Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trijtzxoi dll - malware infection?


  • Please log in to reply
14 replies to this topic

#1 CrystalClear90

CrystalClear90

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:01 AM

Posted 16 December 2012 - 01:33 AM

It seems like browser redirection issues are going around a lot lately. Here's my problem:

About two weeks ago, I began receiving an error message on start-up as soon as I get to my desktop. I am using Windows 7 Home Premium 64-bit. It is a RunDLL error that says:

"There was a problem starting
C:\Users\Emma\AppData\Local]Hewlett-Packard\Google\trijtzxoi.dll
The specified module could not be found"

I thought nothing of it at first, even though I had a constant, seemingly new redirection problem in my browsers (FireFox, IE, and Chrome). Then I looked it up after some other weird things started to happen (erratic pages, keys not typing correctly, text not showing up when typing when typing in the Windows menu search bar). Apparently it's a Trojan AVKill. It's odd though: my computer ran almost-normally as it usually would and a quick restart usually got rid of the erratic behavior when it started to happen. I assume if I left this malware on my computer though, it would probably get worse over time.

So, I downloaded and installed MalwareBytes today and it found 4 files:

Trojan.Agent.MRGGen
Trojan.Happili
Trojan.Agent.MRGGen (in a different directory)
Exploit.Drop.9

I removed these files and restarted the computer and seem to have slightly less problems so far, but my browsers are still redirecting and the "trijtzxoi dll" error message is still showing up when I reboot my computer and get to the desktop. I then ran MGTools, but the logs are beyond my expertise. I am quite tempted to do a factory settings recovery to the computer, but I don't know if it would completely remove the trojan and I am trying to avoid starting over from scratch. I don't know how much the registry has been screwed up from this either.

Any help on further instructions or things to try would be very much appreciated. :)

BC AdBot (Login to Remove)

 


#2 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:07:01 AM

Posted 16 December 2012 - 01:55 AM

Hi, CrystalClear90! I'm going to try to help you out. :)

That error indicates that the file is either deleted or moved, but is still set to be run at boot. It's mostly an annoyance and not really anything to worry about, but hopefully we can get it fixed anyway.

Trojan.Happili is known to cause redirect problems, so it's probably the cause of that.

Before I begin my instructions, can you send me the MBAM log?

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#3 CrystalClear90

CrystalClear90
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:01 AM

Posted 16 December 2012 - 02:48 AM

Now I'm getting some intermittent freezing on webpages as well as the redirection. Don't know if that's related, that's been happening for about the same time as everything else. Argg. <_<

I have looked in the correct Program Files folders and the log of the scan I did seems to be gone. Luckily, I saved a screen of it just in case after it finished in case I couldn't get to it again:
Posted Image

I hope that's the right one. :)

#4 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:07:01 AM

Posted 16 December 2012 - 05:03 AM

Hi,

Yes, that's the right one. :)

I'm thinking that these are all parts of the same infection, and that your symptoms are, too.

TDSSKiller

I need you to run a scan using TDSSKiller.

  • Download TDSSKiller from here, and save it to your desktop.
  • Double click the file to launch the program. Once the program starts, click Start Scan. Don't change any default scan settings.
  • Once the scan is finished, you'll find a log in your root drive (usually C: ) that will start with TDSS in the file name, please copy and paste it into your reply.

Malwarebytes

I need you to run a scan with Malwarebytes Anti-Malware.

  • Double-click the MBAM shortcut on your desktop to open MBAM.
  • Click the Update tab, and check for updates. If a new version of MBAM is included in the update, follow the prompts and install it.
  • Once the program is done updating, select the Perform full scan option on the main interface. Then click the Scan button, hit Scan, and let the scan run.
  • Once the scan is finished, a log will pop up. If any malware was found, click the Show Results button, and make sure everything present is checked and click Remove Selected. If MBAM asks you to reboot, do so immediately. Either way, please copy and paste the log into your reply. If your PC is rebooted, you can find the log by opening up MBAM and going to the Logs tab.

AdwCleaner

I need you to run AdwCleaner to see if it removes anything.

  • Download AdwCleaner from here, and save it to your desktop.
  • Close all open programs.
  • Open the file on your desktop, and click the Delete button. Confirm operations at every prompt. Your PC will be rebooted after the final prompt.
  • Once rebooted, a text file will open up. Please copy and paste it into your reply.

RogueKiller

I need you to run RogueKiller to see if it removes anything.

  • Download RogueKiller from here, and save it to your desktop.
  • Close all open programs.
  • Double click the file on your desktop. Once the automatic check completes, hit the Scan button.
  • Once the full scan has finished, click on the Delete button. Once it's done removing things, open the newest log on your desktop (should be called RKreport[2].txt) and copy and paste it into your reply.

Please tell me how your PC is running in your next reply.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#5 CrystalClear90

CrystalClear90
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:01 AM

Posted 18 December 2012 - 11:10 PM

Sorry for the late reply in getting back to you. Haven't had much time to just sit down at the computer and do this.

Here are the logs:

--------------------------------------------------------

TDSSKiller:


