Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What is easylifeapp?


  • Please log in to reply
19 replies to this topic

#1 ST4th

ST4th

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:18 PM

Posted 05 January 2013 - 10:06 AM

All of my browsers are suddenly redirected. I downloaded a program the other day to unzip a file and think I may have gotten it then.

This is the only place I've found references to this and I'd like to know more. Will be posting in the logs forum once I'm sure I've read and followed all the directions.

In the meantime, I'd appreciate information about what this "app" does.

BC AdBot (Login to Remove)

 


#2 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,284 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:03:18 PM

Posted 05 January 2013 - 10:14 AM

Hi, ST4th! I'm going to try to help you out. :)

EasyLife App doesn't seem to have much on it, but I seem to have found other cases where it caused problems, so that may be a good indicator that this is your problem.

TDSSKiller

I need you to run a scan using TDSSKiller.

  • Download TDSSKiller from here, and save it to your desktop.
  • Double click the file to launch the program. Once the program starts, click Start Scan. Don't change any default scan settings.
  • Once the scan is finished, you'll find a log in your root drive (usually C: ) that will start with TDSS in the file name, please copy and paste it into your reply.

Malwarebytes

I need you to run a scan with Malwarebytes Anti-Malware.

  • Download MBAM from here, and save it to your desktop.
  • Double-click the installer to run it. During the installation, simply follow the prompts and let the program install. However, if you do not want to start a trial of the full version, please decline, and if offered any external toolbars/programs, feel free to uncheck to install them, unless you want them.
  • Once the program is done installing and updating, select the Perform full scan option on the main interface. The click the Scan button, hit Scan, and let the scan run.
  • Once the scan is finished, a log will pop up. If any malware was found, click the Show Results button, and make sure everything present is checked and click Remove Selected. If MBAM asks you to reboot, do so immediately. Either way, please copy and paste the log into your reply. If your PC is rebooted, you can find the log by opening up MBAM and going to the Logs tab.

AdwCleaner

I need you to run AdwCleaner to see if it removes anything.

  • Download AdwCleaner from here, and save it to your desktop.
  • Close all open programs.
  • Open the file on your desktop, and click the Delete button. Confirm operations at every prompt. Your PC will be rebooted after the final prompt.
  • Once rebooted, a text file will open up. Please copy and paste it into your reply.

RogueKiller

I need you to run RogueKiller to see if it removes anything.

  • Download RogueKiller from here, and save it to your desktop.
  • Close all open programs.
  • Double click the file on your desktop. Once the automatic check completes, hit the Scan button.
  • Once the full scan has finished, click on the Delete button. Once it's done removing things, open the newest log on your desktop (should be called RKreport[2].txt) and copy and paste it into your reply.

Please tell me how the PC is running in your next reply.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#3 ST4th

ST4th
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:18 PM

Posted 05 January 2013 - 01:30 PM

Hi Gunto,

Thanks for the quick reply; I really appreciate the help. I'm running a backup on the machine right now (thank goodness for other electronic devices!) and running other errands at the same time, so it might be a bit before I can run everything.

Thanks again.

ST4th

#4 ST4th

ST4th
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:18 PM

Posted 05 January 2013 - 09:22 PM

TDSSKiller log:

