728 TermService - ok
10:04:18.0548 5728 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
10:04:18.0552 5728 Themes - ok
10:04:18.0580 5728 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:04:18.0582 5728 THREADORDER - ok
10:04:18.0594 5728 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
10:04:18.0597 5728 TrkWks - ok
10:04:18.0625 5728 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
10:04:18.0626 5728 TrustedInstaller - ok
10:04:18.0646 5728 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:04:18.0647 5728 tssecsrv - ok
10:04:18.0679 5728 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:04:18.0681 5728 tunmp - ok
10:04:18.0703 5728 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
10:04:18.0705 5728 tunnel - ok
10:04:18.0763 5728 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
10:04:18.0765 5728 uagp35 - ok
10:04:18.0796 5728 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:04:18.0800 5728 udfs - ok
10:04:18.0847 5728 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
10:04:18.0851 5728 UI0Detect - ok
10:04:18.0893 5728 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
10:04:18.0895 5728 uliagpkx - ok
10:04:18.0913 5728 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
10:04:18.0917 5728 uliahci - ok
10:04:18.0936 5728 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:04:18.0939 5728 UlSata - ok
10:04:18.0951 5728 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:04:18.0954 5728 ulsata2 - ok
10:04:18.0979 5728 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:04:18.0981 5728 umbus - ok
10:04:19.0008 5728 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
10:04:19.0013 5728 upnphost - ok
10:04:19.0043 5728 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:04:19.0046 5728 usbccgp - ok
10:04:19.0069 5728 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:04:19.0071 5728 usbcir - ok
10:04:19.0104 5728 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:04:19.0106 5728 usbehci - ok
10:04:19.0132 5728 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:04:19.0137 5728 usbhub - ok
10:04:19.0167 5728 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
10:04:19.0169 5728 usbohci - ok
10:04:19.0178 5728 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:04:19.0180 5728 usbprint - ok
10:04:19.0204 5728 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
10:04:19.0206 5728 usbscan - ok
10:04:19.0224 5728 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:04:19.0228 5728 USBSTOR - ok
10:04:19.0240 5728 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
10:04:19.0242 5728 usbuhci - ok
10:04:19.0261 5728 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
10:04:19.0265 5728 UxSms - ok
10:04:19.0302 5728 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
10:04:19.0312 5728 vds - ok
10:04:19.0334 5728 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
10:04:19.0335 5728 vga - ok
10:04:19.0363 5728 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:04:19.0365 5728 VgaSave - ok
10:04:19.0377 5728 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
10:04:19.0380 5728 viaagp - ok
10:04:19.0397 5728 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
10:04:19.0399 5728 ViaC7 - ok
10:04:19.0413 5728 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
10:04:19.0415 5728 viaide - ok
10:04:19.0439 5728 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:04:19.0441 5728 volmgr - ok
10:04:19.0478 5728 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:04:19.0483 5728 volmgrx - ok
10:04:19.0511 5728 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
10:04:19.0516 5728 volsnap - ok
10:04:19.0537 5728 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
10:04:19.0540 5728 vsmraid - ok
10:04:19.0595 5728 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
10:04:19.0611 5728 VSS - ok
10:04:19.0645 5728 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
10:04:19.0650 5728 W32Time - ok
10:04:19.0694 5728 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:04:19.0696 5728 WacomPen - ok
10:04:19.0722 5728 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:04:19.0724 5728 Wanarp - ok
10:04:19.0729 5728 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:04:19.0730 5728 Wanarpv6 - ok
10:04:19.0772 5728 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
10:04:19.0781 5728 wcncsvc - ok
10:04:19.0804 5728 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
10:04:19.0808 5728 WcsPlugInService - ok
10:04:19.0817 5728 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
10:04:19.0827 5728 Wd - ok
10:04:19.0888 5728 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
10:04:19.0896 5728 Wdf01000 - ok
10:04:19.0922 5728 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:04:19.0925 5728 WdiServiceHost - ok
10:04:19.0930 5728 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:04:19.0934 5728 WdiSystemHost - ok
10:04:19.0963 5728 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
10:04:19.0968 5728 WebClient - ok
10:04:19.0998 5728 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
10:04:20.0003 5728 Wecsvc - ok
10:04:20.0032 5728 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
10:04:20.0037 5728 wercplsupport - ok
10:04:20.0060 5728 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
10:04:20.0064 5728 WerSvc - ok
10:04:20.0110 5728 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:04:20.0120 5728 winachsf - ok
10:04:20.0205 5728 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
10:04:20.0206 5728 WinDefend - ok
10:04:20.0206 5728 WinHttpAutoProxySvc - ok
10:04:20.0281 5728 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
10:04:20.0283 5728 Winmgmt - ok
10:04:20.0364 5728 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
10:04:20.0378 5728 WinRM - ok
10:04:20.0445 5728 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
10:04:20.0454 5728 Wlansvc - ok
10:04:20.0624 5728 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:04:20.0647 5728 wlidsvc - ok
10:04:20.0743 5728 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
10:04:20.0744 5728 WmiAcpi - ok
10:04:20.0806 5728 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
10:04:20.0812 5728 wmiApSrv - ok
10:04:20.0931 5728 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
10:04:20.0951 5728 WMPNetworkSvc - ok
10:04:20.0973 5728 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
10:04:20.0982 5728 WPCSvc - ok
10:04:21.0010 5728 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
10:04:21.0018 5728 WPDBusEnum - ok
10:04:21.0126 5728 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:04:21.0139 5728 WPFFontCache_v0400 - ok
10:04:21.0179 5728 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:04:21.0180 5728 ws2ifsl - ok
10:04:21.0202 5728 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
10:04:21.0206 5728 wscsvc - ok
10:04:21.0212 5728 WSearch - ok
10:04:21.0365 5728 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
10:04:21.0386 5728 wuauserv - ok
10:04:21.0461 5728 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:04:21.0465 5728 WUDFRd - ok
10:04:21.0485 5728 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
10:04:21.0490 5728 wudfsvc - ok
10:04:21.0512 5728 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
10:04:21.0514 5728 XAudio - ok
10:04:21.0541 5728 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
10:04:21.0548 5728 XAudioService - ok
10:04:21.0591 5728 MBR (0x1B8) (8913823ff508ccf109db74b636c301da) \Device\Harddisk0\DR0
10:04:21.0640 5728 \Device\Harddisk0\DR0 - ok
10:04:21.0646 5728 Boot (0x1200) (fa93a111df8ef6cf78c9780e64462c31) \Device\Harddisk0\DR0\Partition0
10:04:21.0647 5728 \Device\Harddisk0\DR0\Partition0 - ok
10:04:21.0655 5728 Boot (0x1200) (080c38065e9157a5392b57aa720cc12d) \Device\Harddisk0\DR0\Partition1
10:04:21.0657 5728 \Device\Harddisk0\DR0\Partition1 - ok
10:04:21.0660 5728 ============================================================
10:04:21.0660 5728 Scan finished
10:04:21.0660 5728 ============================================================
10:04:21.0679 3620 Detected object count: 0
10:04:21.0679 3620 Actual detected object count: 0
Spelunking Rocks!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users