01:46:33.0893 7668 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
01:46:35.0462 7668 ============================================================
01:46:35.0462 7668 Current date / time: 2012/12/17 01:46:35.0462
01:46:35.0462 7668 SystemInfo:
01:46:35.0462 7668
01:46:35.0462 7668 OS Version: 6.1.7601 ServicePack: 1.0
01:46:35.0462 7668 Product type: Workstation
01:46:35.0462 7668 ComputerName: CA7-PC
01:46:35.0462 7668 UserName: Emily
01:46:35.0462 7668 Windows directory: C:\Windows
01:46:35.0462 7668 System windows directory: C:\Windows
01:46:35.0462 7668 Running under WOW64
01:46:35.0462 7668 Processor architecture: Intel x64
01:46:35.0462 7668 Number of processors: 4
01:46:35.0462 7668 Page size: 0x1000
01:46:35.0462 7668 Boot type: Normal boot
01:46:35.0462 7668 ============================================================
01:46:36.0444 7668 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:46:36.0500 7668 Drive \Device\Harddisk5\DR5 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
01:46:36.0519 7668 ============================================================
01:46:36.0519 7668 \Device\Harddisk0\DR0:
01:46:36.0729 7668 MBR partitions:
01:46:36.0729 7668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
01:46:36.0729 7668 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE6CA7800
01:46:36.0729 7668 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xE6CDA000, BlocksNum 0x212E000
01:46:36.0729 7668 \Device\Harddisk5\DR5:
01:46:36.0729 7668 MBR partitions:
01:46:36.0729 7668 \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x747059C1
01:46:36.0729 7668 ============================================================
01:46:37.0035 7668 C: <-> \Device\Harddisk0\DR0\Partition2
01:46:37.0120 7668 D: <-> \Device\Harddisk0\DR0\Partition3
01:46:37.0135 7668 J: <-> \Device\Harddisk5\DR5\Partition1
01:46:37.0135 7668 ============================================================
01:46:37.0135 7668 Initialize success
01:46:37.0135 7668 ============================================================
02:24:21.0112 2632 ============================================================
02:24:21.0112 2632 Scan started
02:24:21.0112 2632 Mode: Manual;
02:24:21.0112 2632 ============================================================
02:24:22.0549 2632 ================ Scan system memory ========================
02:24:22.0549 2632 System memory - ok
02:24:22.0551 2632 ================ Scan services =============================
02:24:22.0701 2632 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
02:24:22.0704 2632 1394ohci - ok
02:24:22.0734 2632 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
02:24:22.0741 2632 ACPI - ok
02:24:22.0777 2632 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
02:24:22.0778 2632 AcpiPmi - ok
02:24:22.0828 2632 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:24:22.0829 2632 AdobeARMservice - ok
02:24:22.0900 2632 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
02:24:22.0903 2632 AdobeFlashPlayerUpdateSvc - ok
02:24:22.0979 2632 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
02:24:22.0984 2632 adp94xx - ok
02:24:22.0999 2632 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
02:24:23.0010 2632 adpahci - ok
02:24:23.0023 2632 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
02:24:23.0026 2632 adpu320 - ok
02:24:23.0047 2632 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
02:24:23.0048 2632 AeLookupSvc - ok
02:24:23.0073 2632 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
02:24:23.0077 2632 AFD - ok
02:24:23.0122 2632 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
02:24:23.0349 2632 agp440 - ok
02:24:23.0389 2632 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
02:24:23.0394 2632 ALG - ok
02:24:23.0464 2632 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
02:24:23.0465 2632 aliide - ok
02:24:23.0497 2632 [ BA7DEAEF1066F1FD31FD1D719FC98204 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
02:24:23.0499 2632 AMD External Events Utility - ok
02:24:23.0513 2632 [ 2EF1BA6D5DC79FCE5E9216C8C2D3F193 ] amdhub30 C:\Windows\system32\drivers\amdhub30.sys
02:24:23.0514 2632 amdhub30 - ok
02:24:23.0533 2632 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
02:24:23.0535 2632 amdide - ok
02:24:23.0544 2632 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
02:24:23.0546 2632 AmdK8 - ok
02:24:23.0743 2632 [ 0DB247E7D8EE52176E4FCCF00911608D ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
02:24:23.0857 2632 amdkmdag - ok
02:24:23.0889 2632 [ FC57F1D151DA79BABD7E790E621BA525 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
02:24:23.0892 2632 amdkmdap - ok
02:24:23.0904 2632 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
02:24:23.0906 2632 AmdPPM - ok
02:24:23.0925 2632 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
02:24:23.0927 2632 amdsata - ok
02:24:23.0947 2632 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
02:24:23.0949 2632 amdsbs - ok
02:24:23.0963 2632 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
02:24:23.0965 2632 amdxata - ok
02:24:23.0980 2632 [ 541A6C49C792ED71FB3EFF8C815CFE60 ] amdxhc C:\Windows\system32\drivers\amdxhc.sys
02:24:23.0983 2632 amdxhc - ok
02:24:23.0993 2632 [ A1434F35B7B171CB697D74D33F7D029F ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
02:24:23.0995 2632 amd_sata - ok
02:24:24.0004 2632 [ E9B5A82FA268BB2D1B012030D5F4E096 ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
02:24:24.0006 2632 amd_xata - ok
02:24:24.0029 2632 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
02:24:24.0031 2632 AppID - ok
02:24:24.0055 2632 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
02:24:24.0065 2632 AppIDSvc - ok
02:24:24.0071 2632 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
02:24:24.0072 2632 Appinfo - ok
02:24:24.0111 2632 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
02:24:24.0112 2632 Apple Mobile Device - ok
02:24:24.0142 2632 [ 2C349460E40EF6B9604D774AAF367730 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
02:24:24.0148 2632 Application Updater - ok
02:24:24.0164 2632 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
02:24:24.0167 2632 arc - ok
02:24:24.0188 2632 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
02:24:24.0207 2632 arcsas - ok
02:24:24.0273 2632 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
02:24:24.0284 2632 aspnet_state - ok
02:24:24.0300 2632 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
02:24:24.0302 2632 AsyncMac - ok
02:24:24.0323 2632 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
02:24:24.0324 2632 atapi - ok
02:24:24.0353 2632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
02:24:24.0358 2632 AudioEndpointBuilder - ok
02:24:24.0366 2632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
02:24:24.0370 2632 AudioSrv - ok
02:24:24.0391 2632 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
02:24:24.0392 2632 AxInstSV - ok
02:24:24.0415 2632 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
02:24:24.0420 2632 b06bdrv - ok
02:24:24.0549 2632 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
02:24:24.0633 2632 b57nd60a - ok
02:24:24.0903 2632 [ 28A4012E68BC9597BCB9B26B51AAC4B6 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
02:24:24.0905 2632 BBSvc - ok
02:24:24.0937 2632 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
02:24:24.0940 2632 BBUpdate - ok
02:24:24.0959 2632 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
02:24:24.0961 2632 BDESVC - ok
02:24:24.0973 2632 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
02:24:24.0974 2632 Beep - ok
02:24:25.0004 2632 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
02:24:25.0015 2632 BFE - ok
02:24:25.0118 2632 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20121130.005\BHDrvx64.sys
02:24:25.0129 2632 BHDrvx64 - ok
02:24:25.0179 2632 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
02:24:25.0269 2632 BITS - ok
02:24:25.0284 2632 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
02:24:25.0286 2632 blbdrive - ok
02:24:25.0336 2632 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
02:24:25.0344 2632 Bonjour Service - ok
02:24:25.0417 2632 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
02:24:25.0651 2632 bowser - ok
02:24:25.0705 2632 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
02:24:25.0713 2632 BrFiltLo - ok
02:24:25.0731 2632 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
02:24:25.0746 2632 BrFiltUp - ok
02:24:25.0796 2632 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
02:24:25.0799 2632 Browser - ok
02:24:25.0832 2632 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
02:24:25.0845 2632 Brserid - ok
02:24:25.0861 2632 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
02:24:25.0873 2632 BrSerWdm - ok
02:24:25.0886 2632 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
02:24:25.0907 2632 BrUsbMdm - ok
02:24:25.0939 2632 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
02:24:25.0949 2632 BrUsbSer - ok
02:24:25.0963 2632 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
02:24:25.0969 2632 BTHMODEM - ok
02:24:26.0035 2632 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
02:24:26.0039 2632 bthserv - ok
02:24:26.0141 2632 [ A3AD13CA2747953DDD4C9AE4FB925BEC ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
02:24:26.0142 2632 CalendarSynchService - ok
02:24:26.0209 2632 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1309000.009\ccSetx64.sys
02:24:26.0251 2632 ccSet_NIS - ok
02:24:26.0273 2632 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
02:24:26.0277 2632 cdfs - ok
02:24:26.0327 2632 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
02:24:26.0369 2632 cdrom - ok
02:24:26.0405 2632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
02:24:26.0415 2632 CertPropSvc - ok
02:24:26.0596 2632 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
02:24:26.0606 2632 circlass - ok
02:24:26.0666 2632 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
02:24:26.0671 2632 CLFS - ok
02:24:26.0723 2632 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:24:26.0728 2632 clr_optimization_v2.0.50727_32 - ok
02:24:26.0800 2632 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:24:26.0802 2632 clr_optimization_v2.0.50727_64 - ok
02:24:26.0907 2632 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:24:27.0199 2632 clr_optimization_v4.0.30319_32 - ok
02:24:27.0251 2632 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:24:27.0258 2632 clr_optimization_v4.0.30319_64 - ok
02:24:27.0285 2632 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
02:24:27.0287 2632 CmBatt - ok
02:24:27.0307 2632 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
02:24:27.0308 2632 cmdide - ok
02:24:27.0334 2632 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
02:24:27.0339 2632 CNG - ok
02:24:27.0348 2632 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
02:24:27.0349 2632 Compbatt - ok
02:24:27.0366 2632 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
02:24:27.0381 2632 CompositeBus - ok
02:24:27.0401 2632 COMSysApp - ok
02:24:27.0407 2632 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
02:24:27.0408 2632 crcdisk - ok
02:24:27.0449 2632 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
02:24:27.0451 2632 CryptSvc - ok
02:24:27.0484 2632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
02:24:27.0489 2632 DcomLaunch - ok
02:24:27.0505 2632 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
02:24:27.0508 2632 defragsvc - ok
02:24:27.0521 2632 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
02:24:27.0523 2632 DfsC - ok
02:24:27.0539 2632 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
02:24:27.0542 2632 Dhcp - ok
02:24:27.0548 2632 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
02:24:27.0550 2632 discache - ok
02:24:27.0556 2632 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
02:24:27.0557 2632 Disk - ok
02:24:27.0569 2632 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
02:24:27.0572 2632 Dnscache - ok
02:24:27.0587 2632 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
02:24:27.0591 2632 dot3svc - ok
02:24:27.0602 2632 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
02:24:27.0604 2632 DPS - ok
02:24:27.0620 2632 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
02:24:27.0622 2632 drmkaud - ok
02:24:27.0647 2632 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
02:24:27.0655 2632 DXGKrnl - ok
02:24:27.0684 2632 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
02:24:27.0726 2632 EapHost - ok
02:24:28.0026 2632 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
02:24:28.0072 2632 ebdrv - ok
02:24:28.0114 2632 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
02:24:28.0120 2632 eeCtrl - ok
02:24:28.0147 2632 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
02:24:28.0148 2632 EFS - ok
02:24:28.0191 2632 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
02:24:28.0199 2632 ehRecvr - ok
02:24:28.0228 2632 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
02:24:28.0235 2632 ehSched - ok
02:24:28.0263 2632 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
02:24:28.0268 2632 elxstor - ok
02:24:28.0291 2632 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
02:24:28.0301 2632 EraserUtilRebootDrv - ok
02:24:28.0322 2632 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
02:24:28.0330 2632 ErrDev - ok
02:24:28.0387 2632 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
02:24:28.0391 2632 EventSystem - ok
02:24:28.0417 2632 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
02:24:28.0420 2632 exfat - ok
02:24:28.0446 2632 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
02:24:28.0464 2632 fastfat - ok
02:24:28.0519 2632 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
02:24:28.0529 2632 Fax - ok
02:24:28.0545 2632 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
02:24:28.0548 2632 fdc - ok
02:24:28.0589 2632 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
02:24:28.0598 2632 fdPHost - ok
02:24:28.0623 2632 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
02:24:28.0625 2632 FDResPub - ok
02:24:28.0640 2632 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
02:24:28.0641 2632 FileInfo - ok
02:24:28.0665 2632 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
02:24:28.0666 2632 Filetrace - ok
02:24:28.0725 2632 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
02:24:28.0728 2632 flpydisk - ok
02:24:28.0754 2632 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
02:24:28.0757 2632 FltMgr - ok
02:24:28.0790 2632 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
02:24:28.0805 2632 FontCache - ok
02:24:28.0859 2632 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:24:28.0870 2632 FontCache3.0.0.0 - ok
02:24:28.0958 2632 [ D40B85303BCFF96A717392B06FB015C4 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
02:24:28.0966 2632 Freemake Improver - ok
02:24:28.0977 2632 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
02:24:28.0978 2632 FsDepends - ok
02:24:29.0010 2632 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
02:24:29.0012 2632 Fs_Rec - ok
02:24:29.0034 2632 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
02:24:29.0036 2632 fvevol - ok
02:24:29.0056 2632 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
02:24:29.0058 2632 gagp30kx - ok
02:24:29.0109 2632 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
02:24:29.0113 2632 GamesAppService - ok
02:24:29.0149 2632 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
02:24:29.0152 2632 GEARAspiWDM - ok
02:24:29.0192 2632 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
02:24:29.0202 2632 gpsvc - ok
02:24:29.0252 2632 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
02:24:29.0476 2632 hcw85cir - ok
02:24:29.0518 2632 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
02:24:29.0522 2632 HdAudAddService - ok
02:24:29.0560 2632 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
02:24:29.0562 2632 HDAudBus - ok
02:24:29.0585 2632 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
02:24:29.0590 2632 HidBatt - ok
02:24:29.0608 2632 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
02:24:29.0610 2632 HidBth - ok
02:24:29.0626 2632 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
02:24:29.0629 2632 HidIr - ok
02:24:29.0662 2632 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
02:24:29.0664 2632 hidserv - ok
02:24:29.0712 2632 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
02:24:29.0713 2632 HidUsb - ok
02:24:29.0751 2632 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
02:24:29.0758 2632 hkmsvc - ok
02:24:29.0779 2632 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
02:24:29.0785 2632 HomeGroupListener - ok
02:24:29.0810 2632 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
02:24:29.0820 2632 HomeGroupProvider - ok
02:24:29.0904 2632 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
02:24:29.0905 2632 HP Support Assistant Service - ok
02:24:29.0969 2632 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
02:24:29.0974 2632 HPAuto - ok
02:24:30.0252 2632 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
02:24:30.0261 2632 HPClientSvc - ok
02:24:30.0349 2632 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
02:24:30.0369 2632 hpqwmiex - ok
02:24:30.0472 2632 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
02:24:30.0477 2632 HpSAMD - ok
02:24:30.0637 2632 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
02:24:30.0650 2632 HTTP - ok
02:24:30.0695 2632 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
02:24:30.0704 2632 hwpolicy - ok
02:24:30.0788 2632 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
02:24:30.0796 2632 i8042prt - ok
02:24:30.0837 2632 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
02:24:30.0879 2632 iaStorV - ok
02:24:30.0946 2632 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:24:30.0964 2632 idsvc - ok
02:24:31.0114 2632 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121214.001\IDSvia64.sys
02:24:31.0128 2632 IDSVia64 - ok
02:24:31.0323 2632 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
02:24:31.0401 2632 igfx - ok
02:24:31.0442 2632 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
02:24:31.0449 2632 iirsp - ok
02:24:31.0486 2632 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
02:24:31.0504 2632 IKEEXT - ok
02:24:31.0801 2632 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
02:24:31.0815 2632 intelide - ok
02:24:31.0863 2632 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
02:24:31.0865 2632 intelppm - ok
02:24:31.0892 2632 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
02:24:31.0902 2632 IPBusEnum - ok
02:24:31.0924 2632 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:24:31.0930 2632 IpFilterDriver - ok
02:24:31.0990 2632 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
02:24:31.0997 2632 iphlpsvc - ok
02:24:32.0026 2632 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
02:24:32.0027 2632 IPMIDRV - ok
02:24:32.0034 2632 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
02:24:32.0035 2632 IPNAT - ok
02:24:32.0077 2632 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
02:24:32.0085 2632 iPod Service - ok
02:24:32.0095 2632 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
02:24:32.0096 2632 IRENUM - ok
02:24:32.0112 2632 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
02:24:32.0113 2632 isapnp - ok
02:24:32.0130 2632 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
02:24:32.0133 2632 iScsiPrt - ok
02:24:32.0151 2632 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
02:24:32.0153 2632 kbdclass - ok
02:24:32.0183 2632 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
02:24:32.0185 2632 kbdhid - ok
02:24:32.0196 2632 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
02:24:32.0198 2632 KeyIso - ok
02:24:32.0213 2632 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
02:24:32.0215 2632 KSecDD - ok
02:24:32.0229 2632 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
02:24:32.0231 2632 KSecPkg - ok
02:24:32.0241 2632 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