21:19:26.0094 4204 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:19:26.0406 4204 ============================================================
21:19:26.0406 4204 Current date / time: 2013/01/05 21:19:26.0406
21:19:26.0406 4204 SystemInfo:
21:19:26.0406 4204
21:19:26.0406 4204 OS Version: 6.1.7601 ServicePack: 1.0
21:19:26.0406 4204 Product type: Workstation
21:19:26.0406 4204 ComputerName: DG-PC
21:19:26.0406 4204 UserName: DG
21:19:26.0406 4204 Windows directory: C:\Windows
21:19:26.0406 4204 System windows directory: C:\Windows
21:19:26.0406 4204 Running under WOW64
21:19:26.0406 4204 Processor architecture: Intel x64
21:19:26.0406 4204 Number of processors: 4
21:19:26.0406 4204 Page size: 0x1000
21:19:26.0406 4204 Boot type: Normal boot
21:19:26.0406 4204 ============================================================
21:19:26.0936 4204 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:19:26.0936 4204 ============================================================
21:19:26.0936 4204 \Device\Harddisk0\DR0:
21:19:26.0936 4204 MBR partitions:
21:19:26.0936 4204 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
21:19:26.0936 4204 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x48113AB0
21:19:26.0936 4204 ============================================================
21:19:26.0968 4204 C: <-> \Device\Harddisk0\DR0\Partition2
21:19:26.0968 4204 ============================================================
21:19:26.0968 4204 Initialize success
21:19:26.0968 4204 ============================================================
21:19:35.0236 1908 ============================================================
21:19:35.0236 1908 Scan started
21:19:35.0236 1908 Mode: Manual;
21:19:35.0236 1908 ============================================================
21:19:35.0735 1908 ================ Scan system memory ========================
21:19:35.0735 1908 System memory - ok
21:19:35.0735 1908 ================ Scan services =============================
21:19:35.0969 1908 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:19:35.0984 1908 1394ohci - ok
21:19:36.0016 1908 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:19:36.0016 1908 ACPI - ok
21:19:36.0062 1908 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:19:36.0062 1908 AcpiPmi - ok
21:19:36.0172 1908 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:19:36.0172 1908 AdobeARMservice - ok
21:19:36.0328 1908 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:19:36.0343 1908 AdobeFlashPlayerUpdateSvc - ok
21:19:36.0390 1908 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:19:36.0406 1908 adp94xx - ok
21:19:36.0452 1908 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:19:36.0468 1908 adpahci - ok
21:19:36.0499 1908 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:19:36.0499 1908 adpu320 - ok
21:19:36.0546 1908 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:19:36.0546 1908 AeLookupSvc - ok
21:19:36.0624 1908 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
21:19:36.0624 1908 AERTFilters - ok
21:19:36.0686 1908 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:19:36.0702 1908 AFD - ok
21:19:36.0733 1908 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:19:36.0749 1908 agp440 - ok
21:19:36.0780 1908 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:19:36.0780 1908 ALG - ok
21:19:36.0811 1908 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:19:36.0827 1908 aliide - ok
21:19:36.0842 1908 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:19:36.0842 1908 amdide - ok
21:19:36.0874 1908 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:19:36.0874 1908 AmdK8 - ok
21:19:36.0874 1908 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:19:36.0889 1908 AmdPPM - ok
21:19:36.0920 1908 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:19:36.0936 1908 amdsata - ok
21:19:36.0967 1908 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:19:36.0967 1908 amdsbs - ok
21:19:36.0998 1908 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:19:36.0998 1908 amdxata - ok
21:19:37.0030 1908 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:19:37.0045 1908 AppID - ok
21:19:37.0076 1908 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:19:37.0076 1908 AppIDSvc - ok
21:19:37.0092 1908 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:19:37.0092 1908 Appinfo - ok
21:19:37.0186 1908 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:19:37.0186 1908 Apple Mobile Device - ok
21:19:37.0217 1908 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
21:19:37.0232 1908 arc - ok
21:19:37.0264 1908 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:19:37.0264 1908 arcsas - ok
21:19:37.0404 1908 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:19:37.0404 1908 aspnet_state - ok
21:19:37.0451 1908 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
21:19:37.0451 1908 aswFsBlk - ok
21:19:37.0482 1908 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:19:37.0482 1908 aswMonFlt - ok
21:19:37.0529 1908 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
21:19:37.0529 1908 aswRdr - ok
21:19:37.0576 1908 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:19:37.0607 1908 aswSnx - ok
21:19:37.0638 1908 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:19:37.0654 1908 aswSP - ok
21:19:37.0700 1908 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
21:19:37.0700 1908 aswTdi - ok
21:19:37.0716 1908 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:19:37.0732 1908 AsyncMac - ok
21:19:37.0778 1908 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:19:37.0778 1908 atapi - ok
21:19:37.0825 1908 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:19:37.0856 1908 AudioEndpointBuilder - ok
21:19:37.0888 1908 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:19:37.0903 1908 AudioSrv - ok
21:19:37.0966 1908 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:19:37.0966 1908 avast! Antivirus - ok
21:19:37.0997 1908 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:19:38.0012 1908 AxInstSV - ok
21:19:38.0059 1908 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:19:38.0059 1908 b06bdrv - ok
21:19:38.0106 1908 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:19:38.0122 1908 b57nd60a - ok
21:19:38.0168 1908 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:19:38.0168 1908 BDESVC - ok
21:19:38.0184 1908 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:19:38.0184 1908 Beep - ok
21:19:38.0231 1908 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:19:38.0278 1908 BFE - ok
21:19:38.0340 1908 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:19:38.0371 1908 BITS - ok
21:19:38.0434 1908 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:19:38.0434 1908 blbdrive - ok
21:19:38.0543 1908 [ C620C59D46F43BEECC556F65E801312B ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
21:19:38.0574 1908 Bluetooth Device Monitor - ok
21:19:38.0652 1908 [ 5E5EDCCEEA4FA3FDF3A907AC204B5828 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
21:19:38.0699 1908 Bluetooth Media Service - ok
21:19:38.0792 1908 [ 826E65C945738CBD64F89EAE4406687F ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
21:19:38.0839 1908 Bluetooth OBEX Service - ok
21:19:38.0902 1908 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:19:38.0902 1908 Bonjour Service - ok
21:19:38.0948 1908 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:19:38.0964 1908 bowser - ok
21:19:38.0995 1908 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:19:38.0995 1908 BrFiltLo - ok
21:19:39.0011 1908 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:19:39.0011 1908 BrFiltUp - ok
21:19:39.0058 1908 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:19:39.0058 1908 Browser - ok
21:19:39.0073 1908 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:19:39.0073 1908 Brserid - ok
21:19:39.0120 1908 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:19:39.0120 1908 BrSerWdm - ok
21:19:39.0136 1908 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:19:39.0151 1908 BrUsbMdm - ok
21:19:39.0151 1908 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:19:39.0151 1908 BrUsbSer - ok
21:19:39.0198 1908 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:19:39.0198 1908 BthEnum - ok
21:19:39.0214 1908 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:19:39.0229 1908 BTHMODEM - ok
21:19:39.0260 1908 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:19:39.0260 1908 BthPan - ok
21:19:39.0323 1908 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:19:39.0338 1908 BTHPORT - ok
21:19:39.0385 1908 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:19:39.0401 1908 bthserv - ok
21:19:39.0432 1908 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:19:39.0432 1908 BTHUSB - ok
21:19:39.0479 1908 [ 962BD3689E2C85F0BA97F3D7E7BA540B ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
21:19:39.0479 1908 btmaux - ok
21:19:39.0494 1908 [ EC1220B647F0D995DA5CAD4153454779 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
21:19:39.0510 1908 btmhsf - ok
21:19:39.0557 1908 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:19:39.0557 1908 cdfs - ok
21:19:39.0619 1908 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:19:39.0635 1908 cdrom - ok
21:19:39.0666 1908 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:19:39.0666 1908 CertPropSvc - ok
21:19:39.0682 1908 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
21:19:39.0697 1908 circlass - ok
21:19:39.0713 1908 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:19:39.0728 1908 CLFS - ok
21:19:39.0791 1908 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:19:39.0791 1908 clr_optimization_v2.0.50727_32 - ok
21:19:39.0822 1908 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:19:39.0838 1908 clr_optimization_v2.0.50727_64 - ok
21:19:39.0916 1908 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:19:39.0916 1908 clr_optimization_v4.0.30319_32 - ok
