Inactive Sirefef.# strikes again

[Jay Pfoutz]

Probably. Are you sure?

 

[abks26]

Yep, I'm sure about the clean install! I can do it and I'll just reinstall all my programs. But are you saying that this virus would survive a drive reformat? Or that my external drives have been compromised (I didn't copy the AppData, only documents, videos, pictures). Ugh.

I'm on a clean laptop that needs to be returned soon. Can I do scans on my external files on the clean machine?

If everything has been compromised.... :-( Then I feel like I would have to finish the cleaning first then reinstall. This thing has taken too much of my life already. I want to just pull my hair out!

I feel like I should do Linux and Windows 7 since I need to have Java/Windows for work (and I think that's where this whole thing started))

 

[Jay Pfoutz]

We beat it already anyway.

Your data, such as documents, photos, etc. should be fine.

Personal Tips on Preventing Malware

See this page for more info about malware and prevention.

Read more about "FAQ: How did Sirefef or ZeroAccess Infect You?"

Any other questions before I mark this topic solved?

 

[abks26]

Ugh, don't lock the thread since I just did a clean install (or so I thought) and I still have the Google Redirect virus.I spent so much time trying to find stupid Dell drivers only to get it all back to snuff and STILL suffer.

WTF is this ish?

Can we continue to battle this? I'm not sure what else I can do except hose my computer with gasoline and set it on fire.

 

[abks26]

I formatted the drive using DiskPart (command prompt from Windows 7 install).

Was I supposed to Dban the whole thing???

 

[Jay Pfoutz]

Okay. Let's do some troubleshooting...

Please download aswMBR from here

• Save aswMBR.exe to your Desktop
• Double click aswMBR.exe to run it
• Click the Scan button to start the scan as illustrated below

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

• Once the scan finishes click Save log to save the log to your Desktop
  
  
  
  
• Copy and paste the contents of aswMBR.txt back here for review

 

[abks26]

I got the blue screen of death the first time I ran it. Here was the error code from Microsoft.

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.256.48
Locale ID: 1033

Additional information about the problem:
BCCode: d1
BCP1: 0000000000000000
BCP2: 0000000000000002
BCP3: 0000000000000008
BCP4: 0000000000000000
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\082412-21418-01.dmp
C:\Users\Anne\AppData\Local\Temp\WER-56503-0.sysdata.xml

Read our privacy statement online:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt

Then I ran it afterwards with no problems.

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-24 23:59:20
-----------------------------
23:59:20.468 OS Version: Windows x64 6.1.7601 Service Pack 1
23:59:20.468 Number of processors: 4 586 0x2A07
23:59:20.468 ComputerName: ABKS UserName: Anne
23:59:21.981 Initialize success
23:59:29.126 AVAST engine defs: 12082402
23:59:32.808 The log file has been saved successfully to "C:\Users\Anne\Desktop\aswMBRdelete.txt"
23:59:39.071 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:59:39.071 Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 8
23:59:39.118 Disk 0 MBR read successfully
23:59:39.133 Disk 0 MBR scan
23:59:39.133 Disk 0 Windows 7 default MBR code
23:59:39.149 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
23:59:39.164 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 238373 MB offset 206848
23:59:39.242 Disk 0 scanning C:\Windows\system32\drivers
23:59:49.975 Service scanning
00:00:45.808 Modules scanning
00:00:45.823 Disk 0 trace - called modules:
00:00:45.870 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorV.sys hal.dll
00:00:45.870 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800559b060]
00:00:45.886 3 CLASSPNP.SYS[fffff88001bae43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004f3d050]
00:00:47.383 AVAST engine scan C:\
01:07:53.160 Scan finished successfully
06:30:47.192 Disk 0 MBR has been saved successfully to "C:\Users\Anne\Desktop\MBR.dat"
06:30:47.254 The log file has been saved successfully to "C:\Users\Anne\Desktop\aswMBRfull.txt"

 

[Jay Pfoutz]

Please download RenewMyDNS by DragonMaster Jay.

• Save it to your Desktop.
• Double-click RenewMyDNS.exe to start the program.
• Follow the prompts, and when finished it will launch a log.
• Post that log in your next reply.
• After posting the log, delete RenewMyDNS.exe

 

[abks26]

RenewMyDNS by DragonMaster Jay
DNS Diagnostics and refresher
Version 0.3.2

Microsoft Windows [Version 6.1.7601]


``````````Network and DNS Information``````````



Windows IP Configuration

Host Name . . . . . . . . . . . . : ABKS
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : westell.com

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82579LM Gigabit Network Connection
Physical Address. . . . . . . . . : 5C-26-0A-62-4A-78
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : D0-DF-9A-04-55-E9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::55e3:2381:9b38:1025%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.36(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, August 24, 2012 11:48:15 PM
Lease Expires . . . . . . . . . . : Sunday, August 26, 2012 5:07:04 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 248569754
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-C8-0A-52-D0-DF-9A-04-55-E9
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{8B16BC1D-5F2C-4149-9547-3BC4A7EBA2E4}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.westell.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:14b5:3a4c:3f57:fedb(Preferred)
Link-local IPv6 Address . . . . . : fe80::14b5:3a4c:3f57:fedb%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.


``````````Speed-test - Ping``````````

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=173ms TTL=50
Reply from 98.139.183.24: bytes=32 time=111ms TTL=49
Reply from 98.139.183.24: bytes=32 time=82ms TTL=50
Reply from 98.139.183.24: bytes=32 time=100ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 82ms, Maximum = 173ms, Average = 116ms

Pinging geekpolice.net [64.202.189.170] with 32 bytes of data:
Reply from 64.202.189.170: bytes=32 time=115ms TTL=119
Reply from 64.202.189.170: bytes=32 time=114ms TTL=119
Reply from 64.202.189.170: bytes=32 time=115ms TTL=119
Reply from 64.202.189.170: bytes=32 time=115ms TTL=119

Ping statistics for 64.202.189.170:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 114ms, Maximum = 115ms, Average = 114ms

Pinging facebook.com [69.171.237.16] with 32 bytes of data:
Reply from 69.171.237.16: bytes=32 time=131ms TTL=240
Reply from 69.171.237.16: bytes=32 time=131ms TTL=240
Reply from 69.171.237.16: bytes=32 time=132ms TTL=240
Reply from 69.171.237.16: bytes=32 time=131ms TTL=240

Ping statistics for 69.171.237.16:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 131ms, Maximum = 132ms, Average = 131ms

Pinging google.com [173.194.43.14] with 32 bytes of data:
Reply from 173.194.43.14: bytes=32 time=27ms TTL=55
Reply from 173.194.43.14: bytes=32 time=26ms TTL=55
Reply from 173.194.43.14: bytes=32 time=27ms TTL=55
Reply from 173.194.43.14: bytes=32 time=28ms TTL=55

Ping statistics for 173.194.43.14:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 26ms, Maximum = 28ms, Average = 27ms

********************
EOF

 

[Jay Pfoutz]

Never give up!