02:24:32.0243 2632 ksthunk - ok
02:24:32.0267 2632 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
02:24:32.0272 2632 KtmRm - ok
02:24:32.0291 2632 [ BD56BAE4403497E31727096CEBC42956 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
02:24:32.0293 2632 L1C - ok
02:24:32.0597 2632 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
02:24:32.0604 2632 LanmanServer - ok
02:24:32.0652 2632 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
02:24:32.0656 2632 LanmanWorkstation - ok
02:24:32.0684 2632 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
02:24:32.0685 2632 lltdio - ok
02:24:32.0710 2632 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
02:24:32.0714 2632 lltdsvc - ok
02:24:32.0723 2632 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
02:24:32.0724 2632 lmhosts - ok
02:24:32.0758 2632 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
02:24:32.0760 2632 LSI_FC - ok
02:24:32.0771 2632 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
02:24:32.0773 2632 LSI_SAS - ok
02:24:32.0786 2632 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
02:24:32.0788 2632 LSI_SAS2 - ok
02:24:32.0801 2632 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
02:24:32.0803 2632 LSI_SCSI - ok
02:24:32.0817 2632 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
02:24:32.0819 2632 luafv - ok
02:24:32.0849 2632 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
02:24:32.0851 2632 Mcx2Svc - ok
02:24:32.0876 2632 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
02:24:32.0877 2632 megasas - ok
02:24:32.0892 2632 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
02:24:32.0895 2632 MegaSR - ok
02:24:32.0908 2632 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
02:24:32.0909 2632 MMCSS - ok
02:24:32.0920 2632 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
02:24:32.0922 2632 Modem - ok
02:24:32.0948 2632 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
02:24:32.0949 2632 monitor - ok
02:24:32.0964 2632 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
02:24:32.0965 2632 mouclass - ok
02:24:32.0975 2632 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
02:24:32.0976 2632 mouhid - ok
02:24:32.0991 2632 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
02:24:33.0008 2632 mountmgr - ok
02:24:33.0071 2632 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:24:33.0087 2632 MozillaMaintenance - ok
02:24:33.0113 2632 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
02:24:33.0122 2632 mpio - ok
02:24:33.0140 2632 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
02:24:33.0150 2632 mpsdrv - ok
02:24:33.0181 2632 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
02:24:33.0191 2632 MpsSvc - ok
02:24:33.0203 2632 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
02:24:33.0215 2632 MRxDAV - ok
02:24:33.0242 2632 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
02:24:33.0245 2632 mrxsmb - ok
02:24:33.0263 2632 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:24:33.0272 2632 mrxsmb10 - ok
02:24:33.0290 2632 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:24:33.0292 2632 mrxsmb20 - ok
02:24:33.0319 2632 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
02:24:33.0320 2632 msahci - ok
02:24:33.0341 2632 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
02:24:33.0352 2632 msdsm - ok
02:24:33.0391 2632 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
02:24:33.0395 2632 MSDTC - ok
02:24:33.0546 2632 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
02:24:33.0557 2632 Msfs - ok
02:24:33.0580 2632 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
02:24:33.0583 2632 mshidkmdf - ok
02:24:33.0620 2632 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
02:24:33.0622 2632 msisadrv - ok
02:24:33.0671 2632 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
02:24:33.0682 2632 MSiSCSI - ok
02:24:33.0686 2632 msiserver - ok
02:24:33.0736 2632 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
02:24:33.0745 2632 MSKSSRV - ok
02:24:33.0767 2632 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
02:24:33.0772 2632 MSPCLOCK - ok
02:24:33.0796 2632 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
02:24:33.0797 2632 MSPQM - ok
02:24:33.0817 2632 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
02:24:33.0821 2632 MsRPC - ok
02:24:33.0871 2632 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
02:24:34.0113 2632 mssmbios - ok
02:24:34.0215 2632 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
02:24:34.0228 2632 MSTEE - ok
02:24:34.0241 2632 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
02:24:34.0244 2632 MTConfig - ok
02:24:34.0268 2632 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
02:24:34.0269 2632 Mup - ok
02:24:34.0299 2632 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
02:24:34.0304 2632 napagent - ok
02:24:34.0331 2632 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
02:24:34.0334 2632 NativeWifiP - ok
02:24:34.0393 2632 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121216.007\ENG64.SYS
02:24:34.0407 2632 NAVENG - ok
02:24:34.0469 2632 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121216.007\EX64.SYS
02:24:34.0486 2632 NAVEX15 - ok
02:24:34.0525 2632 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
02:24:34.0533 2632 NDIS - ok
02:24:34.0548 2632 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
02:24:34.0549 2632 NdisCap - ok
02:24:34.0563 2632 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
02:24:34.0564 2632 NdisTapi - ok
02:24:34.0812 2632 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
02:24:34.0815 2632 Ndisuio - ok
02:24:34.0847 2632 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
02:24:34.0849 2632 NdisWan - ok
02:24:34.0861 2632 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
02:24:34.0863 2632 NDProxy - ok
02:24:34.0882 2632 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
02:24:34.0883 2632 NetBIOS - ok
02:24:34.0897 2632 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
02:24:34.0900 2632 NetBT - ok
02:24:34.0913 2632 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
02:24:34.0914 2632 Netlogon - ok
02:24:34.0942 2632 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
02:24:34.0947 2632 Netman - ok
02:24:34.0967 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:24:34.0978 2632 NetMsmqActivator - ok
02:24:34.0982 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:24:34.0983 2632 NetPipeActivator - ok
02:24:35.0002 2632 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
02:24:35.0007 2632 netprofm - ok
02:24:35.0055 2632 [ 570813483F26B5C8D984BCA5BB70B50D ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
02:24:35.0074 2632 netr28x - ok
02:24:35.0080 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:24:35.0081 2632 NetTcpActivator - ok
02:24:35.0086 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:24:35.0088 2632 NetTcpPortSharing - ok
02:24:35.0099 2632 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
02:24:35.0101 2632 nfrd960 - ok
02:24:35.0157 2632 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
02:24:35.0170 2632 NIS - ok
02:24:35.0193 2632 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
02:24:35.0199 2632 NlaSvc - ok
02:24:35.0210 2632 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
02:24:35.0221 2632 Npfs - ok
02:24:35.0240 2632 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
02:24:35.0250 2632 nsi - ok
02:24:35.0261 2632 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
02:24:35.0262 2632 nsiproxy - ok
02:24:35.0314 2632 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
02:24:35.0332 2632 Ntfs - ok
02:24:35.0354 2632 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
02:24:35.0366 2632 Null - ok
02:24:35.0400 2632 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
02:24:35.0406 2632 nvraid - ok
02:24:35.0441 2632 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
02:24:35.0451 2632 nvstor - ok
02:24:35.0539 2632 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
02:24:35.0554 2632 nv_agp - ok
02:24:35.0630 2632 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
02:24:35.0639 2632 odserv - ok
02:24:35.0670 2632 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
02:24:35.0676 2632 ohci1394 - ok
02:24:35.0686 2632 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:24:35.0698 2632 ose - ok
02:24:35.0754 2632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
02:24:35.0759 2632 p2pimsvc - ok
02:24:35.0801 2632 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
02:24:35.0806 2632 p2psvc - ok
02:24:35.0826 2632 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
02:24:35.0830 2632 Parport - ok
02:24:35.0853 2632 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
02:24:35.0866 2632 partmgr - ok
02:24:35.0886 2632 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
02:24:35.0889 2632 PcaSvc - ok
02:24:35.0909 2632 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
02:24:35.0918 2632 pci - ok
02:24:35.0952 2632 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
02:24:35.0960 2632 pciide - ok
02:24:35.0971 2632 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
02:24:35.0975 2632 pcmcia - ok
02:24:36.0007 2632 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
02:24:36.0017 2632 pcw - ok
02:24:36.0051 2632 pdfcDispatcher - ok
02:24:36.0089 2632 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
02:24:36.0099 2632 PEAUTH - ok
02:24:36.0715 2632 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
02:24:36.0724 2632 PerfHost - ok
02:24:36.0824 2632 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
02:24:36.0842 2632 pla - ok
02:24:37.0152 2632 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
02:24:37.0236 2632 PlugPlay - ok
02:24:37.0285 2632 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
02:24:37.0288 2632 PNRPAutoReg - ok
02:24:37.0337 2632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
02:24:37.0349 2632 PNRPsvc - ok
02:24:37.0401 2632 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
02:24:37.0412 2632 PolicyAgent - ok
02:24:37.0452 2632 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
02:24:37.0463 2632 Power - ok
02:24:37.0509 2632 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
02:24:37.0520 2632 PptpMiniport - ok
02:24:37.0566 2632 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
02:24:37.0574 2632 Processor - ok
02:24:37.0610 2632 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
02:24:37.0614 2632 ProfSvc - ok
02:24:37.0655 2632 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
02:24:37.0656 2632 ProtectedStorage - ok
02:24:37.0694 2632 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
02:24:37.0701 2632 Psched - ok
02:24:37.0774 2632 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
02:24:37.0795 2632 ql2300 - ok
02:24:37.0822 2632 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
02:24:37.0840 2632 ql40xx - ok
02:24:37.0885 2632 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
02:24:37.0892 2632 QWAVE - ok
02:24:37.0904 2632 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
02:24:37.0910 2632 QWAVEdrv - ok
02:24:37.0922 2632 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
02:24:37.0932 2632 RasAcd - ok
02:24:37.0942 2632 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
02:24:37.0953 2632 RasAgileVpn - ok
02:24:37.0975 2632 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
02:24:37.0986 2632 RasAuto - ok
02:24:38.0003 2632 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
02:24:38.0015 2632 Rasl2tp - ok
02:24:38.0036 2632 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
02:24:38.0048 2632 RasMan - ok
02:24:38.0068 2632 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
02:24:38.0080 2632 RasPppoe - ok
02:24:38.0091 2632 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
02:24:38.0098 2632 RasSstp - ok
02:24:38.0110 2632 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
02:24:38.0115 2632 rdbss - ok
02:24:38.0128 2632 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
02:24:38.0129 2632 rdpbus - ok
02:24:38.0148 2632 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
02:24:38.0149 2632 RDPCDD - ok
02:24:38.0184 2632 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
02:24:38.0193 2632 RDPENCDD - ok
02:24:38.0210 2632 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
02:24:38.0211 2632 RDPREFMP - ok
02:24:38.0248 2632 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
02:24:38.0251 2632 RDPWD - ok
02:24:38.0286 2632 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
02:24:38.0303 2632 rdyboost - ok
02:24:38.0331 2632 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
02:24:38.0333 2632 RemoteAccess - ok
02:24:38.0351 2632 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
02:24:38.0354 2632 RemoteRegistry - ok
02:24:38.0373 2632 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
02:24:38.0377 2632 RpcEptMapper - ok
02:24:38.0391 2632 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
02:24:38.0392 2632 RpcLocator - ok
02:24:38.0408 2632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
02:24:38.0414 2632 RpcSs - ok
02:24:38.0538 2632 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys
02:24:38.0763 2632 RRNetCap - ok
02:24:38.0817 2632 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys
02:24:38.0818 2632 RRNetCapMP - ok
02:24:38.0904 2632 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
02:24:38.0905 2632 rspndr - ok
02:24:38.0913 2632 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
02:24:38.0914 2632 SamSs - ok
02:24:38.0928 2632 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
02:24:38.0930 2632 sbp2port - ok
02:24:38.0949 2632 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
02:24:38.0953 2632 SCardSvr - ok
02:24:38.0964 2632 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
02:24:38.0965 2632 scfilter - ok
02:24:38.0989 2632 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
02:24:39.0000 2632 Schedule - ok
02:24:39.0021 2632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
02:24:39.0022 2632 SCPolicySvc - ok
02:24:39.0033 2632 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
02:24:39.0036 2632 SDRSVC - ok
02:24:39.0101 2632 [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
02:24:39.0102 2632 SeagateDashboardService - ok
02:24:39.0121 2632 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
02:24:39.0122 2632 secdrv - ok
02:24:39.0131 2632 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
02:24:39.0133 2632 seclogon - ok
02:24:39.0140 2632 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
02:24:39.0143 2632 SENS - ok
02:24:39.0158 2632 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
02:24:39.0160 2632 SensrSvc - ok
02:24:39.0174 2632 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
02:24:39.0176 2632 Serenum - ok
02:24:39.0189 2632 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
02:24:39.0214 2632 Serial - ok
02:24:39.0473 2632 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
02:24:39.0485 2632 sermouse - ok
02:24:39.0552 2632 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
02:24:39.0555 2632 SessionEnv - ok
02:24:39.0569 2632 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
02:24:39.0576 2632 sffdisk - ok
02:24:39.0606 2632 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
02:24:39.0616 2632 sffp_mmc - ok
02:24:39.0625 2632 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
02:24:39.0634 2632 sffp_sd - ok
02:24:39.0672 2632 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
02:24:39.0673 2632 sfloppy - ok
02:24:39.0703 2632 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
02:24:39.0709 2632 SharedAccess - ok
02:24:39.0730 2632 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
02:24:39.0741 2632 ShellHWDetection - ok
02:24:39.0777 2632 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
02:24:39.0788 2632 SiSRaid2 - ok
02:24:39.0805 2632 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
02:24:39.0807 2632 SiSRaid4 - ok
02:24:39.0846 2632 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
02:24:39.0848 2632 Smb - ok
02:24:39.0903 2632 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
02:24:39.0910 2632 SNMPTRAP - ok
02:24:39.0933 2632 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
02:24:39.0935 2632 spldr - ok
02:24:39.0977 2632 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
02:24:39.0984 2632 Spooler - ok
02:24:40.0054 2632 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
02:24:40.0094 2632 sppsvc - ok
02:24:40.0119 2632 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
02:24:40.0122 2632 sppuinotify - ok
02:24:40.0354 2632 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1309000.009\SRTSP64.SYS
02:24:40.0425 2632 SRTSP - ok
02:24:40.0450 2632 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1309000.009\SRTSPX64.SYS
02:24:40.0452 2632 SRTSPX - ok
02:24:40.0481 2632 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
02:24:40.0485 2632 srv - ok
02:24:40.0507 2632 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
02:24:40.0511 2632 srv2 - ok
02:24:40.0530 2632 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
02:24:40.0539 2632 srvnet - ok
02:24:40.0569 2632 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
02:24:40.0573 2632 SSDPSRV - ok
02:24:40.0583 2632 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
02:24:40.0586 2632 SstpSvc - ok
02:24:40.0659 2632 [ 4B1D0B5B6D043AAF45AE89EABAB7B865 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
02:24:40.0671 2632 STacSV - ok
02:24:40.0701 2632 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
02:24:40.0702 2632 stexstor - ok
02:24:40.0722 2632 [ 542BDF7E9256189ABBC68935FA8116A4 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
02:24:40.0727 2632 STHDA - ok
02:24:40.0751 2632 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
02:24:40.0757 2632 stisvc - ok
02:24:40.0779 2632 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
02:24:40.0780 2632 swenum - ok
02:24:40.0793 2632 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
02:24:40.0810 2632 swprv - ok
02:24:41.0065 2632 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1309000.009\SYMDS64.SYS
02:24:41.0070 2632 SymDS - ok
02:24:41.0110 2632 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1309000.009\SYMEFA64.SYS
02:24:41.0120 2632 SymEFA - ok
02:24:41.0137 2632 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
02:24:41.0140 2632 SymEvent - ok
02:24:41.0169 2632 [ B681D1B0F9596684225DCC9B94C6BACF ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys
02:24:41.0171 2632 SymIM - ok
02:24:41.0182 2632 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1309000.009\Ironx64.SYS
02:24:41.0185 2632 SymIRON - ok
02:24:41.0199 2632 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1309000.009\SYMNETS.SYS
02:24:41.0210 2632 SymNetS - ok
02:24:41.0276 2632 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
02:24:41.0291 2632 SysMain - ok
02:24:41.0303 2632 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
02:24:41.0306 2632 TabletInputService - ok
02:24:41.0321 2632 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
02:24:41.0326 2632 TapiSrv - ok
02:24:41.0364 2632 [ 93F0F5EF8A4CA261372DF98B31B2BD05 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
02:24:41.0365 2632 tbhsd - ok
02:24:41.0378 2632 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
02:24:41.0381 2632 TBS - ok
02:24:41.0443 2632 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
02:24:41.0458 2632 Tcpip - ok
02:24:41.0486 2632 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
02:24:41.0497 2632 TCPIP6 - ok
02:24:41.0701 2632 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
02:24:41.0702 2632 tcpipreg - ok
02:24:41.0719 2632 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
02:24:41.0720 2632 TDPIPE - ok
02:24:41.0733 2632 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
02:24:41.0735 2632 TDTCP - ok
02:24:41.0751 2632 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
02:24:41.0752 2632 tdx - ok