21:19:39.0947 1908 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:19:39.0947 1908 clr_optimization_v4.0.30319_64 - ok
21:19:39.0978 1908 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:19:39.0978 1908 CmBatt - ok
21:19:39.0994 1908 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:19:39.0994 1908 cmdide - ok
21:19:40.0056 1908 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:19:40.0056 1908 CNG - ok
21:19:40.0103 1908 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:19:40.0103 1908 Compbatt - ok
21:19:40.0134 1908 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:19:40.0134 1908 CompositeBus - ok
21:19:40.0150 1908 COMSysApp - ok
21:19:40.0181 1908 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:19:40.0181 1908 crcdisk - ok
21:19:40.0228 1908 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:19:40.0243 1908 CryptSvc - ok
21:19:40.0290 1908 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
21:19:40.0306 1908 CtClsFlt - ok
21:19:40.0352 1908 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:19:40.0368 1908 DcomLaunch - ok
21:19:40.0415 1908 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:19:40.0415 1908 defragsvc - ok
21:19:40.0462 1908 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:19:40.0462 1908 DfsC - ok
21:19:40.0493 1908 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:19:40.0508 1908 Dhcp - ok
21:19:40.0540 1908 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:19:40.0540 1908 discache - ok
21:19:40.0555 1908 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
21:19:40.0555 1908 Disk - ok
21:19:40.0586 1908 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:19:40.0602 1908 Dnscache - ok
21:19:40.0618 1908 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:19:40.0618 1908 dot3svc - ok
21:19:40.0649 1908 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:19:40.0649 1908 DPS - ok
21:19:40.0680 1908 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:19:40.0680 1908 drmkaud - ok
21:19:40.0742 1908 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:19:40.0789 1908 DXGKrnl - ok
21:19:40.0805 1908 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:19:40.0820 1908 EapHost - ok
21:19:40.0914 1908 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:19:40.0992 1908 ebdrv - ok
21:19:41.0023 1908 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:19:41.0039 1908 EFS - ok
21:19:41.0101 1908 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:19:41.0132 1908 ehRecvr - ok
21:19:41.0164 1908 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:19:41.0164 1908 ehSched - ok
21:19:41.0195 1908 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:19:41.0210 1908 elxstor - ok
21:19:41.0226 1908 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:19:41.0226 1908 ErrDev - ok
21:19:41.0273 1908 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:19:41.0288 1908 EventSystem - ok
21:19:41.0398 1908 [ ED8FBADBBAF7420ADEAE2D5D81F0D4A1 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:19:41.0429 1908 EvtEng - ok
21:19:41.0460 1908 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:19:41.0476 1908 exfat - ok
21:19:41.0507 1908 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:19:41.0507 1908 fastfat - ok
21:19:41.0569 1908 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:19:41.0600 1908 Fax - ok
21:19:41.0632 1908 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
21:19:41.0632 1908 fdc - ok
21:19:41.0663 1908 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:19:41.0678 1908 fdPHost - ok
21:19:41.0694 1908 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:19:41.0710 1908 FDResPub - ok
21:19:41.0741 1908 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:19:41.0741 1908 FileInfo - ok
21:19:41.0772 1908 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:19:41.0772 1908 Filetrace - ok
21:19:41.0788 1908 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:19:41.0803 1908 flpydisk - ok
21:19:41.0834 1908 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:19:41.0834 1908 FltMgr - ok
21:19:41.0912 1908 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:19:41.0959 1908 FontCache - ok
21:19:41.0990 1908 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:19:42.0006 1908 FontCache3.0.0.0 - ok
21:19:42.0115 1908 [ E163CF5D8F95C1D766603085E1D01C38 ] FreeAgentGoNext Service C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
21:19:42.0115 1908 FreeAgentGoNext Service - ok
21:19:42.0146 1908 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:19:42.0146 1908 FsDepends - ok
21:19:42.0193 1908 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:19:42.0193 1908 Fs_Rec - ok
21:19:42.0224 1908 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:19:42.0224 1908 fvevol - ok
21:19:42.0256 1908 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:19:42.0256 1908 gagp30kx - ok
21:19:42.0287 1908 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:19:42.0287 1908 GEARAspiWDM - ok
21:19:42.0334 1908 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:19:42.0365 1908 gpsvc - ok
21:19:42.0427 1908 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:19:42.0427 1908 gusvc - ok
21:19:42.0458 1908 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:19:42.0458 1908 hcw85cir - ok
21:19:42.0474 1908 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:19:42.0490 1908 HDAudBus - ok
21:19:42.0505 1908 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:19:42.0505 1908 HidBatt - ok
21:19:42.0536 1908 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:19:42.0536 1908 HidBth - ok
21:19:42.0568 1908 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
21:19:42.0568 1908 HidIr - ok
21:19:42.0614 1908 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:19:42.0614 1908 hidserv - ok
21:19:42.0661 1908 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:19:42.0661 1908 HidUsb - ok
21:19:42.0692 1908 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:19:42.0692 1908 hkmsvc - ok
21:19:42.0708 1908 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:19:42.0724 1908 HomeGroupListener - ok
21:19:42.0755 1908 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:19:42.0770 1908 HomeGroupProvider - ok
21:19:42.0802 1908 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:19:42.0802 1908 HpSAMD - ok
21:19:42.0833 1908 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:19:42.0864 1908 HTTP - ok
21:19:42.0880 1908 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:19:42.0880 1908 hwpolicy - ok
21:19:42.0911 1908 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:19:42.0926 1908 i8042prt - ok
21:19:42.0973 1908 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
21:19:42.0973 1908 iaStor - ok
21:19:43.0020 1908 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:19:43.0020 1908 iaStorV - ok
21:19:43.0036 1908 [ E44F0B4DC753C14930B8DC48BB7A1644 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
21:19:43.0036 1908 iBtFltCoex - ok
21:19:43.0114 1908 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:19:43.0145 1908 idsvc - ok
21:19:43.0410 1908 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:19:43.0628 1908 igfx - ok
21:19:43.0675 1908 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:19:43.0675 1908 iirsp - ok
21:19:43.0722 1908 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:19:43.0753 1908 IKEEXT - ok
21:19:43.0816 1908 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
21:19:43.0831 1908 Impcd - ok
21:19:43.0894 1908 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:19:43.0894 1908 intaud_WaveExtensible - ok
21:19:44.0003 1908 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:19:44.0050 1908 IntcAzAudAddService - ok
21:19:44.0081 1908 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:19:44.0081 1908 IntcDAud - ok
21:19:44.0112 1908 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:19:44.0112 1908 intelide - ok
21:19:44.0159 1908 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:19:44.0159 1908 intelppm - ok
21:19:44.0268 1908 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
21:19:44.0268 1908 IntuitUpdateServiceV4 - ok
21:19:44.0299 1908 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:19:44.0315 1908 IPBusEnum - ok
21:19:44.0346 1908 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:19:44.0346 1908 IpFilterDriver - ok
21:19:44.0393 1908 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:19:44.0424 1908 iphlpsvc - ok
21:19:44.0455 1908 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:19:44.0455 1908 IPMIDRV - ok
21:19:44.0455 1908 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:19:44.0471 1908 IPNAT - ok
21:19:44.0549 1908 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:19:44.0580 1908 iPod Service - ok
21:19:44.0596 1908 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:19:44.0596 1908 IRENUM - ok
21:19:44.0627 1908 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:19:44.0627 1908 isapnp - ok
21:19:44.0642 1908 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:19:44.0658 1908 iScsiPrt - ok
21:19:44.0689 1908 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
21:19:44.0689 1908 iwdbus - ok
21:19:44.0720 1908 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:19:44.0720 1908 kbdclass - ok
21:19:44.0752 1908 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:19:44.0752 1908 kbdhid - ok
21:19:44.0783 1908 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:19:44.0783 1908 KeyIso - ok
21:19:44.0830 1908 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:19:44.0845 1908 KSecDD - ok
21:19:44.0861 1908 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:19:44.0861 1908 KSecPkg - ok
21:19:44.0892 1908 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:19:44.0892 1908 ksthunk - ok
21:19:44.0939 1908 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:19:44.0954 1908 KtmRm - ok
21:19:45.0001 1908 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:19:45.0017 1908 LanmanServer - ok