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please download Hitman Pro by Surfright from here and save it to your desktop.

• Double click HitmanPro36.exe to run the scanner
• Click Next
• Accept the license conditions and click Next
• Choose to do only a single scan. Do not enter any e-mail address and click Next
• Hitman Pro will now scan your computer
• After the scan, choose to ignore all threats - I want to have a look first, before deciding what to do
• Click Next
• You will now find an option to export the results of the scan to an XML file (log.xml). Please do so. Close Hitman Pro.
• Please copy and paste the contents of log.xml into your next reply (You can open XML files with notepad)

 

[abks26]

Still hanging in there....

23:47:45.0513 7020 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
23:47:45.0988 7020 ============================================================
23:47:45.0988 7020 Current date / time: 2012/08/26 23:47:45.0988
23:47:45.0988 7020 SystemInfo:
23:47:45.0988 7020
23:47:45.0988 7020 OS Version: 6.1.7601 ServicePack: 1.0
23:47:45.0988 7020 Product type: Workstation
23:47:45.0989 7020 ComputerName: ABKS
23:47:45.0989 7020 UserName: Anne
23:47:45.0989 7020 Windows directory: C:\Windows
23:47:45.0989 7020 System windows directory: C:\Windows
23:47:45.0989 7020 Running under WOW64
23:47:45.0989 7020 Processor architecture: Intel x64
23:47:45.0989 7020 Number of processors: 4
23:47:45.0989 7020 Page size: 0x1000
23:47:45.0989 7020 Boot type: Normal boot
23:47:45.0989 7020 ============================================================
23:47:48.0246 7020 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:47:48.0380 7020 ============================================================
23:47:48.0381 7020 \Device\Harddisk0\DR0:
23:47:48.0381 7020 MBR partitions:
23:47:48.0381 7020 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:47:48.0381 7020 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
23:47:48.0381 7020 ============================================================
23:47:48.0471 7020 C: <-> \Device\Harddisk0\DR0\Partition2
23:47:48.0471 7020 ============================================================
23:47:48.0472 7020 Initialize success
23:47:48.0472 7020 ============================================================
23:52:01.0220 5056 ============================================================
23:52:01.0220 5056 Scan started
23:52:01.0220 5056 Mode: Manual; SigCheck; TDLFS;
23:52:01.0220 5056 ============================================================
23:52:08.0659 5056 ================ Scan system memory ========================
23:52:08.0660 5056 System memory - ok
23:52:08.0661 5056 ================ Scan services =============================
23:52:09.0604 5056 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:52:10.0110 5056 1394ohci - ok
23:52:10.0210 5056 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:52:10.0251 5056 ACPI - ok
23:52:10.0310 5056 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:52:10.0644 5056 AcpiPmi - ok
23:52:11.0020 5056 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:52:11.0616 5056 AdobeARMservice - ok
23:52:13.0051 5056 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:52:13.0077 5056 AdobeFlashPlayerUpdateSvc - ok
23:52:13.0158 5056 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:52:13.0199 5056 adp94xx - ok
23:52:13.0342 5056 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:52:13.0374 5056 adpahci - ok
23:52:13.0407 5056 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:52:13.0422 5056 adpu320 - ok
23:52:13.0495 5056 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:52:13.0565 5056 AeLookupSvc - ok
23:52:13.0612 5056 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:52:13.0741 5056 AFD - ok
23:52:13.0795 5056 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:52:13.0821 5056 agp440 - ok
23:52:13.0926 5056 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:52:13.0995 5056 ALG - ok
23:52:14.0046 5056 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:52:14.0129 5056 aliide - ok
23:52:14.0160 5056 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:52:14.0175 5056 amdide - ok
23:52:14.0196 5056 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:52:14.0262 5056 AmdK8 - ok
23:52:14.0270 5056 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
23:52:14.0333 5056 AmdPPM - ok
23:52:14.0373 5056 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:52:14.0388 5056 amdsata - ok
23:52:14.0400 5056 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:52:14.0416 5056 amdsbs - ok
23:52:14.0432 5056 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:52:14.0442 5056 amdxata - ok
23:52:14.0494 5056 [ 6D4CB1F46A0AC05326F834FD6B822479 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
23:52:14.0560 5056 ApfiltrService - ok
23:52:14.0597 5056 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:52:14.0784 5056 AppID - ok
23:52:14.0815 5056 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:52:14.0907 5056 AppIDSvc - ok
23:52:14.0934 5056 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
23:52:14.0995 5056 Appinfo - ok
23:52:15.0053 5056 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:52:15.0091 5056 Apple Mobile Device - ok
23:52:15.0147 5056 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
23:52:15.0215 5056 AppMgmt - ok
23:52:15.0233 5056 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
23:52:15.0247 5056 arc - ok
23:52:15.0268 5056 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:52:15.0282 5056 arcsas - ok
23:52:15.0299 5056 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:52:15.0393 5056 AsyncMac - ok
23:52:15.0419 5056 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:52:15.0430 5056 atapi - ok
23:52:15.0495 5056 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:52:15.0604 5056 AudioEndpointBuilder - ok
23:52:15.0616 5056 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:52:15.0657 5056 AudioSrv - ok
23:52:15.0682 5056 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:52:15.0791 5056 AxInstSV - ok
23:52:15.0848 5056 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
23:52:15.0916 5056 b06bdrv - ok
23:52:15.0961 5056 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:52:15.0994 5056 b57nd60a - ok
23:52:16.0044 5056 [ 5A97BAF441076668D01748144D41F874 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
23:52:16.0067 5056 BCM42RLY - ok
23:52:16.0246 5056 [ FBC76C8D561D0AD159EF9452D9F328F6 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
23:52:16.0435 5056 BCM43XX - ok
23:52:16.0518 5056 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:52:16.0619 5056 BDESVC - ok
23:52:16.0657 5056 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:52:16.0732 5056 Beep - ok
23:52:16.0786 5056 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:52:16.0846 5056 BFE - ok
23:52:16.0906 5056 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
23:52:17.0051 5056 BITS - ok
23:52:17.0098 5056 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:52:17.0144 5056 blbdrive - ok
23:52:17.0227 5056 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:52:17.0269 5056 Bonjour Service - ok
23:52:17.0295 5056 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:52:17.0361 5056 bowser - ok
23:52:17.0417 5056 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:52:17.0452 5056 BrFiltLo - ok
23:52:17.0456 5056 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:52:17.0487 5056 BrFiltUp - ok
23:52:17.0516 5056 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
23:52:17.0573 5056 BridgeMP - ok
23:52:17.0606 5056 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:52:17.0649 5056 Browser - ok
23:52:17.0673 5056 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:52:17.0745 5056 Brserid - ok
23:52:17.0757 5056 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:52:17.0788 5056 BrSerWdm - ok
23:52:17.0798 5056 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:52:17.0819 5056 BrUsbMdm - ok