02:24:41.0774 2632 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
02:24:41.0776 2632 TermDD - ok
02:24:41.0798 2632 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
02:24:41.0805 2632 TermService - ok
02:24:41.0819 2632 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
02:24:41.0822 2632 Themes - ok
02:24:41.0837 2632 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
02:24:41.0840 2632 THREADORDER - ok
02:24:41.0855 2632 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
02:24:41.0859 2632 TrkWks - ok
02:24:41.0913 2632 [ 370A6907DDF79532A39319492B1FA38A ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
02:24:41.0916 2632 truecrypt - ok
02:24:41.0949 2632 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
02:24:41.0951 2632 TrustedInstaller - ok
02:24:41.0972 2632 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
02:24:41.0973 2632 tssecsrv - ok
02:24:42.0000 2632 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
02:24:42.0002 2632 TsUsbFlt - ok
02:24:42.0018 2632 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
02:24:42.0022 2632 TsUsbGD - ok
02:24:42.0041 2632 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
02:24:42.0043 2632 tunnel - ok
02:24:42.0071 2632 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
02:24:42.0073 2632 uagp35 - ok
02:24:42.0092 2632 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
02:24:42.0096 2632 udfs - ok
02:24:42.0112 2632 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
02:24:42.0115 2632 UI0Detect - ok
02:24:42.0130 2632 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
02:24:42.0131 2632 uliagpkx - ok
02:24:42.0153 2632 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
02:24:42.0155 2632 umbus - ok
02:24:42.0168 2632 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
02:24:42.0169 2632 UmPass - ok
02:24:42.0183 2632 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
02:24:42.0188 2632 upnphost - ok
02:24:42.0206 2632 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
02:24:42.0208 2632 usbccgp - ok
02:24:42.0224 2632 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
02:24:42.0226 2632 usbcir - ok
02:24:42.0241 2632 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
02:24:42.0243 2632 usbehci - ok
02:24:42.0257 2632 [ 87B0382F0713C8D70D4382806492E864 ] usbfilter C:\Windows\system32\drivers\usbfilter.sys
02:24:42.0258 2632 usbfilter - ok
02:24:42.0273 2632 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
02:24:42.0277 2632 usbhub - ok
02:24:42.0288 2632 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
02:24:42.0289 2632 usbohci - ok
02:24:42.0312 2632 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
02:24:42.0313 2632 usbprint - ok
02:24:42.0330 2632 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:24:42.0339 2632 USBSTOR - ok
02:24:42.0353 2632 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
02:24:42.0354 2632 usbuhci - ok
02:24:42.0368 2632 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
02:24:42.0371 2632 UxSms - ok
02:24:42.0379 2632 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
02:24:42.0381 2632 VaultSvc - ok
02:24:42.0405 2632 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
02:24:42.0407 2632 vdrvroot - ok
02:24:42.0420 2632 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
02:24:42.0430 2632 vds - ok
02:24:42.0441 2632 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
02:24:42.0443 2632 vga - ok
02:24:42.0460 2632 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
02:24:42.0461 2632 VgaSave - ok
02:24:42.0480 2632 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
02:24:42.0482 2632 vhdmp - ok
02:24:42.0509 2632 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
02:24:42.0511 2632 viaide - ok
02:24:42.0527 2632 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
02:24:42.0528 2632 volmgr - ok
02:24:42.0542 2632 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
02:24:42.0546 2632 volmgrx - ok
02:24:42.0559 2632 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
02:24:42.0562 2632 volsnap - ok
02:24:42.0582 2632 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
02:24:42.0584 2632 vsmraid - ok
02:24:42.0616 2632 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
02:24:42.0632 2632 VSS - ok
02:24:42.0649 2632 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
02:24:42.0651 2632 vwifibus - ok
02:24:42.0665 2632 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
02:24:42.0666 2632 vwififlt - ok
02:24:42.0688 2632 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
02:24:42.0693 2632 W32Time - ok
02:24:42.0711 2632 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
02:24:42.0719 2632 WacomPen - ok
02:24:42.0745 2632 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
02:24:42.0747 2632 WANARP - ok
02:24:42.0751 2632 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
02:24:42.0752 2632 Wanarpv6 - ok
02:24:42.0796 2632 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
02:24:42.0807 2632 WatAdminSvc - ok
02:24:42.0832 2632 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
02:24:42.0850 2632 wbengine - ok
02:24:42.0864 2632 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
02:24:42.0869 2632 WbioSrvc - ok
02:24:42.0891 2632 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
02:24:42.0896 2632 wcncsvc - ok
02:24:42.0907 2632 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
02:24:42.0910 2632 WcsPlugInService - ok
02:24:42.0922 2632 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
02:24:42.0923 2632 Wd - ok
02:24:42.0955 2632 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
02:24:42.0962 2632 Wdf01000 - ok
02:24:42.0982 2632 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
02:24:42.0985 2632 WdiServiceHost - ok
02:24:42.0989 2632 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
02:24:42.0992 2632 WdiSystemHost - ok
02:24:43.0004 2632 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
02:24:43.0008 2632 WebClient - ok
02:24:43.0019 2632 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
02:24:43.0023 2632 Wecsvc - ok
02:24:43.0029 2632 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
02:24:43.0031 2632 wercplsupport - ok
02:24:43.0043 2632 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
02:24:43.0046 2632 WerSvc - ok
02:24:43.0052 2632 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
02:24:43.0054 2632 WfpLwf - ok
02:24:43.0069 2632 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
02:24:43.0070 2632 WIMMount - ok
02:24:43.0085 2632 WinDefend - ok
02:24:43.0092 2632 WinHttpAutoProxySvc - ok
02:24:43.0452 2632 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
02:24:43.0456 2632 Winmgmt - ok
02:24:43.0498 2632 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
02:24:43.0515 2632 WinRM - ok
02:24:43.0589 2632 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
02:24:43.0590 2632 WinUsb - ok
02:24:43.0609 2632 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
02:24:43.0618 2632 Wlansvc - ok
02:24:43.0687 2632 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
02:24:43.0704 2632 wlcrasvc - ok
02:24:44.0274 2632 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:24:44.0292 2632 wlidsvc - ok
02:24:44.0382 2632 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
02:24:44.0384 2632 WmiAcpi - ok
02:24:44.0432 2632 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
02:24:44.0448 2632 wmiApSrv - ok
02:24:44.0550 2632 WMPNetworkSvc - ok
02:24:44.0648 2632 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
02:24:44.0662 2632 WPCSvc - ok
02:24:44.0695 2632 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
02:24:44.0717 2632 WPDBusEnum - ok
02:24:44.0763 2632 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
02:24:44.0775 2632 ws2ifsl - ok
02:24:44.0894 2632 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(1) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
02:24:44.0906 2632 WsAudio_DeviceS(1) - ok
02:24:44.0928 2632 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(2) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
02:24:44.0934 2632 WsAudio_DeviceS(2) - ok
02:24:44.0961 2632 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(3) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
02:24:44.0963 2632 WsAudio_DeviceS(3) - ok
02:24:44.0981 2632 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(4) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
02:24:44.0986 2632 WsAudio_DeviceS(4) - ok
02:24:45.0002 2632 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(5) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
02:24:45.0010 2632 WsAudio_DeviceS(5) - ok
02:24:45.0022 2632 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
02:24:45.0032 2632 wscsvc - ok
02:24:45.0037 2632 WSearch - ok
02:24:45.0133 2632 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
02:24:45.0178 2632 wuauserv - ok
02:24:45.0214 2632 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
02:24:45.0220 2632 WudfPf - ok
02:24:45.0309 2632 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
02:24:45.0315 2632 WUDFRd - ok
02:24:45.0344 2632 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
02:24:45.0351 2632 wudfsvc - ok
02:24:45.0461 2632 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
02:24:45.0511 2632 WwanSvc - ok
02:24:45.0823 2632 ================ Scan global ===============================
02:24:45.0881 2632 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
02:24:46.0046 2632 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
02:24:46.0113 2632 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
02:24:46.0468 2632 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
02:24:46.0526 2632 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
02:24:46.0547 2632 [Global] - ok
02:24:46.0547 2632 ================ Scan MBR ==================================
02:24:46.0585 2632 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
02:24:47.0629 2632 \Device\Harddisk0\DR0 - ok
02:24:47.0646 2632 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
02:24:47.0650 2632 \Device\Harddisk5\DR5 - ok
02:24:47.0650 2632 ================ Scan VBR ==================================
02:24:47.0659 2632 [ F32147B7DD2E0692859A74003E1838C0 ] \Device\Harddisk0\DR0\Partition1
02:24:47.0660 2632 \Device\Harddisk0\DR0\Partition1 - ok
02:24:47.0679 2632 [ 3FB5612208B6D8F711D5CCD0C8B275FA ] \Device\Harddisk0\DR0\Partition2
02:24:47.0681 2632 \Device\Harddisk0\DR0\Partition2 - ok
02:24:47.0717 2632 [ 39AAFCF2545FE5B47B6DF491F9BEC942 ] \Device\Harddisk0\DR0\Partition3
02:24:47.0740 2632 \Device\Harddisk0\DR0\Partition3 - ok
02:24:47.0742 2632 [ 589B118361E69870059157E4ADF7E3CA ] \Device\Harddisk5\DR5\Partition1
02:24:47.0745 2632 \Device\Harddisk5\DR5\Partition1 - ok
02:24:47.0748 2632 ============================================================
02:24:47.0748 2632 Scan finished
02:24:47.0748 2632 ============================================================
02:24:47.0756 1104 Detected object count: 0
02:24:47.0756 1104 Actual detected object count: 0
02:29:58.0069 5788 ============================================================
02:29:58.0069 5788 Scan started
02:29:58.0069 5788 Mode: Manual;
02:29:58.0069 5788 ============================================================
02:29:59.0120 5788 ================ Scan system memory ========================
02:29:59.0120 5788 System memory - ok
02:29:59.0121 5788 ================ Scan services =============================
02:29:59.0532 5788 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
02:29:59.0534 5788 1394ohci - ok
02:29:59.0565 5788 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
02:29:59.0567 5788 ACPI - ok
02:29:59.0583 5788 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
02:29:59.0583 5788 AcpiPmi - ok
02:29:59.0676 5788 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:29:59.0676 5788 AdobeARMservice - ok
02:30:00.0240 5788 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
02:30:00.0242 5788 AdobeFlashPlayerUpdateSvc - ok
02:30:00.0269 5788 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
02:30:00.0272 5788 adp94xx - ok
02:30:00.0289 5788 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
02:30:00.0291 5788 adpahci - ok
02:30:00.0305 5788 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
02:30:00.0306 5788 adpu320 - ok
02:30:00.0328 5788 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
02:30:00.0329 5788 AeLookupSvc - ok
02:30:00.0362 5788 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
02:30:00.0365 5788 AFD - ok
02:30:00.0387 5788 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
02:30:00.0387 5788 agp440 - ok
02:30:00.0403 5788 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
02:30:00.0404 5788 ALG - ok
02:30:00.0420 5788 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
02:30:00.0420 5788 aliide - ok
02:30:00.0453 5788 [ BA7DEAEF1066F1FD31FD1D719FC98204 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
02:30:00.0455 5788 AMD External Events Utility - ok
02:30:00.0477 5788 [ 2EF1BA6D5DC79FCE5E9216C8C2D3F193 ] amdhub30 C:\Windows\system32\drivers\amdhub30.sys
02:30:00.0478 5788 amdhub30 - ok
02:30:00.0614 5788 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
02:30:00.0615 5788 amdide - ok
02:30:00.0642 5788 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
02:30:00.0643 5788 AmdK8 - ok
02:30:00.0888 5788 [ 0DB247E7D8EE52176E4FCCF00911608D ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
02:30:00.0941 5788 amdkmdag - ok
02:30:00.0962 5788 [ FC57F1D151DA79BABD7E790E621BA525 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
02:30:00.0964 5788 amdkmdap - ok
02:30:00.0977 5788 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
02:30:00.0978 5788 AmdPPM - ok
02:30:01.0015 5788 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
02:30:01.0015 5788 amdsata - ok
02:30:01.0036 5788 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
02:30:01.0037 5788 amdsbs - ok
02:30:01.0053 5788 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
02:30:01.0053 5788 amdxata - ok
02:30:01.0078 5788 [ 541A6C49C792ED71FB3EFF8C815CFE60 ] amdxhc C:\Windows\system32\drivers\amdxhc.sys
02:30:01.0079 5788 amdxhc - ok
02:30:01.0099 5788 [ A1434F35B7B171CB697D74D33F7D029F ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
02:30:01.0100 5788 amd_sata - ok
02:30:01.0118 5788 [ E9B5A82FA268BB2D1B012030D5F4E096 ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
02:30:01.0119 5788 amd_xata - ok
02:30:01.0136 5788 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
02:30:01.0136 5788 AppID - ok
02:30:01.0161 5788 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
02:30:01.0161 5788 AppIDSvc - ok
02:30:01.0177 5788 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
02:30:01.0177 5788 Appinfo - ok
02:30:01.0459 5788 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
02:30:01.0460 5788 Apple Mobile Device - ok
02:30:01.0508 5788 [ 2C349460E40EF6B9604D774AAF367730 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
02:30:01.0513 5788 Application Updater - ok
02:30:01.0536 5788 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
02:30:01.0537 5788 arc - ok
02:30:01.0578 5788 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
02:30:01.0578 5788 arcsas - ok
02:30:01.0696 5788 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
02:30:01.0697 5788 aspnet_state - ok
02:30:01.0723 5788 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
02:30:01.0724 5788 AsyncMac - ok
02:30:01.0754 5788 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
02:30:01.0755 5788 atapi - ok
02:30:01.0793 5788 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
02:30:01.0799 5788 AudioEndpointBuilder - ok
02:30:01.0809 5788 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
02:30:01.0814 5788 AudioSrv - ok
02:30:01.0830 5788 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
02:30:01.0831 5788 AxInstSV - ok
02:30:01.0846 5788 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
02:30:01.0849 5788 b06bdrv - ok
02:30:01.0863 5788 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
02:30:01.0865 5788 b57nd60a - ok
02:30:01.0909 5788 [ 28A4012E68BC9597BCB9B26B51AAC4B6 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
02:30:01.0910 5788 BBSvc - ok
02:30:01.0935 5788 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
02:30:01.0936 5788 BBUpdate - ok
02:30:01.0948 5788 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
02:30:01.0949 5788 BDESVC - ok
02:30:01.0971 5788 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
02:30:01.0971 5788 Beep - ok
02:30:02.0001 5788 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
02:30:02.0005 5788 BFE - ok
02:30:02.0174 5788 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20121130.005\BHDrvx64.sys
02:30:02.0181 5788 BHDrvx64 - ok
02:30:02.0227 5788 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
02:30:02.0232 5788 BITS - ok
02:30:02.0457 5788 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
02:30:02.0458 5788 blbdrive - ok
02:30:02.0526 5788 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
02:30:02.0530 5788 Bonjour Service - ok
02:30:02.0557 5788 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
02:30:02.0558 5788 bowser - ok
02:30:02.0594 5788 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
02:30:02.0595 5788 BrFiltLo - ok
02:30:02.0612 5788 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
02:30:02.0612 5788 BrFiltUp - ok
02:30:02.0652 5788 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
02:30:02.0654 5788 Browser - ok
02:30:02.0680 5788 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
02:30:02.0682 5788 Brserid - ok
02:30:02.0692 5788 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
02:30:02.0693 5788 BrSerWdm - ok
02:30:02.0708 5788 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
02:30:02.0709 5788 BrUsbMdm - ok
02:30:02.0728 5788 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
02:30:02.0729 5788 BrUsbSer - ok
02:30:02.0744 5788 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
02:30:02.0745 5788 BTHMODEM - ok
02:30:02.0775 5788 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
02:30:02.0775 5788 bthserv - ok
02:30:02.0872 5788 [ A3AD13CA2747953DDD4C9AE4FB925BEC ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
02:30:02.0872 5788 CalendarSynchService - ok
02:30:02.0940 5788 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1309000.009\ccSetx64.sys
02:30:02.0941 5788 ccSet_NIS - ok
02:30:02.0963 5788 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
02:30:02.0963 5788 cdfs - ok
02:30:02.0983 5788 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
02:30:02.0984 5788 cdrom - ok
02:30:02.0995 5788 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
02:30:03.0003 5788 CertPropSvc - ok
02:30:03.0027 5788 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
02:30:03.0037 5788 circlass - ok
02:30:03.0063 5788 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
02:30:03.0065 5788 CLFS - ok
02:30:03.0138 5788 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:30:03.0139 5788 clr_optimization_v2.0.50727_32 - ok
02:30:03.0173 5788 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:30:03.0175 5788 clr_optimization_v2.0.50727_64 - ok
02:30:03.0232 5788 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:30:03.0241 5788 clr_optimization_v4.0.30319_32 - ok
02:30:03.0265 5788 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:30:03.0272 5788 clr_optimization_v4.0.30319_64 - ok
02:30:03.0308 5788 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
02:30:03.0309 5788 CmBatt - ok
02:30:03.0338 5788 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
02:30:03.0339 5788 cmdide - ok
02:30:03.0382 5788 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
02:30:03.0391 5788 CNG - ok
02:30:03.0421 5788 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
02:30:03.0432 5788 Compbatt - ok
02:30:03.0456 5788 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
02:30:03.0489 5788 CompositeBus - ok
02:30:03.0495 5788 COMSysApp - ok
02:30:03.0724 5788 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