21:19:45.0048 1908 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:19:45.0048 1908 LanmanWorkstation - ok
21:19:45.0095 1908 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:19:45.0095 1908 lltdio - ok
21:19:45.0126 1908 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:19:45.0142 1908 lltdsvc - ok
21:19:45.0173 1908 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:19:45.0173 1908 lmhosts - ok
21:19:45.0235 1908 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:19:45.0235 1908 LMS - ok
21:19:45.0282 1908 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:19:45.0298 1908 LSI_FC - ok
21:19:45.0313 1908 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:19:45.0329 1908 LSI_SAS - ok
21:19:45.0344 1908 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:19:45.0360 1908 LSI_SAS2 - ok
21:19:45.0376 1908 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:19:45.0391 1908 LSI_SCSI - ok
21:19:45.0407 1908 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:19:45.0407 1908 luafv - ok
21:19:45.0438 1908 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:19:45.0454 1908 Mcx2Svc - ok
21:19:45.0485 1908 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
21:19:45.0485 1908 megasas - ok
21:19:45.0516 1908 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:19:45.0532 1908 MegaSR - ok
21:19:45.0563 1908 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:19:45.0578 1908 MEIx64 - ok
21:19:45.0594 1908 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:19:45.0610 1908 MMCSS - ok
21:19:45.0625 1908 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:19:45.0625 1908 Modem - ok
21:19:45.0672 1908 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:19:45.0672 1908 monitor - ok
21:19:45.0688 1908 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:19:45.0688 1908 mouclass - ok
21:19:45.0719 1908 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
21:19:45.0719 1908 mouhid - ok
21:19:45.0766 1908 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:19:45.0781 1908 mountmgr - ok
21:19:45.0890 1908 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:19:45.0890 1908 MozillaMaintenance - ok
21:19:45.0922 1908 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:19:45.0922 1908 mpio - ok
21:19:45.0953 1908 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:19:45.0953 1908 mpsdrv - ok
21:19:46.0000 1908 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:19:46.0031 1908 MpsSvc - ok
21:19:46.0046 1908 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:19:46.0046 1908 MRxDAV - ok
21:19:46.0078 1908 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:19:46.0078 1908 mrxsmb - ok
21:19:46.0109 1908 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:19:46.0109 1908 mrxsmb10 - ok
21:19:46.0124 1908 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:19:46.0124 1908 mrxsmb20 - ok
21:19:46.0171 1908 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:19:46.0171 1908 msahci - ok
21:19:46.0202 1908 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:19:46.0202 1908 msdsm - ok
21:19:46.0234 1908 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:19:46.0249 1908 MSDTC - ok
21:19:46.0280 1908 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:19:46.0280 1908 Msfs - ok
21:19:46.0312 1908 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:19:46.0312 1908 mshidkmdf - ok
21:19:46.0327 1908 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:19:46.0327 1908 msisadrv - ok
21:19:46.0358 1908 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:19:46.0374 1908 MSiSCSI - ok
21:19:46.0374 1908 msiserver - ok
21:19:46.0405 1908 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:19:46.0405 1908 MSKSSRV - ok
21:19:46.0436 1908 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:19:46.0436 1908 MSPCLOCK - ok
21:19:46.0452 1908 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:19:46.0452 1908 MSPQM - ok
21:19:46.0468 1908 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:19:46.0468 1908 MsRPC - ok
21:19:46.0483 1908 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:19:46.0499 1908 mssmbios - ok
21:19:46.0514 1908 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:19:46.0514 1908 MSTEE - ok
21:19:46.0530 1908 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:19:46.0530 1908 MTConfig - ok
21:19:46.0561 1908 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:19:46.0561 1908 Mup - ok
21:19:46.0624 1908 [ F02A154FDE5DA779E971352256E64CFF ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:19:46.0624 1908 MyWiFiDHCPDNS - ok
21:19:46.0670 1908 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:19:46.0686 1908 napagent - ok
21:19:46.0717 1908 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:19:46.0733 1908 NativeWifiP - ok
21:19:46.0780 1908 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:19:46.0826 1908 NDIS - ok
21:19:46.0842 1908 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:19:46.0842 1908 NdisCap - ok
21:19:46.0873 1908 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:19:46.0873 1908 NdisTapi - ok
21:19:46.0904 1908 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:19:46.0904 1908 Ndisuio - ok
21:19:46.0920 1908 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:19:46.0936 1908 NdisWan - ok
21:19:46.0951 1908 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:19:46.0951 1908 NDProxy - ok
21:19:46.0967 1908 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:19:46.0982 1908 NetBIOS - ok
21:19:46.0998 1908 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:19:47.0014 1908 NetBT - ok
21:19:47.0029 1908 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:19:47.0029 1908 Netlogon - ok
21:19:47.0092 1908 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:19:47.0107 1908 Netman - ok
21:19:47.0138 1908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:19:47.0138 1908 NetMsmqActivator - ok
21:19:47.0138 1908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:19:47.0154 1908 NetPipeActivator - ok
21:19:47.0170 1908 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:19:47.0170 1908 netprofm - ok
21:19:47.0185 1908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:19:47.0185 1908 NetTcpActivator - ok
21:19:47.0185 1908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:19:47.0185 1908 NetTcpPortSharing - ok
21:19:47.0404 1908 [ C3FC3EEE5A0CE77A02B27CFDFAF0C758 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
21:19:47.0544 1908 NETwNs64 - ok
21:19:47.0575 1908 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:19:47.0575 1908 nfrd960 - ok
21:19:47.0638 1908 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:19:47.0638 1908 NlaSvc - ok
21:19:47.0778 1908 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
21:19:47.0856 1908 NOBU - ok
21:19:47.0887 1908 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:19:47.0887 1908 Npfs - ok
21:19:47.0918 1908 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:19:47.0918 1908 nsi - ok
21:19:47.0934 1908 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:19:47.0934 1908 nsiproxy - ok
21:19:48.0028 1908 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:19:48.0059 1908 Ntfs - ok
21:19:48.0074 1908 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:19:48.0074 1908 Null - ok
21:19:48.0106 1908 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
21:19:48.0106 1908 nusb3hub - ok
21:19:48.0137 1908 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
21:19:48.0152 1908 nusb3xhc - ok
21:19:48.0184 1908 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:19:48.0184 1908 nvraid - ok
21:19:48.0215 1908 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:19:48.0215 1908 nvstor - ok
21:19:48.0246 1908 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:19:48.0262 1908 nv_agp - ok
21:19:48.0293 1908 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:19:48.0293 1908 ohci1394 - ok
21:19:48.0355 1908 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:19:48.0355 1908 ose - ok
21:19:48.0527 1908 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:19:48.0620 1908 osppsvc - ok
21:19:48.0652 1908 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:19:48.0667 1908 p2pimsvc - ok
21:19:48.0698 1908 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:19:48.0714 1908 p2psvc - ok
21:19:48.0730 1908 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
21:19:48.0745 1908 Parport - ok
21:19:48.0776 1908 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:19:48.0776 1908 partmgr - ok
21:19:48.0808 1908 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:19:48.0823 1908 PcaSvc - ok
21:19:48.0854 1908 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:19:48.0854 1908 pci - ok
21:19:48.0886 1908 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:19:48.0886 1908 pciide - ok
21:19:48.0901 1908 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:19:48.0917 1908 pcmcia - ok
21:19:48.0932 1908 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:19:48.0932 1908 pcw - ok
21:19:48.0964 1908 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:19:48.0979 1908 PEAUTH - ok
21:19:49.0120 1908 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:19:49.0120 1908 PerfHost - ok
21:19:49.0182 1908 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:19:49.0229 1908 pla - ok
21:19:49.0276 1908 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:19:49.0307 1908 PlugPlay - ok
21:19:49.0322 1908 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:19:49.0322 1908 PNRPAutoReg - ok
21:19:49.0338 1908 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:19:49.0354 1908 PNRPsvc - ok
21:19:49.0385 1908 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:19:49.0400 1908 PolicyAgent - ok
21:19:49.0432 1908 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:19:49.0447 1908 Power - ok
21:19:49.0478 1908 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:19:49.0478 1908 PptpMiniport - ok
21:19:49.0510 1908 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