23:52:17.0822 5056 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:52:17.0852 5056 BrUsbSer - ok
23:52:17.0856 5056 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:52:17.0898 5056 BTHMODEM - ok
23:52:17.0952 5056 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:52:18.0010 5056 bthserv - ok
23:52:18.0034 5056 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:52:18.0070 5056 cdfs - ok
23:52:18.0117 5056 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:52:18.0163 5056 cdrom - ok
23:52:18.0216 5056 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:52:18.0292 5056 CertPropSvc - ok
23:52:18.0316 5056 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
23:52:18.0338 5056 circlass - ok
23:52:18.0360 5056 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:52:18.0377 5056 CLFS - ok
23:52:18.0478 5056 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:52:18.0507 5056 clr_optimization_v2.0.50727_32 - ok
23:52:18.0564 5056 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:52:18.0593 5056 clr_optimization_v2.0.50727_64 - ok
23:52:18.0756 5056 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:52:18.0786 5056 clr_optimization_v4.0.30319_32 - ok
23:52:18.0973 5056 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:52:19.0001 5056 clr_optimization_v4.0.30319_64 - ok
23:52:19.0050 5056 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:52:19.0079 5056 CmBatt - ok
23:52:19.0098 5056 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:52:19.0113 5056 cmdide - ok
23:52:19.0175 5056 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
23:52:19.0252 5056 CNG - ok
23:52:19.0300 5056 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:52:19.0312 5056 Compbatt - ok
23:52:19.0323 5056 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:52:19.0349 5056 CompositeBus - ok
23:52:19.0364 5056 COMSysApp - ok
23:52:19.0379 5056 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:52:19.0391 5056 crcdisk - ok
23:52:19.0433 5056 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:52:19.0520 5056 CryptSvc - ok
23:52:19.0566 5056 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
23:52:19.0636 5056 CSC - ok
23:52:19.0679 5056 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
23:52:19.0729 5056 CscService - ok
23:52:19.0776 5056 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:52:19.0835 5056 DcomLaunch - ok
23:52:19.0873 5056 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:52:19.0925 5056 defragsvc - ok
23:52:19.0943 5056 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:52:19.0991 5056 DfsC - ok
23:52:20.0051 5056 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:52:20.0133 5056 Dhcp - ok
23:52:20.0166 5056 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:52:20.0240 5056 discache - ok
23:52:20.0260 5056 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
23:52:20.0271 5056 Disk - ok
23:52:20.0307 5056 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
23:52:20.0375 5056 dmvsc - ok
23:52:20.0433 5056 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:52:20.0506 5056 Dnscache - ok
23:52:20.0555 5056 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:52:20.0644 5056 dot3svc - ok
23:52:20.0650 5056 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:52:20.0696 5056 DPS - ok
23:52:20.0732 5056 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:52:20.0758 5056 drmkaud - ok
23:52:20.0794 5056 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:52:20.0830 5056 DXGKrnl - ok
23:52:20.0860 5056 [ EAFCB4551836FF44EE775CEDDFA7A77E ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
23:52:20.0876 5056 e1cexpress - ok
23:52:20.0911 5056 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:52:20.0975 5056 EapHost - ok
23:52:21.0077 5056 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
23:52:21.0204 5056 ebdrv - ok
23:52:21.0226 5056 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:52:21.0309 5056 EFS - ok
23:52:21.0386 5056 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:52:21.0555 5056 ehRecvr - ok
23:52:21.0592 5056 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:52:21.0651 5056 ehSched - ok
23:52:21.0688 5056 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:52:21.0709 5056 elxstor - ok
23:52:21.0786 5056 [ 757305C7AD34222F4A46D86FE0BEE241 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
23:52:21.0819 5056 EpsonCustomerParticipation - ok
23:52:21.0842 5056 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:52:21.0871 5056 ErrDev - ok
23:52:21.0909 5056 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:52:21.0964 5056 EventSystem - ok
23:52:21.0982 5056 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:52:22.0020 5056 exfat - ok
23:52:22.0056 5056 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:52:22.0122 5056 fastfat - ok
23:52:22.0181 5056 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:52:22.0285 5056 Fax - ok
23:52:22.0309 5056 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
23:52:22.0348 5056 fdc - ok
23:52:22.0387 5056 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:52:22.0445 5056 fdPHost - ok
23:52:22.0463 5056 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:52:22.0498 5056 FDResPub - ok
23:52:22.0523 5056 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:52:22.0535 5056 FileInfo - ok
23:52:22.0538 5056 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:52:22.0580 5056 Filetrace - ok
23:52:22.0612 5056 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:52:22.0624 5056 flpydisk - ok
23:52:22.0630 5056 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:52:22.0646 5056 FltMgr - ok
23:52:22.0702 5056 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
23:52:22.0786 5056 FontCache - ok
23:52:22.0836 5056 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:52:22.0859 5056 FontCache3.0.0.0 - ok
23:52:22.0894 5056 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:52:22.0912 5056 FsDepends - ok
23:52:22.0946 5056 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:52:22.0962 5056 Fs_Rec - ok
23:52:22.0984 5056 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:52:23.0001 5056 fvevol - ok
23:52:23.0022 5056 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:52:23.0033 5056 gagp30kx - ok
23:52:23.0074 5056 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:52:23.0083 5056 GEARAspiWDM - ok
23:52:23.0114 5056 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:52:23.0162 5056 gpsvc - ok
23:52:23.0174 5056 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:52:23.0257 5056 hcw85cir - ok
23:52:23.0292 5056 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:52:23.0325 5056 HdAudAddService - ok
23:52:23.0348 5056 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:52:23.0383 5056 HDAudBus - ok
23:52:23.0411 5056 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:52:23.0440 5056 HidBatt - ok
23:52:23.0449 5056 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:52:23.0475 5056 HidBth - ok
23:52:23.0484 5056 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
23:52:23.0498 5056 HidIr - ok
23:52:23.0530 5056 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
23:52:23.0594 5056 hidserv - ok
23:52:23.0615 5056 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:52:23.0639 5056 HidUsb - ok
23:52:23.0650 5056 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:52:23.0708 5056 hkmsvc - ok
23:52:23.0735 5056 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:52:23.0810 5056 HomeGroupListener - ok
23:52:23.0838 5056 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:52:23.0873 5056 HomeGroupProvider - ok
23:52:23.0904 5056 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:52:23.0921 5056 HpSAMD - ok
23:52:23.0970 5056 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:52:24.0046 5056 HTTP - ok
23:52:24.0067 5056 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:52:24.0077 5056 hwpolicy - ok
23:52:24.0082 5056 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:52:24.0094 5056 i8042prt - ok
23:52:24.0150 5056 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:52:24.0166 5056 iaStorV - ok