02:30:03.0734 5788 crcdisk - ok
02:30:03.0788 5788 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
02:30:03.0790 5788 CryptSvc - ok
02:30:03.0823 5788 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
02:30:03.0831 5788 DcomLaunch - ok
02:30:03.0869 5788 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
02:30:03.0877 5788 defragsvc - ok
02:30:03.0885 5788 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
02:30:03.0893 5788 DfsC - ok
02:30:03.0920 5788 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
02:30:03.0922 5788 Dhcp - ok
02:30:03.0938 5788 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
02:30:03.0939 5788 discache - ok
02:30:03.0953 5788 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
02:30:03.0966 5788 Disk - ok
02:30:03.0984 5788 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
02:30:03.0997 5788 Dnscache - ok
02:30:04.0018 5788 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
02:30:04.0025 5788 dot3svc - ok
02:30:04.0050 5788 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
02:30:04.0051 5788 DPS - ok
02:30:04.0068 5788 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
02:30:04.0076 5788 drmkaud - ok
02:30:04.0103 5788 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
02:30:04.0112 5788 DXGKrnl - ok
02:30:04.0124 5788 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
02:30:04.0125 5788 EapHost - ok
02:30:04.0200 5788 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
02:30:04.0235 5788 ebdrv - ok
02:30:04.0269 5788 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
02:30:04.0278 5788 eeCtrl - ok
02:30:04.0311 5788 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
02:30:04.0313 5788 EFS - ok
02:30:04.0347 5788 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
02:30:04.0360 5788 ehRecvr - ok
02:30:04.0376 5788 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
02:30:04.0383 5788 ehSched - ok
02:30:04.0419 5788 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
02:30:04.0427 5788 elxstor - ok
02:30:04.0455 5788 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
02:30:04.0463 5788 EraserUtilRebootDrv - ok
02:30:04.0478 5788 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
02:30:04.0479 5788 ErrDev - ok
02:30:04.0499 5788 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
02:30:04.0533 5788 EventSystem - ok
02:30:04.0775 5788 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
02:30:04.0779 5788 exfat - ok
02:30:04.0794 5788 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
02:30:04.0804 5788 fastfat - ok
02:30:04.0841 5788 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
02:30:04.0845 5788 Fax - ok
02:30:04.0859 5788 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
02:30:04.0868 5788 fdc - ok
02:30:04.0904 5788 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
02:30:04.0904 5788 fdPHost - ok
02:30:04.0921 5788 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
02:30:04.0922 5788 FDResPub - ok
02:30:04.0937 5788 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
02:30:04.0949 5788 FileInfo - ok
02:30:04.0963 5788 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
02:30:04.0972 5788 Filetrace - ok
02:30:04.0981 5788 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
02:30:04.0985 5788 flpydisk - ok
02:30:05.0018 5788 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
02:30:05.0024 5788 FltMgr - ok
02:30:05.0079 5788 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
02:30:05.0086 5788 FontCache - ok
02:30:05.0174 5788 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:30:05.0177 5788 FontCache3.0.0.0 - ok
02:30:05.0281 5788 [ D40B85303BCFF96A717392B06FB015C4 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
02:30:05.0282 5788 Freemake Improver - ok
02:30:05.0330 5788 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
02:30:05.0332 5788 FsDepends - ok
02:30:05.0383 5788 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
02:30:05.0393 5788 Fs_Rec - ok
02:30:05.0415 5788 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
02:30:05.0424 5788 fvevol - ok
02:30:05.0571 5788 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
02:30:05.0576 5788 gagp30kx - ok
02:30:05.0640 5788 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
02:30:05.0652 5788 GamesAppService - ok
02:30:05.0688 5788 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
02:30:05.0689 5788 GEARAspiWDM - ok
02:30:05.0731 5788 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
02:30:05.0737 5788 gpsvc - ok
02:30:05.0757 5788 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
02:30:05.0782 5788 hcw85cir - ok
02:30:06.0018 5788 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
02:30:06.0025 5788 HdAudAddService - ok
02:30:06.0049 5788 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
02:30:06.0056 5788 HDAudBus - ok
02:30:06.0074 5788 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
02:30:06.0080 5788 HidBatt - ok
02:30:06.0097 5788 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
02:30:06.0098 5788 HidBth - ok
02:30:06.0115 5788 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
02:30:06.0123 5788 HidIr - ok
02:30:06.0152 5788 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
02:30:06.0153 5788 hidserv - ok
02:30:06.0176 5788 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
02:30:06.0182 5788 HidUsb - ok
02:30:06.0207 5788 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
02:30:06.0208 5788 hkmsvc - ok
02:30:06.0227 5788 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
02:30:06.0229 5788 HomeGroupListener - ok
02:30:06.0249 5788 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
02:30:06.0251 5788 HomeGroupProvider - ok
02:30:06.0310 5788 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
02:30:06.0314 5788 HP Support Assistant Service - ok
02:30:06.0375 5788 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
02:30:06.0382 5788 HPAuto - ok
02:30:06.0414 5788 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
02:30:06.0426 5788 HPClientSvc - ok
02:30:06.0480 5788 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
02:30:06.0488 5788 hpqwmiex - ok
02:30:06.0498 5788 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
02:30:06.0499 5788 HpSAMD - ok
02:30:06.0525 5788 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
02:30:06.0531 5788 HTTP - ok
02:30:06.0543 5788 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
02:30:06.0553 5788 hwpolicy - ok
02:30:06.0570 5788 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
02:30:06.0571 5788 i8042prt - ok
02:30:06.0593 5788 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
02:30:06.0597 5788 iaStorV - ok
02:30:06.0642 5788 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:30:06.0653 5788 idsvc - ok
02:30:06.0712 5788 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121214.001\IDSvia64.sys
02:30:06.0723 5788 IDSVia64 - ok
02:30:06.0870 5788 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
02:30:07.0173 5788 igfx - ok
02:30:07.0206 5788 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
02:30:07.0208 5788 iirsp - ok
02:30:07.0242 5788 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
02:30:07.0253 5788 IKEEXT - ok
02:30:07.0290 5788 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
02:30:07.0301 5788 intelide - ok
02:30:07.0318 5788 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
02:30:07.0322 5788 intelppm - ok
02:30:07.0356 5788 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
02:30:07.0365 5788 IPBusEnum - ok
02:30:07.0389 5788 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:30:07.0392 5788 IpFilterDriver - ok
02:30:07.0437 5788 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
02:30:07.0442 5788 iphlpsvc - ok
02:30:07.0465 5788 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
02:30:07.0472 5788 IPMIDRV - ok
02:30:07.0482 5788 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
02:30:07.0484 5788 IPNAT - ok
02:30:07.0567 5788 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
02:30:07.0576 5788 iPod Service - ok
02:30:07.0584 5788 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
02:30:07.0591 5788 IRENUM - ok
02:30:07.0635 5788 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
02:30:07.0644 5788 isapnp - ok
02:30:07.0678 5788 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
02:30:07.0684 5788 iScsiPrt - ok
02:30:07.0716 5788 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
02:30:07.0726 5788 kbdclass - ok
02:30:07.0764 5788 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
02:30:07.0766 5788 kbdhid - ok
02:30:07.0778 5788 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
02:30:07.0779 5788 KeyIso - ok
02:30:07.0819 5788 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
02:30:07.0821 5788 KSecDD - ok
02:30:07.0844 5788 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
02:30:07.0855 5788 KSecPkg - ok
02:30:07.0889 5788 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
02:30:07.0898 5788 ksthunk - ok
02:30:07.0924 5788 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
02:30:07.0934 5788 KtmRm - ok
02:30:07.0982 5788 [ BD56BAE4403497E31727096CEBC42956 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
02:30:07.0989 5788 L1C - ok
02:30:08.0028 5788 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
02:30:08.0031 5788 LanmanServer - ok
02:30:08.0043 5788 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
02:30:08.0056 5788 LanmanWorkstation - ok
02:30:08.0074 5788 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
02:30:08.0108 5788 lltdio - ok
02:30:08.0359 5788 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
02:30:08.0368 5788 lltdsvc - ok
02:30:08.0388 5788 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
02:30:08.0389 5788 lmhosts - ok
02:30:08.0424 5788 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
02:30:08.0429 5788 LSI_FC - ok
02:30:08.0445 5788 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
02:30:08.0452 5788 LSI_SAS - ok
02:30:08.0468 5788 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
02:30:08.0470 5788 LSI_SAS2 - ok
02:30:08.0483 5788 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
02:30:08.0496 5788 LSI_SCSI - ok
02:30:08.0516 5788 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
02:30:08.0522 5788 luafv - ok
02:30:08.0548 5788 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
02:30:08.0554 5788 Mcx2Svc - ok
02:30:08.0616 5788 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
02:30:08.0625 5788 megasas - ok
02:30:08.0640 5788 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
02:30:08.0644 5788 MegaSR - ok
02:30:08.0657 5788 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
02:30:08.0658 5788 MMCSS - ok
02:30:08.0667 5788 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
02:30:08.0669 5788 Modem - ok
02:30:08.0696 5788 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
02:30:08.0709 5788 monitor - ok
02:30:08.0730 5788 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
02:30:08.0743 5788 mouclass - ok
02:30:08.0766 5788 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
02:30:08.0776 5788 mouhid - ok
02:30:08.0790 5788 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
02:30:08.0791 5788 mountmgr - ok
02:30:08.0844 5788 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
02:30:08.0850 5788 MozillaMaintenance - ok
02:30:08.0862 5788 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
02:30:08.0873 5788 mpio - ok
02:30:08.0906 5788 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
02:30:08.0918 5788 mpsdrv - ok
02:30:08.0946 5788 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
02:30:08.0957 5788 MpsSvc - ok
02:30:08.0969 5788 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
02:30:08.0973 5788 MRxDAV - ok
02:30:09.0000 5788 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
02:30:09.0003 5788 mrxsmb - ok
02:30:09.0028 5788 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:30:09.0037 5788 mrxsmb10 - ok
02:30:09.0048 5788 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:30:09.0049 5788 mrxsmb20 - ok
02:30:09.0076 5788 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
02:30:09.0081 5788 msahci - ok
02:30:09.0098 5788 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
02:30:09.0110 5788 msdsm - ok
02:30:09.0124 5788 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
02:30:09.0134 5788 MSDTC - ok
02:30:09.0153 5788 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
02:30:09.0165 5788 Msfs - ok
02:30:09.0187 5788 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
02:30:09.0220 5788 mshidkmdf - ok
02:30:09.0469 5788 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
02:30:09.0477 5788 msisadrv - ok
02:30:09.0503 5788 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
02:30:09.0507 5788 MSiSCSI - ok
02:30:09.0510 5788 msiserver - ok
02:30:09.0527 5788 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
02:30:09.0529 5788 MSKSSRV - ok
02:30:09.0583 5788 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
02:30:09.0588 5788 MSPCLOCK - ok
02:30:09.0620 5788 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
02:30:09.0621 5788 MSPQM - ok
02:30:09.0633 5788 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
02:30:09.0636 5788 MsRPC - ok
02:30:09.0653 5788 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
02:30:09.0654 5788 mssmbios - ok
02:30:09.0664 5788 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
02:30:09.0665 5788 MSTEE - ok
02:30:09.0673 5788 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
02:30:09.0674 5788 MTConfig - ok
02:30:09.0683 5788 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
02:30:09.0685 5788 Mup - ok
02:30:09.0714 5788 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
02:30:09.0718 5788 napagent - ok
02:30:09.0730 5788 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
02:30:09.0733 5788 NativeWifiP - ok
02:30:09.0792 5788 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121216.007\ENG64.SYS
02:30:09.0794 5788 NAVENG - ok
02:30:09.0853 5788 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121216.007\EX64.SYS
02:30:09.0869 5788 NAVEX15 - ok
02:30:09.0899 5788 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
02:30:09.0906 5788 NDIS - ok
02:30:09.0921 5788 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
02:30:09.0922 5788 NdisCap - ok
02:30:09.0937 5788 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
02:30:09.0938 5788 NdisTapi - ok
02:30:09.0944 5788 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
02:30:09.0945 5788 Ndisuio - ok
02:30:09.0955 5788 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
02:30:09.0957 5788 NdisWan - ok
02:30:09.0968 5788 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
02:30:09.0970 5788 NDProxy - ok
02:30:09.0981 5788 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
02:30:09.0982 5788 NetBIOS - ok
02:30:09.0996 5788 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
02:30:09.0999 5788 NetBT - ok
02:30:10.0012 5788 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
02:30:10.0013 5788 Netlogon - ok
02:30:10.0033 5788 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
02:30:10.0037 5788 Netman - ok
02:30:10.0049 5788 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:30:10.0051 5788 NetMsmqActivator - ok
02:30:10.0055 5788 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:30:10.0056 5788 NetPipeActivator - ok
02:30:10.0076 5788 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
02:30:10.0081 5788 netprofm - ok
02:30:10.0120 5788 [ 570813483F26B5C8D984BCA5BB70B50D ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
02:30:10.0133 5788 netr28x - ok
02:30:10.0137 5788 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:30:10.0138 5788 NetTcpActivator - ok
02:30:10.0142 5788 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:30:10.0143 5788 NetTcpPortSharing - ok
02:30:10.0157 5788 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
02:30:10.0158 5788 nfrd960 - ok
02:30:10.0189 5788 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
02:30:10.0191 5788 NIS - ok
02:30:10.0200 5788 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
02:30:10.0204 5788 NlaSvc - ok
02:30:10.0217 5788 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
02:30:10.0218 5788 Npfs - ok
02:30:10.0231 5788 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
02:30:10.0232 5788 nsi - ok
02:30:10.0243 5788 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
02:30:10.0244 5788 nsiproxy - ok
02:30:10.0288 5788 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
02:30:10.0300 5788 Ntfs - ok
02:30:10.0304 5788 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
02:30:10.0305 5788 Null - ok
02:30:10.0316 5788 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
02:30:10.0318 5788 nvraid - ok
02:30:10.0332 5788 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
02:30:10.0334 5788 nvstor - ok
02:30:10.0354 5788 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
02:30:10.0356 5788 nv_agp - ok
02:30:10.0671 5788 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
02:30:10.0675 5788 odserv - ok
02:30:10.0703 5788 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
02:30:10.0710 5788 ohci1394 - ok
02:30:10.0743 5788 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:30:10.0757 5788 ose - ok
02:30:10.0785 5788 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
02:30:10.0789 5788 p2pimsvc - ok
02:30:10.0808 5788 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
02:30:10.0813 5788 p2psvc - ok
02:30:10.0824 5788 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
02:30:10.0826 5788 Parport - ok
02:30:10.0843 5788 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
02:30:10.0844 5788 partmgr - ok
02:30:10.0859 5788 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
02:30:10.0861 5788 PcaSvc - ok
02:30:10.0873 5788 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
02:30:10.0876 5788 pci - ok
02:30:10.0883 5788 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
02:30:10.0884 5788 pciide - ok
02:30:10.0901 5788 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
02:30:10.0904 5788 pcmcia - ok
02:30:10.0913 5788 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
02:30:10.0914 5788 pcw - ok
02:30:10.0933 5788 pdfcDispatcher - ok
02:30:10.0953 5788 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
02:30:10.0959 5788 PEAUTH - ok
02:30:11.0013 5788 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
02:30:11.0014 5788 PerfHost - ok
02:30:11.0045 5788 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
02:30:11.0057 5788 pla - ok
02:30:11.0075 5788 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
02:30:11.0079 5788 PlugPlay - ok
02:30:11.0091 5788 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
02:30:11.0094 5788 PNRPAutoReg - ok
02:30:11.0099 5788 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
02:30:11.0102 5788 PNRPsvc - ok
02:30:11.0125 5788 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
02:30:11.0128 5788 PolicyAgent - ok
02:30:11.0150 5788 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
02:30:11.0152 5788 Power - ok
02:30:11.0166 5788 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
02:30:11.0167 5788 PptpMiniport - ok
02:30:11.0181 5788 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
02:30:11.0183 5788 Processor - ok
02:30:11.0192 5788 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
02:30:11.0195 5788 ProfSvc - ok
02:30:11.0203 5788 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
02:30:11.0204 5788 ProtectedStorage - ok
02:30:11.0218 5788 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
02:30:11.0219 5788 Psched - ok
02:30:11.0255 5788 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
02:30:11.0267 5788 ql2300 - ok
02:30:11.0279 5788 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
02:30:11.0281 5788 ql40xx - ok
02:30:11.0300 5788 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
02:30:11.0303 5788 QWAVE - ok
02:30:11.0310 5788 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