21:19:49.0510 1908 Processor - ok
21:19:49.0556 1908 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:19:49.0572 1908 ProfSvc - ok
21:19:49.0588 1908 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:19:49.0588 1908 ProtectedStorage - ok
21:19:49.0603 1908 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:19:49.0619 1908 Psched - ok
21:19:49.0650 1908 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
21:19:49.0666 1908 PxHlpa64 - ok
21:19:49.0744 1908 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:19:49.0806 1908 ql2300 - ok
21:19:49.0822 1908 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:19:49.0822 1908 ql40xx - ok
21:19:49.0853 1908 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:19:49.0868 1908 QWAVE - ok
21:19:49.0884 1908 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:19:49.0900 1908 QWAVEdrv - ok
21:19:50.0056 1908 [ F98487B25828441B1C6488C642C2AC10 ] RapportCerberus_43926 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus64_43926.sys
21:19:50.0071 1908 RapportCerberus_43926 - ok
21:19:50.0134 1908 [ 345CAF7431B5E8D889E7F6FD15EFAE60 ] RapportEI64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
21:19:50.0134 1908 RapportEI64 - ok
21:19:50.0165 1908 [ 639E619348BB5184DCFA37B9CA6597C7 ] RapportKE64 C:\Windows\system32\Drivers\RapportKE64.sys
21:19:50.0180 1908 RapportKE64 - ok
21:19:50.0227 1908 [ 5BD5895F002438F4E1C50C09BF6F1CE2 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
21:19:50.0274 1908 RapportMgmtService - ok
21:19:50.0290 1908 [ 9BC1C7C30198D36F84A58018CE21FBDA ] RapportPG64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
21:19:50.0305 1908 RapportPG64 - ok
21:19:50.0305 1908 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:19:50.0321 1908 RasAcd - ok
21:19:50.0368 1908 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:19:50.0368 1908 RasAgileVpn - ok
21:19:50.0399 1908 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:19:50.0414 1908 RasAuto - ok
21:19:50.0446 1908 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:19:50.0446 1908 Rasl2tp - ok
21:19:50.0477 1908 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:19:50.0492 1908 RasMan - ok
21:19:50.0508 1908 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:19:50.0508 1908 RasPppoe - ok
21:19:50.0539 1908 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:19:50.0539 1908 RasSstp - ok
21:19:50.0555 1908 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:19:50.0570 1908 rdbss - ok
21:19:50.0586 1908 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:19:50.0586 1908 rdpbus - ok
21:19:50.0617 1908 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:19:50.0617 1908 RDPCDD - ok
21:19:50.0633 1908 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:19:50.0633 1908 RDPENCDD - ok
21:19:50.0664 1908 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:19:50.0664 1908 RDPREFMP - ok
21:19:50.0711 1908 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:19:50.0726 1908 RDPWD - ok
21:19:50.0758 1908 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:19:50.0758 1908 rdyboost - ok
21:19:50.0851 1908 [ 3A1EF2F8D0808BECE6A2FEF3EA3987A5 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:19:50.0882 1908 RegSrvc - ok
21:19:50.0914 1908 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:19:50.0914 1908 RemoteAccess - ok
21:19:50.0945 1908 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:19:50.0960 1908 RemoteRegistry - ok
21:19:51.0007 1908 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:19:51.0007 1908 RFCOMM - ok
21:19:51.0132 1908 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
21:19:51.0179 1908 RoxMediaDB12OEM - ok
21:19:51.0226 1908 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
21:19:51.0226 1908 RoxWatch12 - ok
21:19:51.0257 1908 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:19:51.0272 1908 RpcEptMapper - ok
21:19:51.0304 1908 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:19:51.0304 1908 RpcLocator - ok
21:19:51.0350 1908 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:19:51.0366 1908 RpcSs - ok
21:19:51.0397 1908 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:19:51.0413 1908 rspndr - ok
21:19:51.0444 1908 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
21:19:51.0460 1908 RSUSBSTOR - ok
21:19:51.0506 1908 [ A73ED14670220307874AD6BC2F279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:19:51.0506 1908 RTL8167 - ok
21:19:51.0522 1908 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:19:51.0538 1908 SamSs - ok
21:19:51.0553 1908 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:19:51.0553 1908 sbp2port - ok
21:19:51.0569 1908 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:19:51.0569 1908 SCardSvr - ok
21:19:51.0584 1908 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:19:51.0600 1908 scfilter - ok
21:19:51.0631 1908 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:19:51.0662 1908 Schedule - ok
21:19:51.0694 1908 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:19:51.0694 1908 SCPolicySvc - ok
21:19:51.0709 1908 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:19:51.0725 1908 SDRSVC - ok
21:19:51.0740 1908 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:19:51.0740 1908 secdrv - ok
21:19:51.0756 1908 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:19:51.0772 1908 seclogon - ok
21:19:51.0834 1908 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:19:51.0834 1908 SENS - ok
21:19:51.0881 1908 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:19:51.0896 1908 SensrSvc - ok
21:19:51.0928 1908 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
21:19:51.0928 1908 Serenum - ok
21:19:51.0943 1908 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
21:19:51.0959 1908 Serial - ok
21:19:51.0990 1908 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:19:51.0990 1908 sermouse - ok
21:19:52.0006 1908 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:19:52.0006 1908 SessionEnv - ok
21:19:52.0021 1908 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:19:52.0037 1908 sffdisk - ok
21:19:52.0052 1908 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:19:52.0052 1908 sffp_mmc - ok
21:19:52.0068 1908 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:19:52.0068 1908 sffp_sd - ok
21:19:52.0099 1908 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:19:52.0099 1908 sfloppy - ok
21:19:52.0208 1908 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
21:19:52.0271 1908 SftService - ok
21:19:52.0318 1908 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:19:52.0333 1908 SharedAccess - ok
21:19:52.0380 1908 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:19:52.0396 1908 ShellHWDetection - ok
21:19:52.0427 1908 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:19:52.0442 1908 SiSRaid2 - ok
21:19:52.0458 1908 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:19:52.0458 1908 SiSRaid4 - ok
21:19:52.0505 1908 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:19:52.0520 1908 SkypeUpdate - ok
21:19:52.0552 1908 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:19:52.0552 1908 Smb - ok
21:19:52.0598 1908 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:19:52.0598 1908 SNMPTRAP - ok
21:19:52.0614 1908 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:19:52.0614 1908 spldr - ok
21:19:52.0661 1908 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:19:52.0708 1908 Spooler - ok
21:19:52.0817 1908 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:19:52.0910 1908 sppsvc - ok
21:19:52.0910 1908 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:19:52.0926 1908 sppuinotify - ok
21:19:52.0957 1908 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:19:52.0973 1908 srv - ok
21:19:53.0004 1908 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:19:53.0004 1908 srv2 - ok
21:19:53.0020 1908 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:19:53.0035 1908 srvnet - ok
21:19:53.0066 1908 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:19:53.0066 1908 SSDPSRV - ok
21:19:53.0098 1908 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:19:53.0098 1908 SstpSvc - ok
21:19:53.0113 1908 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:19:53.0129 1908 stexstor - ok
21:19:53.0191 1908 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:19:53.0222 1908 stisvc - ok
21:19:53.0269 1908 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
21:19:53.0269 1908 stllssvr - ok
21:19:53.0300 1908 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:19:53.0300 1908 swenum - ok
21:19:53.0332 1908 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:19:53.0332 1908 swprv - ok
21:19:53.0410 1908 [ AAD83760A0887975D8F524B4D2C86060 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:19:53.0456 1908 SynTP - ok
21:19:53.0519 1908 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:19:53.0566 1908 SysMain - ok
21:19:53.0581 1908 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:19:53.0597 1908 TabletInputService - ok
21:19:53.0612 1908 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:19:53.0612 1908 TapiSrv - ok
21:19:53.0628 1908 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:19:53.0644 1908 TBS - ok
21:19:53.0706 1908 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:19:53.0768 1908 Tcpip - ok
21:19:53.0831 1908 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:19:53.0831 1908 TCPIP6 - ok
21:19:53.0878 1908 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:19:53.0878 1908 tcpipreg - ok
21:19:53.0909 1908 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:19:53.0909 1908 TDPIPE - ok
21:19:53.0956 1908 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:19:53.0956 1908 TDTCP - ok
21:19:53.0987 1908 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:19:54.0002 1908 tdx - ok
21:19:54.0018 1908 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:19:54.0018 1908 TermDD - ok
21:19:54.0065 1908 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:19:54.0065 1908 TermService - ok