23:52:24.0229 5056 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:52:24.0303 5056 idsvc - ok
23:52:24.0588 5056 [ 9937600A1584FF00565D5379EB4C9EDB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:52:24.0987 5056 igfx - ok
23:52:25.0037 5056 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:52:25.0063 5056 iirsp - ok
23:52:25.0118 5056 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:52:25.0233 5056 IKEEXT - ok
23:52:25.0298 5056 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
23:52:25.0341 5056 IntcDAud - ok
23:52:25.0371 5056 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:52:25.0397 5056 intelide - ok
23:52:25.0414 5056 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:52:25.0449 5056 intelppm - ok
23:52:25.0473 5056 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:52:25.0544 5056 IPBusEnum - ok
23:52:25.0558 5056 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:52:25.0595 5056 IpFilterDriver - ok
23:52:25.0618 5056 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:52:25.0686 5056 iphlpsvc - ok
23:52:25.0716 5056 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:52:25.0745 5056 IPMIDRV - ok
23:52:25.0766 5056 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:52:25.0809 5056 IPNAT - ok
23:52:25.0869 5056 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:52:25.0931 5056 iPod Service - ok
23:52:25.0972 5056 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:52:26.0007 5056 IRENUM - ok
23:52:26.0010 5056 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:52:26.0020 5056 isapnp - ok
23:52:26.0038 5056 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:52:26.0054 5056 iScsiPrt - ok
23:52:26.0057 5056 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:52:26.0068 5056 kbdclass - ok
23:52:26.0089 5056 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:52:26.0108 5056 kbdhid - ok
23:52:26.0126 5056 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:52:26.0138 5056 KeyIso - ok
23:52:26.0178 5056 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:52:26.0206 5056 KSecDD - ok
23:52:26.0221 5056 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:52:26.0247 5056 KSecPkg - ok
23:52:26.0276 5056 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:52:26.0345 5056 ksthunk - ok
23:52:26.0372 5056 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:52:26.0428 5056 KtmRm - ok
23:52:26.0459 5056 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
23:52:26.0508 5056 LanmanServer - ok
23:52:26.0546 5056 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:52:26.0616 5056 LanmanWorkstation - ok
23:52:26.0654 5056 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:52:26.0698 5056 lltdio - ok
23:52:26.0737 5056 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:52:26.0783 5056 lltdsvc - ok
23:52:26.0796 5056 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:52:26.0831 5056 lmhosts - ok
23:52:26.0887 5056 [ 103BE142566D66F8AE52C89FE9E92D2B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:52:26.0923 5056 LMS - ok
23:52:26.0956 5056 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:52:26.0973 5056 LSI_FC - ok
23:52:26.0978 5056 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:52:27.0005 5056 LSI_SAS - ok
23:52:27.0010 5056 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
23:52:27.0023 5056 LSI_SAS2 - ok
23:52:27.0027 5056 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:52:27.0039 5056 LSI_SCSI - ok
23:52:27.0047 5056 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:52:27.0096 5056 luafv - ok
23:52:27.0123 5056 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:52:27.0136 5056 Mcx2Svc - ok
23:52:27.0174 5056 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
23:52:27.0200 5056 megasas - ok
23:52:27.0213 5056 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
23:52:27.0240 5056 MegaSR - ok
23:52:27.0274 5056 [ 86614752D2FAE34CCD9E7B2AABA5FBEC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:52:27.0287 5056 MEIx64 - ok
23:52:27.0313 5056 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:52:27.0368 5056 MMCSS - ok
23:52:27.0392 5056 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:52:27.0436 5056 Modem - ok
23:52:27.0455 5056 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:52:27.0478 5056 monitor - ok
23:52:27.0499 5056 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:52:27.0510 5056 mouclass - ok
23:52:27.0526 5056 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:52:27.0551 5056 mouhid - ok
23:52:27.0555 5056 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:52:27.0566 5056 mountmgr - ok
23:52:27.0613 5056 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:52:27.0634 5056 MozillaMaintenance - ok
23:52:27.0686 5056 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
23:52:27.0709 5056 MpFilter - ok
23:52:27.0717 5056 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:52:27.0738 5056 mpio - ok
23:52:27.0743 5056 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:52:27.0778 5056 mpsdrv - ok
23:52:27.0825 5056 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:52:27.0885 5056 MpsSvc - ok
23:52:27.0905 5056 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:52:27.0933 5056 MRxDAV - ok
23:52:27.0963 5056 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:52:28.0020 5056 mrxsmb - ok
23:52:28.0033 5056 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:52:28.0055 5056 mrxsmb10 - ok
23:52:28.0077 5056 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:52:28.0094 5056 mrxsmb20 - ok
23:52:28.0127 5056 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:52:28.0153 5056 msahci - ok
23:52:28.0162 5056 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:52:28.0178 5056 msdsm - ok
23:52:28.0199 5056 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:52:28.0233 5056 MSDTC - ok
23:52:28.0245 5056 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:52:28.0281 5056 Msfs - ok
23:52:28.0294 5056 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:52:28.0335 5056 mshidkmdf - ok
23:52:28.0338 5056 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:52:28.0348 5056 msisadrv - ok
23:52:28.0384 5056 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:52:28.0439 5056 MSiSCSI - ok
23:52:28.0442 5056 msiserver - ok
23:52:28.0469 5056 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:52:28.0516 5056 MSKSSRV - ok
23:52:28.0562 5056 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
23:52:28.0588 5056 MsMpSvc - ok
23:52:28.0628 5056 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:52:28.0706 5056 MSPCLOCK - ok
23:52:28.0719 5056 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:52:28.0768 5056 MSPQM - ok
23:52:28.0791 5056 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:52:28.0808 5056 MsRPC - ok
23:52:28.0814 5056 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:52:28.0824 5056 mssmbios - ok
23:52:28.0845 5056 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:52:28.0895 5056 MSTEE - ok
23:52:28.0903 5056 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
23:52:28.0926 5056 MTConfig - ok
23:52:28.0930 5056 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:52:28.0941 5056 Mup - ok
23:52:28.0965 5056 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:52:29.0021 5056 napagent - ok
23:52:29.0083 5056 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:52:29.0131 5056 NativeWifiP - ok
23:52:29.0165 5056 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
23:52:29.0196 5056 NDIS - ok
23:52:29.0240 5056 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:52:29.0301 5056 NdisCap - ok
23:52:29.0357 5056 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:52:29.0427 5056 NdisTapi - ok
23:52:29.0437 5056 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:52:29.0486 5056 Ndisuio - ok
23:52:29.0507 5056 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:52:29.0550 5056 NdisWan - ok
23:52:29.0554 5056 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:52:29.0588 5056 NDProxy - ok