02:30:11.0311 5788 QWAVEdrv - ok
02:30:11.0320 5788 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
02:30:11.0321 5788 RasAcd - ok
02:30:11.0332 5788 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
02:30:11.0333 5788 RasAgileVpn - ok
02:30:11.0340 5788 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
02:30:11.0343 5788 RasAuto - ok
02:30:11.0351 5788 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
02:30:11.0353 5788 Rasl2tp - ok
02:30:11.0367 5788 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
02:30:11.0371 5788 RasMan - ok
02:30:11.0383 5788 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
02:30:11.0384 5788 RasPppoe - ok
02:30:11.0397 5788 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
02:30:11.0398 5788 RasSstp - ok
02:30:11.0408 5788 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
02:30:11.0411 5788 rdbss - ok
02:30:11.0426 5788 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
02:30:11.0440 5788 rdpbus - ok
02:30:11.0471 5788 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
02:30:11.0473 5788 RDPCDD - ok
02:30:11.0508 5788 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
02:30:11.0533 5788 RDPENCDD - ok
02:30:11.0750 5788 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
02:30:11.0752 5788 RDPREFMP - ok
02:30:11.0788 5788 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
02:30:11.0803 5788 RDPWD - ok
02:30:11.0826 5788 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
02:30:11.0828 5788 rdyboost - ok
02:30:11.0862 5788 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
02:30:11.0870 5788 RemoteAccess - ok
02:30:11.0890 5788 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
02:30:11.0893 5788 RemoteRegistry - ok
02:30:11.0904 5788 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
02:30:11.0912 5788 RpcEptMapper - ok
02:30:11.0922 5788 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
02:30:11.0930 5788 RpcLocator - ok
02:30:11.0948 5788 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
02:30:11.0952 5788 RpcSs - ok
02:30:11.0977 5788 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys
02:30:11.0979 5788 RRNetCap - ok
02:30:11.0981 5788 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys
02:30:11.0982 5788 RRNetCapMP - ok
02:30:12.0010 5788 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
02:30:12.0012 5788 rspndr - ok
02:30:12.0020 5788 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
02:30:12.0021 5788 SamSs - ok
02:30:12.0034 5788 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
02:30:12.0041 5788 sbp2port - ok
02:30:12.0056 5788 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
02:30:12.0063 5788 SCardSvr - ok
02:30:12.0079 5788 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
02:30:12.0084 5788 scfilter - ok
02:30:12.0120 5788 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
02:30:12.0134 5788 Schedule - ok
02:30:12.0178 5788 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
02:30:12.0178 5788 SCPolicySvc - ok
02:30:12.0222 5788 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
02:30:12.0229 5788 SDRSVC - ok
02:30:12.0291 5788 [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
02:30:12.0291 5788 SeagateDashboardService - ok
02:30:12.0311 5788 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
02:30:12.0318 5788 secdrv - ok
02:30:12.0329 5788 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
02:30:12.0334 5788 seclogon - ok
02:30:12.0347 5788 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
02:30:12.0354 5788 SENS - ok
02:30:12.0365 5788 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
02:30:12.0376 5788 SensrSvc - ok
02:30:12.0389 5788 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
02:30:12.0399 5788 Serenum - ok
02:30:12.0412 5788 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
02:30:12.0423 5788 Serial - ok
02:30:12.0438 5788 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
02:30:12.0439 5788 sermouse - ok
02:30:12.0459 5788 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
02:30:12.0461 5788 SessionEnv - ok
02:30:12.0484 5788 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
02:30:12.0485 5788 sffdisk - ok
02:30:12.0504 5788 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
02:30:12.0509 5788 sffp_mmc - ok
02:30:12.0525 5788 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
02:30:12.0526 5788 sffp_sd - ok
02:30:12.0545 5788 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
02:30:12.0549 5788 sfloppy - ok
02:30:12.0593 5788 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
02:30:12.0606 5788 SharedAccess - ok
02:30:12.0620 5788 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
02:30:12.0633 5788 ShellHWDetection - ok
02:30:12.0659 5788 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
02:30:12.0670 5788 SiSRaid2 - ok
02:30:12.0912 5788 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
02:30:12.0918 5788 SiSRaid4 - ok
02:30:12.0952 5788 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
02:30:12.0959 5788 Smb - ok
02:30:12.0993 5788 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
02:30:13.0003 5788 SNMPTRAP - ok
02:30:13.0032 5788 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
02:30:13.0033 5788 spldr - ok
02:30:13.0059 5788 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
02:30:13.0066 5788 Spooler - ok
02:30:13.0140 5788 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
02:30:13.0184 5788 sppsvc - ok
02:30:13.0200 5788 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
02:30:13.0215 5788 sppuinotify - ok
02:30:13.0277 5788 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1309000.009\SRTSP64.SYS
02:30:13.0291 5788 SRTSP - ok
02:30:13.0307 5788 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1309000.009\SRTSPX64.SYS
02:30:13.0309 5788 SRTSPX - ok
02:30:13.0338 5788 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
02:30:13.0351 5788 srv - ok
02:30:13.0371 5788 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
02:30:13.0380 5788 srv2 - ok
02:30:13.0395 5788 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
02:30:13.0406 5788 srvnet - ok
02:30:13.0427 5788 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
02:30:13.0452 5788 SSDPSRV - ok
02:30:13.0489 5788 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
02:30:13.0502 5788 SstpSvc - ok
02:30:13.0582 5788 [ 4B1D0B5B6D043AAF45AE89EABAB7B865 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
02:30:13.0592 5788 STacSV - ok
02:30:13.0641 5788 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
02:30:13.0646 5788 stexstor - ok
02:30:13.0703 5788 [ 542BDF7E9256189ABBC68935FA8116A4 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
02:30:13.0719 5788 STHDA - ok
02:30:13.0741 5788 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
02:30:13.0749 5788 stisvc - ok
02:30:13.0777 5788 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
02:30:13.0783 5788 swenum - ok
02:30:13.0825 5788 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
02:30:14.0054 5788 swprv - ok
02:30:14.0089 5788 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1309000.009\SYMDS64.SYS
02:30:14.0102 5788 SymDS - ok
02:30:14.0157 5788 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1309000.009\SYMEFA64.SYS
02:30:14.0175 5788 SymEFA - ok
02:30:14.0210 5788 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
02:30:14.0212 5788 SymEvent - ok
02:30:14.0242 5788 [ B681D1B0F9596684225DCC9B94C6BACF ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys
02:30:14.0250 5788 SymIM - ok
02:30:14.0264 5788 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1309000.009\Ironx64.SYS
02:30:14.0266 5788 SymIRON - ok
02:30:14.0281 5788 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1309000.009\SYMNETS.SYS
02:30:14.0290 5788 SymNetS - ok
02:30:14.0340 5788 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
02:30:14.0357 5788 SysMain - ok
02:30:14.0376 5788 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
02:30:14.0384 5788 TabletInputService - ok
02:30:14.0402 5788 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
02:30:14.0409 5788 TapiSrv - ok
02:30:14.0454 5788 [ 93F0F5EF8A4CA261372DF98B31B2BD05 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
02:30:14.0464 5788 tbhsd - ok
02:30:14.0476 5788 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
02:30:14.0484 5788 TBS - ok
02:30:14.0584 5788 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
02:30:14.0606 5788 Tcpip - ok
02:30:14.0629 5788 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
02:30:14.0639 5788 TCPIP6 - ok
02:30:14.0674 5788 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
02:30:14.0686 5788 tcpipreg - ok
02:30:14.0726 5788 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
02:30:14.0733 5788 TDPIPE - ok
02:30:14.0757 5788 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
02:30:14.0761 5788 TDTCP - ok
02:30:14.0782 5788 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
02:30:14.0794 5788 tdx - ok
02:30:14.0839 5788 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
02:30:14.0840 5788 TermDD - ok
02:30:14.0863 5788 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
02:30:14.0876 5788 TermService - ok
02:30:14.0909 5788 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
02:30:14.0918 5788 Themes - ok
02:30:14.0949 5788 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
02:30:14.0950 5788 THREADORDER - ok
02:30:15.0187 5788 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
02:30:15.0196 5788 TrkWks - ok
02:30:15.0244 5788 [ 370A6907DDF79532A39319492B1FA38A ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
02:30:15.0256 5788 truecrypt - ok
02:30:15.0338 5788 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
02:30:15.0341 5788 TrustedInstaller - ok
02:30:15.0362 5788 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
02:30:15.0367 5788 tssecsrv - ok
02:30:15.0382 5788 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
02:30:15.0387 5788 TsUsbFlt - ok
02:30:15.0399 5788 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
02:30:15.0407 5788 TsUsbGD - ok
02:30:15.0430 5788 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
02:30:15.0433 5788 tunnel - ok
02:30:15.0486 5788 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
02:30:15.0488 5788 uagp35 - ok
02:30:15.0516 5788 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
02:30:15.0522 5788 udfs - ok
02:30:15.0569 5788 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
02:30:15.0579 5788 UI0Detect - ok
02:30:15.0595 5788 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
02:30:15.0599 5788 uliagpkx - ok
02:30:15.0618 5788 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
02:30:15.0625 5788 umbus - ok
02:30:15.0633 5788 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
02:30:15.0640 5788 UmPass - ok
02:30:15.0665 5788 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
02:30:15.0671 5788 upnphost - ok
02:30:15.0704 5788 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
02:30:15.0706 5788 usbccgp - ok
02:30:15.0722 5788 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
02:30:15.0724 5788 usbcir - ok
02:30:15.0739 5788 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
02:30:15.0741 5788 usbehci - ok
02:30:15.0755 5788 [ 87B0382F0713C8D70D4382806492E864 ] usbfilter C:\Windows\system32\drivers\usbfilter.sys
02:30:15.0764 5788 usbfilter - ok
02:30:15.0780 5788 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
02:30:15.0786 5788 usbhub - ok
02:30:15.0819 5788 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
02:30:15.0821 5788 usbohci - ok
02:30:15.0835 5788 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
02:30:15.0837 5788 usbprint - ok
02:30:15.0845 5788 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:30:15.0847 5788 USBSTOR - ok
02:30:15.0859 5788 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
02:30:15.0868 5788 usbuhci - ok
02:30:15.0892 5788 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
02:30:15.0893 5788 UxSms - ok
02:30:15.0902 5788 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
02:30:15.0904 5788 VaultSvc - ok
02:30:15.0928 5788 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
02:30:15.0930 5788 vdrvroot - ok
02:30:15.0958 5788 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
02:30:15.0970 5788 vds - ok
02:30:15.0981 5788 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
02:30:15.0983 5788 vga - ok
02:30:15.0991 5788 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
02:30:15.0997 5788 VgaSave - ok
02:30:16.0011 5788 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
02:30:16.0021 5788 vhdmp - ok
02:30:16.0049 5788 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
02:30:16.0051 5788 viaide - ok
02:30:16.0075 5788 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
02:30:16.0076 5788 volmgr - ok
02:30:16.0307 5788 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
02:30:16.0314 5788 volmgrx - ok
02:30:16.0334 5788 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
02:30:16.0337 5788 volsnap - ok
02:30:16.0355 5788 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
02:30:16.0358 5788 vsmraid - ok
02:30:16.0415 5788 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
02:30:16.0429 5788 VSS - ok
02:30:16.0447 5788 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
02:30:16.0459 5788 vwifibus - ok
02:30:16.0488 5788 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
02:30:16.0497 5788 vwififlt - ok
02:30:16.0519 5788 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
02:30:16.0529 5788 W32Time - ok
02:30:16.0567 5788 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
02:30:16.0569 5788 WacomPen - ok
02:30:16.0585 5788 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
02:30:16.0586 5788 WANARP - ok
02:30:16.0601 5788 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
02:30:16.0602 5788 Wanarpv6 - ok
02:30:16.0661 5788 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
02:30:16.0678 5788 WatAdminSvc - ok
02:30:16.0730 5788 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
02:30:16.0756 5788 wbengine - ok
02:30:16.0771 5788 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
02:30:16.0783 5788 WbioSrvc - ok
02:30:16.0797 5788 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
02:30:16.0811 5788 wcncsvc - ok
02:30:16.0838 5788 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
02:30:16.0846 5788 WcsPlugInService - ok
02:30:16.0861 5788 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
02:30:16.0868 5788 Wd - ok
02:30:16.0903 5788 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
02:30:16.0911 5788 Wdf01000 - ok
02:30:16.0930 5788 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
02:30:16.0933 5788 WdiServiceHost - ok
02:30:16.0939 5788 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
02:30:16.0941 5788 WdiSystemHost - ok
02:30:16.0977 5788 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
02:30:16.0995 5788 WebClient - ok
02:30:17.0026 5788 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
02:30:17.0030 5788 Wecsvc - ok
02:30:17.0052 5788 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
02:30:17.0055 5788 wercplsupport - ok
02:30:17.0066 5788 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
02:30:17.0068 5788 WerSvc - ok
02:30:17.0084 5788 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
02:30:17.0085 5788 WfpLwf - ok
02:30:17.0100 5788 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
02:30:17.0101 5788 WIMMount - ok
02:30:17.0108 5788 WinDefend - ok
02:30:17.0114 5788 WinHttpAutoProxySvc - ok
02:30:17.0150 5788 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
02:30:17.0152 5788 Winmgmt - ok
02:30:17.0196 5788 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
02:30:17.0212 5788 WinRM - ok
02:30:17.0237 5788 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
02:30:17.0262 5788 WinUsb - ok
02:30:17.0509 5788 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
02:30:17.0519 5788 Wlansvc - ok
02:30:17.0561 5788 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
02:30:17.0563 5788 wlcrasvc - ok
02:30:17.0670 5788 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:30:17.0688 5788 wlidsvc - ok
02:30:17.0705 5788 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
02:30:17.0706 5788 WmiAcpi - ok
02:30:17.0722 5788 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
02:30:17.0724 5788 wmiApSrv - ok
02:30:17.0740 5788 WMPNetworkSvc - ok
02:30:17.0745 5788 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
02:30:17.0748 5788 WPCSvc - ok
02:30:17.0760 5788 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
02:30:17.0763 5788 WPDBusEnum - ok
02:30:17.0786 5788 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
02:30:17.0787 5788 ws2ifsl - ok
02:30:17.0809 5788 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(1) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
02:30:17.0810 5788 WsAudio_DeviceS(1) - ok
02:30:17.0818 5788 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(2) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
02:30:17.0819 5788 WsAudio_DeviceS(2) - ok
02:30:17.0826 5788 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(3) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
02:30:17.0828 5788 WsAudio_DeviceS(3) - ok
02:30:17.0838 5788 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(4) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
02:30:17.0839 5788 WsAudio_DeviceS(4) - ok
02:30:17.0843 5788 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(5) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
02:30:17.0844 5788 WsAudio_DeviceS(5) - ok
02:30:17.0854 5788 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
02:30:17.0856 5788 wscsvc - ok
02:30:17.0860 5788 WSearch - ok
02:30:17.0913 5788 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
02:30:17.0933 5788 wuauserv - ok
02:30:17.0954 5788 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
02:30:17.0956 5788 WudfPf - ok
02:30:17.0966 5788 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
02:30:17.0968 5788 WUDFRd - ok
02:30:17.0993 5788 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
02:30:17.0995 5788 wudfsvc - ok
02:30:18.0009 5788 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
02:30:18.0012 5788 WwanSvc - ok
02:30:18.0018 5788 ================ Scan global ===============================
02:30:18.0030 5788 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
02:30:18.0070 5788 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
02:30:18.0092 5788 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
02:30:18.0133 5788 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
02:30:18.0166 5788 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
02:30:18.0179 5788 [Global] - ok
02:30:18.0179 5788 ================ Scan MBR ==================================
02:30:18.0201 5788 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
02:30:19.0185 5788 \Device\Harddisk0\DR0 - ok
02:30:19.0193 5788 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
02:30:19.0196 5788 \Device\Harddisk5\DR5 - ok
02:30:19.0198 5788 ================ Scan VBR ==================================
02:30:19.0215 5788 [ F32147B7DD2E0692859A74003E1838C0 ] \Device\Harddisk0\DR0\Partition1
02:30:19.0216 5788 \Device\Harddisk0\DR0\Partition1 - ok
02:30:19.0228 5788 [ 3FB5612208B6D8F711D5CCD0C8B275FA ] \Device\Harddisk0\DR0\Partition2
02:30:19.0242 5788 \Device\Harddisk0\DR0\Partition2 - ok
02:30:19.0265 5788 [ 39AAFCF2545FE5B47B6DF491F9BEC942 ] \Device\Harddisk0\DR0\Partition3
02:30:19.0266 5788 \Device\Harddisk0\DR0\Partition3 - ok
02:30:19.0269 5788 [ 589B118361E69870059157E4ADF7E3CA ] \Device\Harddisk5\DR5\Partition1
02:30:19.0270 5788 \Device\Harddisk5\DR5\Partition1 - ok
02:30:19.0271 5788 ============================================================
02:30:19.0271 5788 Scan finished
02:30:19.0271 5788 ============================================================
02:30:19.0282 5260 Detected object count: 0
02:30:19.0282 5260 Actual detected object count: 0
02:31:51.0200 7636 Deinitialize success