21:19:54.0096 1908 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:19:54.0112 1908 Themes - ok
21:19:54.0143 1908 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:19:54.0143 1908 THREADORDER - ok
21:19:54.0158 1908 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:19:54.0174 1908 TrkWks - ok
21:19:54.0236 1908 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:19:54.0252 1908 TrustedInstaller - ok
21:19:54.0330 1908 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:19:54.0330 1908 tssecsrv - ok
21:19:54.0377 1908 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:19:54.0377 1908 TsUsbFlt - ok
21:19:54.0408 1908 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:19:54.0408 1908 TsUsbGD - ok
21:19:54.0455 1908 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:19:54.0455 1908 tunnel - ok
21:19:54.0486 1908 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
21:19:54.0486 1908 TurboB - ok
21:19:54.0548 1908 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
21:19:54.0564 1908 TurboBoost - ok
21:19:54.0580 1908 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:19:54.0595 1908 uagp35 - ok
21:19:54.0611 1908 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:19:54.0626 1908 udfs - ok
21:19:54.0689 1908 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:19:54.0704 1908 UI0Detect - ok
21:19:54.0736 1908 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:19:54.0736 1908 uliagpkx - ok
21:19:54.0782 1908 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:19:54.0782 1908 umbus - ok
21:19:54.0798 1908 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
21:19:54.0798 1908 UmPass - ok
21:19:54.0938 1908 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:19:55.0001 1908 UNS - ok
21:19:55.0032 1908 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:19:55.0032 1908 upnphost - ok
21:19:55.0079 1908 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
21:19:55.0079 1908 USBAAPL64 - ok
21:19:55.0110 1908 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:19:55.0126 1908 usbccgp - ok
21:19:55.0141 1908 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:19:55.0157 1908 usbcir - ok
21:19:55.0172 1908 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:19:55.0172 1908 usbehci - ok
21:19:55.0204 1908 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:19:55.0219 1908 usbhub - ok
21:19:55.0250 1908 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:19:55.0250 1908 usbohci - ok
21:19:55.0266 1908 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:19:55.0282 1908 usbprint - ok
21:19:55.0313 1908 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:19:55.0328 1908 usbscan - ok
21:19:55.0344 1908 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:19:55.0344 1908 USBSTOR - ok
21:19:55.0391 1908 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:19:55.0391 1908 usbuhci - ok
21:19:55.0422 1908 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:19:55.0422 1908 usbvideo - ok
21:19:55.0453 1908 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:19:55.0453 1908 UxSms - ok
21:19:55.0484 1908 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:19:55.0484 1908 VaultSvc - ok
21:19:55.0516 1908 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:19:55.0516 1908 vdrvroot - ok
21:19:55.0547 1908 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:19:55.0562 1908 vds - ok
21:19:55.0578 1908 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:19:55.0578 1908 vga - ok
21:19:55.0594 1908 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:19:55.0594 1908 VgaSave - ok
21:19:55.0625 1908 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:19:55.0640 1908 vhdmp - ok
21:19:55.0656 1908 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:19:55.0656 1908 viaide - ok
21:19:55.0687 1908 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:19:55.0687 1908 volmgr - ok
21:19:55.0718 1908 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:19:55.0734 1908 volmgrx - ok
21:19:55.0750 1908 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:19:55.0750 1908 volsnap - ok
21:19:55.0796 1908 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:19:55.0796 1908 vsmraid - ok
21:19:55.0859 1908 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:19:55.0921 1908 VSS - ok
21:19:55.0952 1908 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:19:55.0952 1908 vwifibus - ok
21:19:55.0984 1908 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:19:55.0984 1908 vwififlt - ok
21:19:56.0030 1908 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:19:56.0046 1908 vwifimp - ok
21:19:56.0093 1908 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:19:56.0140 1908 W32Time - ok
21:19:56.0155 1908 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:19:56.0155 1908 WacomPen - ok
21:19:56.0186 1908 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:19:56.0186 1908 WANARP - ok
21:19:56.0218 1908 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:19:56.0218 1908 Wanarpv6 - ok
21:19:56.0296 1908 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:19:56.0342 1908 WatAdminSvc - ok
21:19:56.0405 1908 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:19:56.0467 1908 wbengine - ok
21:19:56.0483 1908 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:19:56.0483 1908 WbioSrvc - ok
21:19:56.0498 1908 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:19:56.0514 1908 wcncsvc - ok
21:19:56.0530 1908 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:19:56.0545 1908 WcsPlugInService - ok
21:19:56.0592 1908 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
21:19:56.0592 1908 Wd - ok
21:19:56.0654 1908 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:19:56.0686 1908 Wdf01000 - ok
21:19:56.0717 1908 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:19:56.0717 1908 WdiServiceHost - ok
21:19:56.0717 1908 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:19:56.0717 1908 WdiSystemHost - ok
21:19:56.0748 1908 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:19:56.0748 1908 WebClient - ok
21:19:56.0764 1908 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:19:56.0764 1908 Wecsvc - ok
21:19:56.0779 1908 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:19:56.0795 1908 wercplsupport - ok
21:19:56.0826 1908 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:19:56.0842 1908 WerSvc - ok
21:19:56.0873 1908 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:19:56.0873 1908 WfpLwf - ok
21:19:56.0951 1908 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
21:19:56.0966 1908 WimFltr - ok
21:19:56.0998 1908 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:19:56.0998 1908 WIMMount - ok
21:19:56.0998 1908 WinDefend - ok
21:19:57.0013 1908 WinHttpAutoProxySvc - ok
21:19:57.0076 1908 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:19:57.0076 1908 Winmgmt - ok
21:19:57.0154 1908 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:19:57.0216 1908 WinRM - ok
21:19:57.0263 1908 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:19:57.0263 1908 WinUsb - ok
21:19:57.0325 1908 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:19:57.0341 1908 Wlansvc - ok
21:19:57.0388 1908 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:19:57.0388 1908 wlcrasvc - ok
21:19:57.0528 1908 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:19:57.0590 1908 wlidsvc - ok
21:19:57.0622 1908 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:19:57.0622 1908 WmiAcpi - ok
21:19:57.0653 1908 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:19:57.0653 1908 wmiApSrv - ok
21:19:57.0700 1908 WMPNetworkSvc - ok
21:19:57.0746 1908 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:19:57.0746 1908 WPCSvc - ok
21:19:57.0793 1908 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:19:57.0809 1908 WPDBusEnum - ok
21:19:57.0824 1908 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:19:57.0824 1908 ws2ifsl - ok
21:19:57.0840 1908 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:19:57.0856 1908 wscsvc - ok
21:19:57.0856 1908 WSearch - ok
21:19:57.0965 1908 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:19:58.0027 1908 wuauserv - ok
21:19:58.0074 1908 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:19:58.0074 1908 WudfPf - ok
21:19:58.0105 1908 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:19:58.0105 1908 WUDFRd - ok
21:19:58.0152 1908 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:19:58.0168 1908 wudfsvc - ok
21:19:58.0183 1908 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:19:58.0199 1908 WwanSvc - ok
21:19:58.0214 1908 ================ Scan global ===============================
21:19:58.0230 1908 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:19:58.0261 1908 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
21:19:58.0277 1908 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
21:19:58.0308 1908 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:19:58.0355 1908 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:19:58.0370 1908 [Global] - ok
21:19:58.0370 1908 ================ Scan MBR ==================================
21:19:58.0386 1908 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
21:19:58.0714 1908 \Device\Harddisk0\DR0 - ok
21:19:58.0714 1908 ================ Scan VBR ==================================
21:19:58.0714 1908 [ A47A5489026492A028D22E16F0080B53 ] \Device\Harddisk0\DR0\Partition1
21:19:58.0714 1908 \Device\Harddisk0\DR0\Partition1 - ok
21:19:58.0729 1908 [ 915C3A247FB5B28AB40D14CB4701C3BA ] \Device\Harddisk0\DR0\Partition2
21:19:58.0745 1908 \Device\Harddisk0\DR0\Partition2 - ok
21:19:58.0745 1908 ============================================================
21:19:58.0745 1908 Scan finished
21:19:58.0745 1908 ============================================================
21:19:58.0760 4608 Detected object count: 0
21:19:58.0760 4608 Actual detected object count: 0
21:20:12.0566 9908 Deinitialize success