23:52:29.0592 5056 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:52:29.0629 5056 NetBIOS - ok
23:52:29.0635 5056 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:52:29.0671 5056 NetBT - ok
23:52:29.0682 5056 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:52:29.0692 5056 Netlogon - ok
23:52:29.0745 5056 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:52:29.0820 5056 Netman - ok
23:52:29.0828 5056 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:52:29.0872 5056 netprofm - ok
23:52:29.0897 5056 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:52:29.0908 5056 NetTcpPortSharing - ok
23:52:29.0944 5056 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:52:29.0955 5056 nfrd960 - ok
23:52:29.0992 5056 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:52:30.0018 5056 NisDrv - ok
23:52:30.0037 5056 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
23:52:30.0058 5056 NisSrv - ok
23:52:30.0125 5056 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:52:30.0204 5056 NlaSvc - ok
23:52:30.0222 5056 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:52:30.0257 5056 Npfs - ok
23:52:30.0277 5056 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:52:30.0328 5056 nsi - ok
23:52:30.0331 5056 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:52:30.0366 5056 nsiproxy - ok
23:52:30.0451 5056 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:52:30.0530 5056 Ntfs - ok
23:52:30.0565 5056 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:52:30.0601 5056 Null - ok
23:52:30.0639 5056 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:52:30.0654 5056 nvraid - ok
23:52:30.0671 5056 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:52:30.0685 5056 nvstor - ok
23:52:30.0720 5056 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:52:30.0734 5056 nv_agp - ok
23:52:30.0848 5056 [ D99D7854F2D03463C82B2BB2D8C43ABC ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
23:52:30.0923 5056 OfficeSvc - ok
23:52:30.0947 5056 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:52:30.0960 5056 ohci1394 - ok
23:52:31.0002 5056 [ F148101BFA4C8F2D0CD123483A989DC4 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:52:31.0015 5056 ose - ok
23:52:31.0188 5056 [ 31DC8D825D2C4EB0FF7ED021BB92C541 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:52:31.0385 5056 osppsvc - ok
23:52:31.0414 5056 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:52:31.0485 5056 p2pimsvc - ok
23:52:31.0512 5056 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:52:31.0535 5056 p2psvc - ok
23:52:31.0567 5056 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:52:31.0583 5056 Parport - ok
23:52:31.0619 5056 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:52:31.0634 5056 partmgr - ok
23:52:31.0641 5056 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:52:31.0675 5056 PcaSvc - ok
23:52:31.0681 5056 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:52:31.0698 5056 pci - ok
23:52:31.0701 5056 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:52:31.0711 5056 pciide - ok
23:52:31.0724 5056 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:52:31.0738 5056 pcmcia - ok
23:52:31.0742 5056 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:52:31.0753 5056 pcw - ok
23:52:31.0762 5056 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:52:31.0819 5056 PEAUTH - ok
23:52:31.0870 5056 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:52:32.0005 5056 PeerDistSvc - ok
23:52:32.0097 5056 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:52:32.0146 5056 PerfHost - ok
23:52:32.0211 5056 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:52:32.0313 5056 pla - ok
23:52:32.0346 5056 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:52:32.0421 5056 PlugPlay - ok
23:52:32.0462 5056 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:52:32.0508 5056 PNRPAutoReg - ok
23:52:32.0531 5056 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:52:32.0556 5056 PNRPsvc - ok
23:52:32.0589 5056 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:52:32.0653 5056 PolicyAgent - ok
23:52:32.0688 5056 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:52:32.0756 5056 Power - ok
23:52:32.0794 5056 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:52:32.0841 5056 PptpMiniport - ok
23:52:32.0855 5056 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
23:52:32.0876 5056 Processor - ok
23:52:32.0903 5056 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:52:32.0958 5056 ProfSvc - ok
23:52:32.0982 5056 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:52:32.0993 5056 ProtectedStorage - ok
23:52:33.0013 5056 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:52:33.0066 5056 Psched - ok
23:52:33.0127 5056 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:52:33.0192 5056 ql2300 - ok
23:52:33.0198 5056 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:52:33.0210 5056 ql40xx - ok
23:52:33.0239 5056 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:52:33.0259 5056 QWAVE - ok
23:52:33.0263 5056 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:52:33.0295 5056 QWAVEdrv - ok
23:52:33.0308 5056 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:52:33.0349 5056 RasAcd - ok
23:52:33.0388 5056 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:52:33.0425 5056 RasAgileVpn - ok
23:52:33.0455 5056 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:52:33.0501 5056 RasAuto - ok
23:52:33.0526 5056 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:52:33.0575 5056 Rasl2tp - ok
23:52:33.0601 5056 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:52:33.0640 5056 RasMan - ok
23:52:33.0656 5056 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:52:33.0706 5056 RasPppoe - ok
23:52:33.0710 5056 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:52:33.0757 5056 RasSstp - ok
23:52:33.0763 5056 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:52:33.0808 5056 rdbss - ok
23:52:33.0817 5056 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:52:33.0846 5056 rdpbus - ok
23:52:33.0866 5056 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:52:33.0912 5056 RDPCDD - ok
23:52:33.0947 5056 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:52:34.0018 5056 RDPDR - ok
23:52:34.0054 5056 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:52:34.0138 5056 RDPENCDD - ok
23:52:34.0161 5056 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:52:34.0203 5056 RDPREFMP - ok
23:52:34.0236 5056 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:52:34.0307 5056 RDPWD - ok
23:52:34.0346 5056 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:52:34.0368 5056 rdyboost - ok
23:52:34.0411 5056 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:52:34.0474 5056 RemoteAccess - ok
23:52:34.0518 5056 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:52:34.0580 5056 RemoteRegistry - ok
23:52:34.0584 5056 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:52:34.0632 5056 RpcEptMapper - ok
23:52:34.0665 5056 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:52:34.0692 5056 RpcLocator - ok
23:52:34.0721 5056 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:52:34.0773 5056 RpcSs - ok
23:52:34.0801 5056 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:52:34.0838 5056 rspndr - ok
23:52:34.0864 5056 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
23:52:34.0884 5056 s3cap - ok
23:52:34.0904 5056 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:52:34.0916 5056 SamSs - ok
23:52:34.0920 5056 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:52:34.0933 5056 sbp2port - ok
23:52:34.0967 5056 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:52:35.0031 5056 SCardSvr - ok
23:52:35.0050 5056 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:52:35.0097 5056 scfilter - ok
23:52:35.0128 5056 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:52:35.0202 5056 Schedule - ok
23:52:35.0225 5056 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:52:35.0259 5056 SCPolicySvc - ok
23:52:35.0299 5056 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS

 

[abks26]

\sdbus.sys
23:52:35.0354 5056 sdbus - ok
23:52:35.0392 5056 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:52:35.0467 5056 SDRSVC - ok
23:52:35.0504 5056 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:52:35.0583 5056 secdrv - ok
23:52:35.0614 5056 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:52:35.0649 5056 seclogon - ok
23:52:35.0655 5056 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
23:52:35.0707 5056 SENS - ok
23:52:35.0723 5056 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:52:35.0765 5056 SensrSvc - ok
23:52:35.0791 5056 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
23:52:35.0816 5056 Serenum - ok
23:52:35.0840 5056 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
23:52:35.0865 5056 Serial - ok
23:52:35.0882 5056 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:52:35.0895 5056 sermouse - ok
23:52:35.0929 5056 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:52:35.0981 5056 SessionEnv - ok
23:52:35.0996 5056 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:52:36.0027 5056 sffdisk - ok
23:52:36.0030 5056 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:52:36.0053 5056 sffp_mmc - ok
23:52:36.0057 5056 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:52:36.0077 5056 sffp_sd - ok
23:52:36.0090 5056 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:52:36.0117 5056 sfloppy - ok
23:52:36.0144 5056 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:52:36.0186 5056 SharedAccess - ok
23:52:36.0215 5056 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:52:36.0271 5056 ShellHWDetection - ok
23:52:36.0307 5056 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
23:52:36.0318 5056 SiSRaid2 - ok
23:52:36.0322 5056 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:52:36.0335 5056 SiSRaid4 - ok
23:52:36.0369 5056 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:52:36.0419 5056 Smb - ok
23:52:36.0458 5056 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:52:36.0501 5056 SNMPTRAP - ok
23:52:36.0519 5056 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:52:36.0533 5056 spldr - ok
23:52:36.0572 5056 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
23:52:36.0646 5056 Spooler - ok
23:52:36.0779 5056 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:52:36.0957 5056 sppsvc - ok
23:52:36.0964 5056 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:52:37.0001 5056 sppuinotify - ok
23:52:37.0037 5056 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:52:37.0104 5056 srv - ok
23:52:37.0131 5056 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:52:37.0166 5056 srv2 - ok
23:52:37.0191 5056 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:52:37.0211 5056 srvnet - ok
23:52:37.0264 5056 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:52:37.0336 5056 SSDPSRV - ok
23:52:37.0341 5056 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:52:37.0377 5056 SstpSvc - ok
23:52:37.0419 5056 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
23:52:37.0430 5056 stexstor - ok
23:52:37.0464 5056 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:52:37.0493 5056 stisvc - ok
23:52:37.0519 5056 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
23:52:37.0530 5056 storflt - ok
23:52:37.0549 5056 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
23:52:37.0605 5056 StorSvc - ok
23:52:37.0621 5056 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
23:52:37.0635 5056 storvsc - ok
23:52:37.0675 5056 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:52:37.0701 5056 swenum - ok
23:52:37.0733 5056 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:52:37.0802 5056 swprv - ok
23:52:37.0899 5056 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:52:37.0978 5056 SysMain - ok
23:52:37.0986 5056 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:52:38.0005 5056 TabletInputService - ok
23:52:38.0029 5056 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:52:38.0074 5056 TapiSrv - ok
23:52:38.0092 5056 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:52:38.0133 5056 TBS - ok
23:52:38.0193 5056 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:52:38.0321 5056 Tcpip - ok
23:52:38.0359 5056 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:52:38.0402 5056 TCPIP6 - ok
23:52:38.0442 5056 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:52:38.0483 5056 tcpipreg - ok
23:52:38.0491 5056 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:52:38.0530 5056 TDPIPE - ok
23:52:38.0572 5056 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:52:38.0615 5056 TDTCP - ok
23:52:38.0625 5056 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:52:38.0667 5056 tdx - ok
23:52:38.0671 5056 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:52:38.0683 5056 TermDD - ok
23:52:38.0738 5056 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:52:38.0824 5056 TermService - ok
23:52:38.0835 5056 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:52:38.0853 5056 Themes - ok
23:52:38.0869 5056 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:52:38.0904 5056 THREADORDER - ok
23:52:38.0918 5056 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:52:38.0971 5056 TrkWks - ok
23:52:39.0040 5056 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:52:39.0123 5056 TrustedInstaller - ok
23:52:39.0156 5056 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:52:39.0223 5056 tssecsrv - ok
23:52:39.0252 5056 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:52:39.0283 5056 TsUsbFlt - ok
23:52:39.0286 5056 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
23:52:39.0298 5056 TsUsbGD - ok
23:52:39.0342 5056 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:52:39.0389 5056 tunnel - ok
23:52:39.0403 5056 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:52:39.0414 5056 uagp35 - ok
23:52:39.0436 5056 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:52:39.0486 5056 udfs - ok
23:52:39.0516 5056 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:52:39.0529 5056 UI0Detect - ok
23:52:39.0558 5056 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:52:39.0569 5056 uliagpkx - ok
23:52:39.0612 5056 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:52:39.0651 5056 umbus - ok
23:52:39.0655 5056 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
23:52:39.0704 5056 UmPass - ok
23:52:39.0747 5056 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
23:52:39.0801 5056 UmRdpService - ok
23:52:39.0915 5056 [ 6B778A47EB9CE430708AC42980BB712C ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:52:40.0046 5056 UNS - ok
23:52:40.0075 5056 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:52:40.0132 5056 upnphost - ok
23:52:40.0162 5056 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
23:52:40.0218 5056 USBAAPL64 - ok
23:52:40.0276 5056 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:52:40.0329 5056 usbaudio - ok
23:52:40.0379 5056 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:52:40.0470 5056 usbccgp - ok
23:52:40.0509 5056 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:52:40.0543 5056 usbcir - ok
23:52:40.0570 5056 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:52:40.0609 5056 usbehci - ok
23:52:40.0645 5056 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:52:40.0684 5056 usbhub - ok
23:52:40.0701 5056 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:52:40.0728 5056 usbohci - ok
23:52:40.0755 5056 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