----------------------------------------------------

MalwareBytes (I ran this one first before TDSS):

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.16.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Emily :: CA7-PC [administrator]

12/17/2012 1:41:07 AM
mbam-log-2012-12-17 (01-41-07).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 386212
Time elapsed: 40 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

-------------

And then Adw:

# AdwCleaner v2.101 - Logfile created 12/17/2012 at 02:34:21
# Updated 16/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Emily - CA7-PC
# Boot Mode : Normal
# Running from : C:\Users\Emily\Pictures\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Application Updater

***** [Files / Folders] *****

File Deleted : C:\Users\Emily\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\AutocompletePro
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Emily\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Folder Deleted : C:\Users\Emily\AppData\Local\Temp\TempDir
Folder Deleted : C:\Users\Emily\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Emily\AppData\Roaming\Mozilla\Firefox\Profiles\duzjct7h.default\extensions\plugin@yontoo.com

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AutocompletePro
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [support@predictad.com]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

Profile name : default
File : C:\Users\Emily\AppData\Roaming\Mozilla\Firefox\Profiles\duzjct7h.default\prefs.js

C:\Users\Emily\AppData\Roaming\Mozilla\Firefox\Profiles\duzjct7h.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Emily\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6544 octets] - [17/12/2012 02:32:36]
AdwCleaner[R2].txt - [6604 octets] - [17/12/2012 02:33:45]
AdwCleaner[S1].txt - [6791 octets] - [17/12/2012 02:34:21]

########## EOF - C:\AdwCleaner[S1].txt - [6851 octets] ##########

---------------------------------

I did not run RogueKiller as my Antivirus does not like the source and detects it as a threat. I'm sure the program is good, but I'd rather not create another problem for my computer.

Are the other three programs enough? The three programs didn't seem to find anything wrong, and my computer seems to be running slightly better. Not as much redirection and I haven't seen any strange behavior in the last couple of days, though it's too soon to say if the problem is all gone or not. I am having a lot of internet and network problems but I think those are unrelated to the malware issue. The "trijtzxoi dll" error is still showing on start-up though. Do I have to edit the registry or something to get that to stop popping up?

#6 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:07:01 AM

Posted 19 December 2012 - 03:58 AM

Hi,

It shouldn't cause any problems for you to allow your AV to run RogueKiller, so please allow it this time. :)

It's good that things seem to be running better. I'm going to try to rid you of all your malware first before we do anything about the .dll error.

Let me know how things are going after running RK and posting the log.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#7 CrystalClear90

CrystalClear90
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:01 AM

Posted 20 December 2012 - 11:28 PM

Hi,

All right, took a while to figure out how to make my AV allow RogueKiller (Suspicious.Cloud.EP/Heuristic Virus threat I guess doesn't apply in this case), and here is the RK log. It removed a few things.


¤¤¤ Registry Entries : 7 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Google (rundll32.exe "C:\Users\Emily\AppData\Local\Hewlett-Packard\Google\trijtzxoi.dll",RunServiceW) -> DELETED
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HDS723020BLA642 SATA Disk Device +++++
--- User ---
[MBR] 92fc449d746b3d5477b9fb58764724d6
[BSP] 910ade4a02d86ae60d2fc1bcb1e963c5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1890639 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3872235520 | Size: 16988 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 301831810f870bc87d01948609847607
[BSP] 67f1ce8f1dbb0cadda095d8ee1853564 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 226125824 | Size: 300 Mo

+++++ PhysicalDrive1: Generic- SD/MMC USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive3: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive4: Generic- MS/MS-Pro USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2]_D_12202012_02d2020.txt >>
RKreport[1]_S_12202012_02d2019.txt ; RKreport[2]_D_12202012_02d2020.txt

My browsers finally stopped redirecting before I ran RK, and I haven't seen suspicious behavior other than a couple of freeze-ups every now and then, but I think that's unrelated. I just run a lot of programs at once all the time. I will restart now and see if anything changes.

Thank you very much for your continued assistance. :) It's not every day that I come across a pleasant and nice person to talk to.


EDIT: After restarting, the .dll error did not appear on start-up. There is an RK Quarantine folder (that contains some registry entries) on the desktop as well as new shortcut icons for my user folder and 'Computer'. Can I delete the RK Quarantine as well as the logs for the malware removal programs now? Or should they go somewhere specific in the case of the registry entries to run properly or the malware removal logs for future reference?

I will run a few more scans with MB and my AV software and test my computer's performance for a few days to verify that everything continues to run as it should. If everything turns out and no more problems arise, I will post a final report at the end of this thread in a few days.

Edited by CrystalClear90, 21 December 2012 - 12:03 AM.


#8 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:07:01 AM

Posted 21 December 2012 - 12:18 AM

Hi,

Good to know I'm doing well in the nice person department, thank you. :thumbsup:

Awesome to see that you got the error to stop! :) You can thank RogueKiller for that, as seen in this line: [RUN][SUSP PATH] HKCU\[...]\Run : Google (rundll32.exe "C:\Users\Emily\AppData\Local\Hewlett-Packard\Google\trijtzxoi.dll",RunServiceW) -> DELETED

I'm not quite done yet, though; we need to do some more scans with other things to get rid of any possible leftovers. After that, we will delete all our tools we don't need anymore. :)

SUPERAntiSpyware

I need you to run a scan with SUPERAntiSpyware.

  • Download SAS from here, and save it to your desktop.
  • Double click the installer to start the installation. If you do not want to start the trial of the full version, please decline, and feel free to uncheck options to install external toolbars/software, unless you want them. Otherwise, follow the prompts and let the program install.
  • Once the program is done installing and updating, tick the Complete Scan option on the interface, and press the big Scan your Computer... button. Ensure that the options Activate Scan Boost™ > Low boost and Scan inside .ZIP archives are selected and Start Complete Scan.
  • After scanning, be sure to remove all detected threats if any were detected. If asked to reboot to remove threats, do so immediately.
  • Once finished, return to the main interface, go to View Scan Logs and view the newest log. Copy and paste it into your reply.

ESET Online Scanner

I need you to run a scan with ESET Online Scanner.

  • Download the scanner from here, and save it to your desktop.
  • Double click the file to install the program. Once it's done, accept the terms of use and click Start. Be sure the following settings are checked before beginning:
    Scan archives
    Remove found threats
    Scan potentially unwanted applications
    Scan for potentially unsafe applications
    Enable Anti-Stealth technology
  • Once the scan is done, if anything was found, click List of found threats, and then Export to text file..., and save the log to your desktop.
  • Click << Back, and then Finish. If you have to reboot, do so immediately.
  • After ESET finishes scanning and removing threats, copy and paste the log into your reply.