Edited by ST4th, 06 January 2013 - 10:25 AM.


#5 ST4th

ST4th
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:18 PM

Posted 06 January 2013 - 10:27 AM

Malwarebytes:

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.06.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
DG :: DG-PC [administrator]

Protection: Enabled

1/6/2013 1:08:32 AM
mbam-log-2013-01-06 (01-08-32).txt

Scan type: Full scan (C:\|Y:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 429240
Time elapsed: 1 hour(s), 28 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#6 ST4th

ST4th
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:18 PM

Posted 06 January 2013 - 10:29 AM

AdwCleaner results:

Deleted on reboot : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\InstallMate

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Users\DG\AppData\Roaming\Mozilla\Firefox\Profiles\im6cygmb.default\prefs.js

Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Deleted : user_pref("aol_toolbar.default.search.check", false);
Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v23.0.1271.97

File : C:\Users\DG\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1869 octets] - [06/01/2013 06:02:55]

########## EOF - C:\AdwCleaner[S1].txt - [1929 octets] ##########

Edited by ST4th, 06 January 2013 - 10:30 AM.


#7 ST4th

ST4th
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:18 PM

Posted 06 January 2013 - 10:49 AM

RogueKiller log (there were 3; I pulled 2 and 3 into separate documents in Word and compared them; they're identical. Here's 3:

RogueKiller V8.4.2 [Jan 6 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : DG [Admin rights]
Mode : Remove -- Date : 01/06/2013 06:22:05

Bad processes : 2
[SUSP PATH] EasyLife Updater.exe -- C:\ProgramData\Premium\EasyLife Updater\EasyLife Updater.exe -> KILLED [TermProc]
[SUSP PATH] zangzingw.exe -- C:\Users\DG\AppData\Roaming\ZangZing\run\current\lib\win\python\2.6\zangzingw.exe -> KILLED [TermProc]

Registry Entries : 0

Particular Files / Folders:

Driver : [NOT LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts



MBR Check:

+++++ PhysicalDrive0: WDC WD6400BPVT-75HXZT3 +++++
--- User ---
[MBR] 766f35feb751050c1141c93f447de2a9
[BSP] dea9defa67a18cc486b8c709b2ee22f0 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 101 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 212992 | Size: 20000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 41172992 | Size: 590375 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[3]_D_01062013_02d0622.txt >>
RKreport[1]_S_01062013_02d0619.txt ; RKreport[2]_D_01062013_02d0621.txt ; RKreport[3]_D_01062013_02d0622.txt

#8 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,284 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:03:18 PM

Posted 06 January 2013 - 11:01 AM

Hi,

Let's try these scanners. The RogueKiller report seems to tell me that the infection's main folder is being recreated, so let's see if we can find what's doing that.

SUPERAntiSpyware

I need you to run a scan with SUPERAntiSpyware.

  • Download SAS from here, and save it to your desktop.
  • Double click the installer to start the installation. If you do not want to start the trial of the full version, please decline, and feel free to uncheck options to install external toolbars/software, unless you want them. Otherwise, follow the prompts and let the program install.
  • Once the program is done installing and updating, tick the Complete Scan option on the interface, and press the big Scan your Computer... button. Ensure that the options Activate Scan Boost™ > Low boost and Scan inside .ZIP archives are selected and Start Complete Scan.
  • After scanning, be sure to remove all detected threats if any were detected. If asked to reboot to remove threats, do so immediately.
  • Once finished, return to the main interface, go to View Scan Logs and view the newest log. Copy and paste it into your reply.

ESET Online Scanner

I need you to run a scan with ESET Online Scanner.

  • Download the scanner from here, and save it to your desktop.
  • Double click the file to install the program. Once it's done, accept the terms of use and click Start. Be sure the following settings are checked before beginning:
    Scan archives
    Remove found threats
    Scan potentially unwanted applications
    Scan for potentially unsafe applications
    Enable Anti-Stealth technology
  • Once the scan is done, if anything was found, click List of found threats, and then Export to text file..., and save the log to your desktop.
  • Click << Back, and then Finish. If you have to reboot, do so immediately.
  • After ESET finishes scanning and removing threats, copy and paste the log into your reply.