23:52:40.0783 5056 usbprint - ok
23:52:40.0812 5056 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
23:52:40.0935 5056 USBSTOR - ok
23:52:40.0980 5056 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:52:41.0023 5056 usbuhci - ok
23:52:41.0140 5056 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:52:41.0180 5056 usbvideo - ok
23:52:41.0245 5056 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:52:41.0343 5056 UxSms - ok
23:52:41.0371 5056 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:52:41.0383 5056 VaultSvc - ok
23:52:41.0547 5056 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:52:41.0572 5056 vdrvroot - ok
23:52:41.0748 5056 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:52:41.0863 5056 vds - ok
23:52:41.0948 5056 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:52:41.0986 5056 vga - ok
23:52:42.0003 5056 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:52:42.0056 5056 VgaSave - ok
23:52:42.0078 5056 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:52:42.0092 5056 vhdmp - ok
23:52:42.0123 5056 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:52:42.0135 5056 viaide - ok
23:52:42.0211 5056 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
23:52:42.0240 5056 vmbus - ok
23:52:42.0263 5056 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
23:52:42.0294 5056 VMBusHID - ok
23:52:42.0351 5056 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:52:42.0380 5056 volmgr - ok
23:52:42.0438 5056 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:52:42.0472 5056 volmgrx - ok
23:52:42.0500 5056 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:52:42.0522 5056 volsnap - ok
23:52:42.0544 5056 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:52:42.0558 5056 vsmraid - ok
23:52:42.0769 5056 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:52:42.0851 5056 VSS - ok
23:52:42.0905 5056 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:52:43.0036 5056 vwifibus - ok
23:52:43.0078 5056 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:52:43.0100 5056 vwififlt - ok
23:52:43.0280 5056 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:52:43.0350 5056 W32Time - ok
23:52:43.0427 5056 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:52:43.0526 5056 WacomPen - ok
23:52:43.0708 5056 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:52:43.0840 5056 WANARP - ok
23:52:43.0952 5056 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:52:44.0017 5056 Wanarpv6 - ok
23:52:44.0616 5056 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:52:44.0745 5056 WatAdminSvc - ok
23:52:45.0154 5056 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:52:45.0280 5056 wbengine - ok
23:52:45.0350 5056 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:52:45.0467 5056 WbioSrvc - ok
23:52:45.0513 5056 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:52:45.0562 5056 wcncsvc - ok
23:52:45.0566 5056 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:52:45.0648 5056 WcsPlugInService - ok
23:52:45.0719 5056 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
23:52:45.0752 5056 Wd - ok
23:52:45.0770 5056 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:52:45.0793 5056 Wdf01000 - ok
23:52:45.0872 5056 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:52:46.0569 5056 WdiServiceHost - ok
23:52:46.0593 5056 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:52:46.0618 5056 WdiSystemHost - ok
23:52:46.0698 5056 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:52:46.0765 5056 WebClient - ok
23:52:46.0860 5056 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:52:46.0942 5056 Wecsvc - ok
23:52:46.0992 5056 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:52:47.0030 5056 wercplsupport - ok
23:52:47.0116 5056 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:52:47.0197 5056 WerSvc - ok
23:52:47.0295 5056 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:52:47.0358 5056 WfpLwf - ok
23:52:47.0384 5056 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:52:47.0395 5056 WIMMount - ok
23:52:47.0418 5056 WinDefend - ok
23:52:47.0422 5056 WinHttpAutoProxySvc - ok
23:52:48.0010 5056 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:52:48.0122 5056 Winmgmt - ok
23:52:48.0672 5056 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:52:48.0790 5056 WinRM - ok
23:52:48.0909 5056 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
23:52:48.0946 5056 WinUsb - ok
23:52:49.0214 5056 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:52:49.0288 5056 Wlansvc - ok
23:52:49.0429 5056 [ C0516B41A1887B4F66139298F6ED3684 ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
23:52:49.0525 5056 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
23:52:49.0525 5056 wltrysvc - detected UnsignedFile.Multi.Generic (1)
23:52:49.0572 5056 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:52:49.0638 5056 WmiAcpi - ok
23:52:49.0799 5056 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:52:50.0008 5056 wmiApSrv - ok
23:52:50.0103 5056 WMPNetworkSvc - ok
23:52:50.0206 5056 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:52:50.0307 5056 WPCSvc - ok
23:52:50.0355 5056 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:52:50.0487 5056 WPDBusEnum - ok
23:52:50.0562 5056 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:52:50.0609 5056 ws2ifsl - ok
23:52:50.0648 5056 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
23:52:50.0726 5056 wscsvc - ok
23:52:50.0733 5056 WSearch - ok
23:52:51.0022 5056 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:52:51.0167 5056 wuauserv - ok
23:52:51.0219 5056 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:52:51.0362 5056 WudfPf - ok
23:52:51.0423 5056 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:52:51.0576 5056 WUDFRd - ok
23:52:51.0690 5056 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:52:51.0756 5056 wudfsvc - ok
23:52:51.0848 5056 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
23:52:51.0971 5056 WwanSvc - ok
23:52:52.0020 5056 ================ Scan global ===============================
23:52:52.0119 5056 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:52:52.0208 5056 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
23:52:52.0224 5056 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
23:52:52.0339 5056 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:52:52.0586 5056 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:52:52.0596 5056 [Global] - ok
23:52:52.0600 5056 ================ Scan MBR ==================================
23:52:52.0653 5056 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:52:55.0538 5056 \Device\Harddisk0\DR0 - ok
23:52:55.0539 5056 ================ Scan VBR ==================================
23:52:55.0577 5056 [ CE701F28421E3EF101CA3B8E66C61A4F ] \Device\Harddisk0\DR0\Partition1
23:52:55.0581 5056 \Device\Harddisk0\DR0\Partition1 - ok
23:52:55.0600 5056 [ 5EEA13D4A69A55A80CE546CE12AB2CC2 ] \Device\Harddisk0\DR0\Partition2
23:52:55.0604 5056 \Device\Harddisk0\DR0\Partition2 - ok
23:52:55.0605 5056 ============================================================
23:52:55.0605 5056 Scan finished
23:52:55.0605 5056 ============================================================
23:52:55.0620 4344 Detected object count: 1
23:52:55.0620 4344 Actual detected object count: 1
23:53:12.0233 4344 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:53:12.0233 4344 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:58:53.0822 6032 Deinitialize success