Junkware Removal Tool

I need you to run a scan with Junkware Removal Tool.

  • Download JRT from here, and save it to your desktop.
  • Double click the file to open it, and hit any key as per the instructions of the popped up window.
  • Once the scan is done, copy and paste the contents of the resulting log into your reply.

Please tell me how the PC is running in your next reply.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#9 CrystalClear90

CrystalClear90
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:01 AM

Posted 21 December 2012 - 10:42 AM

Hi,

Yes, it's refreshing to find someone who is nice to talk to, and helpful. :) Many people are rude, especially since most everyone is in a rush 24/7. I see it all the time, people demanding the quickest answers and not taking the necessary thorough steps by cutting corners to try to get it done faster. Things don't get resolved and back to normal in an hour; it takes time. Sometimes lots of time, like months. I know, I'm no stranger to computer problems (but then are any of us, really? :P ). There's no reason to throw away politeness and courtesy in the process. :)

Luckily, I had some time last night and also this morning before I get to work to run these next set of scans. First the SAS log. It just found a bunch of tracking cookies.


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/20/2012 at 10:06 PM

Application Version : 5.6.1014

Core Rules Database Version : 9773
Trace Rules Database Version: 7585

Scan type : Complete Scan
Total Scan Time : 00:40:49

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 726
Memory threats detected : 0
Registry items scanned : 72825
Registry threats detected : 0
File items scanned : 62125
File threats detected : 287

Adware.Tracking Cookie
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\DEQCT51Q.txt [ Cookie:emily@epicurious.com/ads/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\6DQ02ZWB.txt [ Cookie:emily@epicurious.com/rd_images/primaryContent/recipe_detail/recipe_stats/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\M18XG0WG.txt [ Cookie:emily@247realmedia.com/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\4BX6K72Y.txt [ Cookie:emily@collective-media.net/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DM7U76X6.txt [ Cookie:emily@network.realmedia.com/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\R81437H0.txt [ Cookie:emily@www.burstnet.com/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\09DCTFHI.txt [ Cookie:emily@mediaservices-d.openxenterprise.com/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DW04FY9I.txt [ Cookie:emily@media6degrees.com/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\PAEOC6FG.txt [ Cookie:emily@invitemedia.com/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\O4PISKRP.txt [ Cookie:emily@tacoda.at.atwola.com/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DYS2UGYA.txt [ Cookie:emily@revsci.net/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\WE0NXM8I.txt [ Cookie:emily@atdmt.com/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\U293AWEB.txt [ Cookie:emily@questionmarket.com/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\EFSZ207O.txt [ Cookie:emily@realmedia.com/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\BRNUMRGG.txt [ Cookie:emily@at.atwola.com/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\CMK7GU8I.txt [ Cookie:emily@ru4.com/ ]
C:\USERS\EMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\SY0VQRM8.txt [ Cookie:emily@doubleclick.net/ ]
C:\USERS\EMILY\Cookies\DEQCT51Q.txt [ Cookie:emily@epicurious.com/ads/ ]
C:\USERS\EMILY\Cookies\6DQ02ZWB.txt [ Cookie:emily@epicurious.com/rd_images/primaryContent/recipe_detail/recipe_stats/ ]
.saymedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
click.clickspro.org [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.googleads.g.doubleclick.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstbeacon.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstbeacon.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad-g.doubleclick.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media.adfrontiers.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media.adfrontiers.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.weborama.fr [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.px.steelhousemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adlegend.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.readserver.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.readserver.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statoil.solution.weborama.fr [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statoil.solution.weborama.fr [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statoil.solution.weborama.fr [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statoil.solution.weborama.fr [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.247realmedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rotator.adjuggler.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rotator.adjuggler.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adjuggler.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.exoclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.exoclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.exoclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.mlnadvertising.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.mlnadvertising.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.mlnadvertising.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mmstat.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cnzz.mmstat.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediafire.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediafire.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediafire.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jeetyetmedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbooth.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
openx.jeetyetmedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.prnewswire.122.2o7.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.iad.liveperson.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.seth.avazutracking.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.seth.avazutracking.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.seth.avazutracking.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ees.rotator.hadj1.adjuggler.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ees.rotator.hadj1.adjuggler.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ees.rotator.hadj1.adjuggler.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gwmtracker.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
edge.jeetyetmedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.game-advertising-online.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adlegend.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.everyscreenmedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstnet.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtechus.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
openx.jeetyetmedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
openx.jeetyetmedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
openx.jeetyetmedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
a.intentmedia.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.network.realmedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.network.realmedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
network.realmedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediaservices-d.openxenterprise.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediaservices-d.openxenterprise.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\EMILY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cloud.bannergadgets.com [ C:\USERS\EMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHRUQ35Q ]
core.insightexpressai.com [ C:\USERS\EMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHRUQ35Q ]
core.saymedia.com [ C:\USERS\EMILY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GHRUQ35Q ]

-------------

And the ESET log. It froze at 44% and so I had to start over and run it again. It seemed to have completed okay the second time and removed things.

C:\MGtools\Process.exe Win32/PrcView application cleaned by deleting - quarantined
C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Users\Emily\AppData\Local\Temp\FreemakeVideoConverter_3.1.1.4.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\Emily\AppData\Local\Temp\FreemakeVideoConverter_3.1.2.0.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Windows\Installer\1af8c54d.msi a variant of Win32/Toolbar.Widgi application deleted - quarantined
K:\$RECYCLE.BIN\S-1-5-21-265084716-638293348-4166285464-1000\$RDU7ZA7.exe Win32/OpenCandy application cleaned by deleting - quarantined
K:\$RECYCLE.BIN\S-1-5-21-265084716-638293348-4166285464-1000\$RJ8213L.exe a variant of Win32/SoftonicDownloader.E application cleaned by deleting - quarantined


-------------

And the JRT log:


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.2.1 (12.20.2012:1)
OS: Windows 7 Home Premium x64
Ran by Emily on Fri 12/21/2012 at 4:52:16.91
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Program Files (x86)\ytd toolbar"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"



~~~ FireFox

Successfully deleted: [File] C:\Users\Emily\AppData\Roaming\mozilla\firefox\profiles\duzjct7h.default\extensions\ldiiwkvuns@ldiiwkvuns.org.xpi [Tracur]
Failed to delete: [Folder] C:\Users\Emily\AppData\Roaming\mozilla\firefox\profiles\duzjct7h.default\extensions\ytd@mybrowserbar.com
Successfully deleted the following from C:\Users\Emily\AppData\Roaming\mozilla\firefox\profiles\duzjct7h.default\prefs.js

user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
user_pref("extentions.y2layers.installId", "9e081bd3-f2e9-4bfc-b90a-82957542a29d");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 12/21/2012 at 5:00:13.22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

---------------

Sheesh, malware is a pest. It gets everywhere and burrows it seems. <_< I'll have to see later if my computer shows any other signs of strange behavior. It takes a while to confirm that no more problems pop up. Is there anything else I should do?

Edited by CrystalClear90, 21 December 2012 - 10:58 AM.


#10 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:07:01 AM

Posted 22 December 2012 - 10:18 AM

Hi,

Yes, even people asking to be helped can be rude, so it's sadly on both ends. I'm glad I got to work with you though, you seem pretty kind yourself. :)

Our tools seem to have only found fairly minor leftovers, not much to worry about there. :) I'd like you to run one more scan, and I might have you do a little more depending on its results.

Security Check

I need you to run a checkup with Security Check.

  • Download Security Check here, and save it to your desktop.
  • Double click the file to run it. In the first screen, hit any key and let the scan run.
  • Once the scan is finished, copy and paste the resulting log into your reply.

After this, I'll need to know if your PC is still running well.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#11 CrystalClear90

CrystalClear90
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:01 AM

Posted 27 December 2012 - 12:12 AM

Hi,

Thank you. :)

Sorry for being a little late. I took a few days off from the scans to enjoy the holidays. I hope you had a good holiday as well. :)

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Java 7 Update 7
Java version out of Date!
Adobe Flash Player 11.5.502.135
Adobe Reader 10.1.4 Adobe Reader out of Date!
Mozilla Firefox (17.0.1)
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````


My PC seems to be still running very well. I haven't had any freeze-ups or any other strange behavior recently. Seems to be good. :)

#12 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:07:01 AM

Posted 27 December 2012 - 08:38 AM

Hi,

I did, thank you. :)

Very good to hear that the PC is running well! :thumbup2: We only have a little bit more work to do now!

Please delete TDSSKiller, AdwCleaner, RogueKiller, Junkware Removal Tool and Security Check as we don't need them anymore.

We need to uninstall a few things. Your Java and Reader are outdated, and you've got a lot of old versions of Chrome.

Uninstall Programs

I need you to uninstall some programs using either Programs and Features or Revo Uninstaller.

If you want to use Programs and Features:

  • Go to Start > Control Panel > Programs and Features.
  • Once it loads all the programs, uninstall the following, if present, one at a time:
    Adobe Reader 10.1.4
    Google Chrome 21.0.1180.89
    Google Chrome 22.0.1229.79
    Google Chrome 22.0.1229.92
    Google Chrome 22.0.1229.94
    Google Chrome 23.0.1271.64
    Google Chrome 23.0.1271.91
    Google Chrome 23.0.1271.95
    Java 7 Update 7

    by clicking Change/Remove.
Note: If you have any problems uninstalling a program using Programs/Features, proceed to the below method.

If you want to use Revo Uninstaller (which cleans up a bit better):

  • Download Revo from here, and save it to your desktop.
  • Double-click the installer on your desktop, and let the program install.
  • Once it's done, double click the Revo Uninstaller shortcut on your desktop to run it. Once it loads all the programs, uninstall the following, if present, one at a time:
    Adobe Reader 10.1.4
    Google Chrome 21.0.1180.89
    Google Chrome 22.0.1229.79
    Google Chrome 22.0.1229.92
    Google Chrome 22.0.1229.94
    Google Chrome 23.0.1271.64
    Google Chrome 23.0.1271.91
    Google Chrome 23.0.1271.95
    Java 7 Update 7
  • Double-click the program, and say Yes on the prompt. Ensure the Moderate option is ticked, click Next.
  • Follow the prompts in the built-in uninstaller, and then click Next in Revo.
  • If any registry remnants are found, check only the bolded items. If there is a closed folder visible, click the + to expand it until you find the bolded item. Then Delete the remnants.
  • Proceed again, and if any files/folders were found, delete those, too. Repeat this with the other programs to uninstall.

Adobe Reader

I need you to install the latest version of Adobe Reader.

  • Download Reader from here, and save it to your desktop.
  • Double-click the installer to start the installation. Feel free to uncheck to install third-party toolbars or software, as they aren't required for the Adobe Reader installation. Otherwise, follow the prompts and let the program install.

Java

I need you to install the latest version of Java.

  • Download Java from here, and save it to your desktop.
  • Close any open browsers.
  • Double-click the installer to start the installation. Feel free to uncheck to install third-party toolbars or software, unless you want them. Otherwise, follow the prompts and let the program install.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#13 CrystalClear90

CrystalClear90
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:01 AM

Posted 08 January 2013 - 03:56 AM

Sorry for the super-late reply. Beginning the New Year was crazy. Hope you had a good one and Happy New Year 2013 to you. :)

Okay, I removed all the specified malware-removal programs and deleted the old versions of Adobe Reader and Java using Revo uninstaller. It's weird; I already had all the latest versions of those things because I update them to their current version all the time, but I guess the older versions didn't get removed. The apparent old versions of Chrome didn't show in Programs and Feautures nor Revo, but that broswer is up to date as far as I know.

Edited by CrystalClear90, 08 January 2013 - 03:57 AM.


#14 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:07:01 AM

Posted 08 January 2013 - 04:51 AM

Hi,

It's fine. Happy new year to you, too. :)

Keeping track of program updates can be hard, which is why I'm suggesting a certain program for you later in the post. As for the Chrome thing, that's my fault. I assumed that they were all separate installations, but older versions seem lumped into the new version, so that was an error on my end. :wacko:

Congrats, your computer looks free of malware! :woot:

However, here are some steps to improve how your computer works, and to help you from getting infected again.

Keep all your software updated. This is especially true for your antivirus. Keeping your software up-to-date is one of the most important steps to keeping malware out of your system. For new software version updates, I recommend FileHippo Update Checker. However, FH doesn't find all updates, so be sure and manually check for updates, too.

Browse safely. Much of the time, malware gets in because the user isn't cautious. Examples of safe browsing include not opening emails from people you don't know, especially if it has an attachment. Files, especially those with a .exe, .com, .bat and .scr extension should never be trusted unless you know for a fact you can trust the source. You should also be careful with these files even from friends, since their email might actually not be from them.

You should also clean out your System Restore points. SR is used to restore your computer to an earlier time if it's damaged, and since many of your old restore points are probably infected, let's clean out your old points and create a new, clean one.

  • Go to Start > Programs > Accessories > System Tools > System Restore.
  • Select Create a new restore point, then click the Next button.
  • Give the point a name, then click Create.
  • Go to Start > Run... and enter cleanmgr.
  • Once the utility opens, click the More Options tab, and under System Restore, click Clean up..., then say Yes.

Happy surfing! :)

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#15 CrystalClear90

CrystalClear90
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:01 AM

Posted 08 January 2013 - 08:06 PM

Hi,

Thanks for the suggestion of FH, but I have a whole routine of reminders, scheduled updates, a day every week for manual updates, and the whole nine yards. :) And no worries about Chrome. :) I also created a new restore point and dumped the old ones I had.

Thank you SO much for all your input! My computer is running great now. :lol: You've been extremely helpful and I appreciate you taking the time and effort to help me out with this. :thumbsup:

Have a great day and best wishes to you for the future. :)

~CrystalClear90

Edited by CrystalClear90, 08 January 2013 - 08:07 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users