Junkware Removal Tool

I need you to run a scan with Junkware Removal Tool.

  • Download JRT from here, and save it to your desktop.
  • Double click the file to open it, and hit any key as per the instructions of the popped up window.
  • Once the scan is done, copy and paste the contents of the resulting log into your reply.

Please tell me how the PC is running in your next reply.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#9 ST4th

ST4th
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:18 PM

Posted 06 January 2013 - 11:37 AM

Thanks again for the help, Gunto.

easylifeapp was still showing up as my home page on both Chrome and IE. I've changed those and cleared caches, browsing history and cookies on all browsers (I mostly use Firefox and had changed the home page earlier.

Am going to complete the next recommendations now.

ST4th

#10 ST4th

ST4th
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:18 PM

Posted 06 January 2013 - 03:58 PM

OK - didn't realize that I needed to download updates, till after I'd run it once, so I have two logs from SUPERAnti Spyware:

First log:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/06/2013 at 01:13 PM

Application Version : 5.6.1014

Core Rules Database Version : 9829
Trace Rules Database Version: 7641

Scan type : Complete Scan
Total Scan Time : 01:32:05

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 611
Memory threats detected : 0
Registry items scanned : 74993
Registry threats detected : 0
File items scanned : 78371
File threats detected : 152

Adware.Tracking Cookie
C:\Users\DG\AppData\Roaming\Microsoft\Windows\Cookies\EW3Y276E.txt [ /atdmt.com ]
C:\USERS\DG\Cookies\EW3Y276E.txt [ Cookie:DG@atdmt.com/ ]
.dc.tremormedia.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaforge.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtechus.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtechus.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickply.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.ardmediathek.de [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adlegend.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adviva.net [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificmedia.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.net [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.edge.ru4.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.youtube.com [ C:\USERS\DG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.edge.ru4.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.247realmedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
rotator.adjuggler.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.ad.us-ec.adtechus.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adserverec.adtechus.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adserverwc.adtechus.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.glb.adtechus.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adrevolver.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.bluestreak.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.chitika.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.clicktale.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
data.coremetrics.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adcentriconline.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.loadxl.exelator.biz [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.loadxl.exelator.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.loadxl.exelator.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.precisionclick.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.kanoodle.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.specificmedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.tacoda.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
www.tattomedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adlegend.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.webtrendslive.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.beencounter.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.hitbox.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.qnsr.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.saymedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.traveladvertising.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.valueclick.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
ads.bridgetrack.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
ads.pointroll.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
assets.invitemedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
bluestreak.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
doubleclick.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
interclick.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
lulu.ru4.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
nextag.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
tracking.intermundomedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
tracking.reedge.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
tribalfusion.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
vitamine.networldmedia.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.bt.ilsemedia.nl [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adtech.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]

#11 ST4th

ST4th
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:18 PM

Posted 06 January 2013 - 04:00 PM

SUPERAnti Spyware - second log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/06/2013 at 03:24 PM

Application Version : 5.6.1014

Core Rules Database Version : 9830
Trace Rules Database Version: 7642

Scan type : Complete Scan
Total Scan Time : 01:29:32

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 607
Memory threats detected : 0
Registry items scanned : 74993
Registry threats detected : 0
File items scanned : 78429
File threats detected : 85

Adware.Tracking Cookie
C:\Users\DG\AppData\Roaming\Microsoft\Windows\Cookies\3MB8OTWW.txt [ /atdmt.com ]
C:\USERS\DG\Cookies\3MB8OTWW.txt [ Cookie:DG@atdmt.com/ ]
.edge.ru4.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.247realmedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
rotator.adjuggler.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.ad.us-ec.adtechus.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adserverec.adtechus.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adserverwc.adtechus.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.glb.adtechus.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adrevolver.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.bluestreak.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.chitika.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.clicktale.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
data.coremetrics.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adcentriconline.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.loadxl.exelator.biz [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.loadxl.exelator.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.loadxl.exelator.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.precisionclick.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.kanoodle.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.specificmedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.tacoda.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
www.tattomedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adlegend.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.webtrendslive.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.beencounter.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.hitbox.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.qnsr.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.saymedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.traveladvertising.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.valueclick.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
ads.bridgetrack.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
ads.pointroll.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
assets.invitemedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
bluestreak.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
doubleclick.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
interclick.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
lulu.ru4.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
nextag.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
tracking.intermundomedia.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
tracking.reedge.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
tribalfusion.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
vitamine.networldmedia.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.bt.ilsemedia.nl [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.adtech.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\DG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IM6CYGMB.DEFAULT\COOKIES.SQLITE ]

#12 ST4th

ST4th
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:18 PM

Posted 07 January 2013 - 12:08 AM

Results from Eset scanner:

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\Backup\DSLUpdate\hstart.exe.bak a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\Backup\DSLUpdate\hstart.exe.bk1 a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\EasyLife\sprotector.dll a variant of Win32/SProtector.A application cleaned by deleting - quarantined
C:\Users\DG\Downloads\cbsidlm-cbsi4_1_1-PhotoScape-10703122.exe a variant of Win32/CNETInstaller.A application cleaned by deleting - quarantined
C:\Users\DG\Downloads\RK_CTTG.rar.exe Win32/InstalleRex.E.Gen application cleaned by deleting - quarantined

#13 ST4th

ST4th
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:18 PM

Posted 07 January 2013 - 12:31 AM

JRT Log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.1 (01.06.2013:2)
OS: Windows 7 Home Premium x64
Ran by DG on Mon 01/07/2013 at 0:12:04.77
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"
Successfully deleted: [File] "C:\Windows\couponprinter.ocx"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"



~~~ FireFox

Successfully deleted: [File] "C:\Users\DG\AppData\Roaming\mozilla\firefox\profiles\im6cygmb.default\extensions\isreaditlater@ideashower.com.xpi"
Successfully deleted the following from C:\Users\DG\AppData\Roaming\mozilla\firefox\profiles\im6cygmb.default\prefs.js

user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");
Emptied folder: C:\Users\DG\AppData\Roaming\mozilla\firefox\profiles\im6cygmb.default\minidumps [51 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 01/07/2013 at 0:25:53.03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#14 ST4th

ST4th
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:18 PM

Posted 07 January 2013 - 01:21 AM

Have been cruising around, using various programs; everything seems to be in working order following all the scans.

Thanks again for the help. Am looking forward to your further response.

ST4th

#15 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,284 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:03:18 PM

Posted 07 January 2013 - 01:46 AM

Hi,

Awesome to hear that! :thumbup2: I'm going to have you do one last scan, and may have you do a little more depending on the results.

Security Check

I need you to run a checkup with Security Check.

  • Download Security Check here, and save it to your desktop.
  • Double click the file to run it. In the first screen, hit any key and let the scan run.
  • Once the scan is finished, copy and paste the resulting log into your reply.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users