 

[abks26]

HitmanPro 3.6.1.164
www.hitmanpro.com

   Computer name . . . . : ABKS
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : ABKS\Anne
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2012-08-26 23:59:22
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 47m 36s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 106

   Objects scanned . . . : 1,293,918
   Files scanned . . . . : 32,536
   Remnants scanned  . . : 383,487 files / 877,895 keys

Cookies _____________________________________________________________________

   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:ad.360yield.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:ad.yieldmanager.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:adbrite.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:ads.bleepingcomputer.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:advertising.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:ar.atwola.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:at.atwola.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:atdmt.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:atwola.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:burstnet.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:casalemedia.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:doubleclick.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:googleads.g.doubleclick.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:interclick.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:invitemedia.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:kontera.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:revsci.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:ru4.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:statse.webtrendslive.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:tacoda.at.atwola.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:tacoda.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\u5nt4nt8.default\cookies.sqlite:tribalfusion.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:247realmedia.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:2o7.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:a1.interclick.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:ad.360yield.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:ad.mlnadvertising.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:ad.yieldmanager.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:adbrite.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:ads.bleepingcomputer.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:ads.masslive.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:ads.mlive.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:ads.oregonlive.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:ads.pointroll.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:ads.pubmatic.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:ads.shorttail.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:ads.undertone.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:adserver.adtechus.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:adtech.de
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:advertising.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:alliancedata.122.2o7.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:apmebf.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:ar.atwola.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:at.atwola.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:atdmt.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:atwola.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:bs.serving-sys.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:burstnet.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:c.atdmt.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:c1.atdmt.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:casalemedia.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:cbsdigitalmedia.112.2o7.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:clients.pointroll.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:collective-media.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:dmtracker.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:doubleclick.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:fastclick.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:googleads.g.doubleclick.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:i4commerce.112.2o7.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:interclick.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:invitemedia.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:kontera.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:linksynergy.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:marthastewart.122.2o7.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:media6degrees.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:mediaplex.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:microsoftsto.112.2o7.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:mm.chitika.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:network.realmedia.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:overture.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:pcworldcommunication.122.2o7.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:pointroll.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:questionmarket.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:realmedia.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:revsci.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:ru4.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:serving-sys.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:smartadserver.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:specificclick.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:stat.dealtime.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:statcounter.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:stats.paypal.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:statse.webtrendslive.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:t.pointroll.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:tacoda.at.atwola.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:tacoda.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:tribalfusion.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:trinitymirror.112.2o7.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:www.burstnet.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:www.googleadservices.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:xiti.com
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:yieldmanager.net
   C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\v159kjkc.default-1345748008381\cookies.sqlite:zedo.com
   C:\Users\Web Surfer\AppData\Roaming\Mozilla\Firefox\Profiles\e5jb01yz.default\cookies.sqlite:adbrite.com
   C:\Users\Web Surfer\AppData\Roaming\Mozilla\Firefox\Profiles\e5jb01yz.default\cookies.sqlite:ads.pubmatic.com
   C:\Users\Web Surfer\AppData\Roaming\Mozilla\Firefox\Profiles\e5jb01yz.default\cookies.sqlite:apmebf.com
   C:\Users\Web Surfer\AppData\Roaming\Mozilla\Firefox\Profiles\e5jb01yz.default\cookies.sqlite:atdmt.com
   C:\Users\Web Surfer\AppData\Roaming\Mozilla\Firefox\Profiles\e5jb01yz.default\cookies.sqlite:c.atdmt.com
   C:\Users\Web Surfer\AppData\Roaming\Mozilla\Firefox\Profiles\e5jb01yz.default\cookies.sqlite:doubleclick.net
   C:\Users\Web Surfer\AppData\Roaming\Mozilla\Firefox\Profiles\e5jb01yz.default\cookies.sqlite:fastclick.net
   C:\Users\Web Surfer\AppData\Roaming\Mozilla\Firefox\Profiles\e5jb01yz.default\cookies.sqlite:in.getclicky.com
   C:\Users\Web Surfer\AppData\Roaming\Mozilla\Firefox\Profiles\e5jb01yz.default\cookies.sqlite:invitemedia.com
   C:\Users\Web Surfer\AppData\Roaming\Mozilla\Firefox\Profiles\e5jb01yz.default\cookies.sqlite:media6degrees.com
   C:\Users\Web Surfer\AppData\Roaming\Mozilla\Firefox\Profiles\e5jb01yz.default\cookies.sqlite:serving-sys.com
   C:\Users\Web Surfer\AppData\Roaming\Mozilla\Firefox\Profiles\e5jb01yz.default\cookies.sqlite:statse.webtrendslive.com
   C:\Users\Web Surfer\AppData\Roaming\Mozilla\Firefox\Profiles\e5jb01yz.default\cookies.sqlite:tribalfusion.com

 

[Jay Pfoutz]

Well, honestly, nothing to sneeze at. Haha

I suppose a retry on reformat and reinstall. Go ahead and nuke it (that is DBAN).

Let me know if that works or not.

 

[abks26]

Can you give me some proper instructions or point to a thread with good info on how to implement this?? I'm scared I'll mess up my HDD and do something stupid.

 

[Jay Pfoutz]

Guide for format and reinstall: http://www.helpmyos.com/tutorials-s...-operating-system-the-easy-way-t1307.htm#3143

 

[abks26]

I honestly meant for using DBAN since I can install the OS fine and format everything. The problem is that I did that already and still got the Google Redirect going.

 

[Jay Pfoutz]

Already did what, the DBAN and format and reinstall as just suggested, or did you do that earlier and still have the problem? Just trying to make sense of this here...

 

[abks26]

I already did the reformat and reinstall through the Windows installer. I posted earlier how I used MS DiskPart where I did the reformat through the command prompt option (used "Clean All") when I installed again. Everything was fine and all the partitions that I had before were eliminated so I know it worked. But still came up with the Google Redirect.

Now, I want to try DBan reformat to wipe down the hard drive but I don't want to mess it up since I've read posts about people having problems after their computer gets wiped down. I want to get proper instructions since I don't know what is the best method for best results with DBan.

 

[Jay Pfoutz]

I'd honestly say to do a search on using DBAN: http://www.bing.com/search?q=how+to+use+dban

Lots of good info. The first couple of results I like are:

http://www.ucd.ie/itservices/itsupp...howtousedbantoremovethecontentsfromaharddisk/
http://www.ehow.com/how_8668190_use-dban-usb.html