Author Topic: major problems with computer speed. Need big time help (Read 21839 times)

kile32 · « **Reply #15 on:** April 12, 2012, 10:48:08 PM »

Status: Deleted (events: 1)
4/12/2012 8:26:29 PM Deleted Trojan program Trojan.Win32.TDSS.irdg C:\Documents and Settings\All Users\Microsoft\Windows\DRM\F275.tmp High

SuperDave · « **Reply #16 on:** April 13, 2012, 12:42:11 PM »

Let's run a few more scans to see what turns up.

Please download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

On completion of the scan click save log, save it to your desktop and post in your next reply

kile32 · « **Reply #17 on:** April 13, 2012, 06:57:42 PM »

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-13 19:56:01
-----------------------------
19:56:01.408 OS Version: Windows 6.0.6002 Service Pack 2
19:56:01.408 Number of processors: 2 586 0xF02
19:56:01.408 ComputerName: KILE-PC UserName: Kile
19:56:04.200 Initialize success
19:56:13.113 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:56:13.129 Disk 0 Vendor: WDC_WD3200AAKS-75VYA0 12.01B02 Size: 305245MB BusType: 3
19:56:13.129 Disk 0 MBR read successfully
19:56:13.129 Disk 0 MBR scan
19:56:13.144 Disk 0 TDL4@MBR code has been found
19:56:13.144 Disk 0 Windows VISTA default MBR code found via API
19:56:13.144 Disk 0 MBR hidden
19:56:13.144 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
19:56:13.176 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 98304
19:56:13.191 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 294956 MB offset 21069824
19:56:13.191 Disk 0 MBR [TDL4] **ROOTKIT**
19:56:13.207 Disk 0 trace - called modules:
19:56:13.222 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x855f749f]<<
19:56:13.254 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84f9f030]
19:56:13.285 3 CLASSPNP.SYS[8819f8b3] -> nt!IofCallDriver -> [0x84dfd918]
19:56:13.300 5 acpi.sys[806a06bc] -> nt!IofCallDriver -> [0x8402b528]
19:56:13.300 \Driver\atapi[0x855c89f8] -> IRP_MJ_CREATE -> 0x855f749f
19:56:13.316 Scan finished successfully
19:56:34.280 Disk 0 MBR has been saved successfully to "C:\Users\Kile\Desktop\MBR.dat"
19:56:34.289 The log file has been saved successfully to "C:\Users\Kile\Desktop\aswMBR.txt"

SuperDave · « **Reply #18 on:** April 14, 2012, 11:22:19 AM »

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
Click the Report button and copy/paste the contents of it into your next reply

Note:It will also create a log in the C:\ directory..

Please run aswMBR.exe again after doing the above and post the log.

kile32 · « **Reply #19 on:** April 14, 2012, 12:21:05 PM »

BEFORE
13:02:23.0768 5980   TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
13:02:25.0781 5980   ============================================================
13:02:25.0781 5980   Current date / time: 2012/04/14 13:02:25.0781
13:02:25.0781 5980   SystemInfo:
13:02:25.0781 5980
13:02:25.0781 5980   OS Version: 6.0.6002 ServicePack: 2.0
13:02:25.0781 5980   Product type: Workstation
13:02:25.0781 5980   ComputerName: KILE-PC
13:02:25.0781 5980   UserName: Kile
13:02:25.0781 5980   Windows directory: C:\Windows
13:02:25.0781 5980   System windows directory: C:\Windows
13:02:25.0781 5980   Processor architecture: Intel x86
13:02:25.0781 5980   Number of processors: 2
13:02:25.0781 5980   Page size: 0x1000
13:02:25.0781 5980   Boot type: Normal boot
13:02:25.0781 5980   ============================================================
13:02:30.0305 5980   Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:02:30.0320 5980   \Device\Harddisk0\DR0:
13:02:30.0320 5980   MBR used
13:02:30.0320 5980   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x1400000
13:02:30.0320 5980   \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1418000, BlocksNum 0x24016000
13:02:30.0398 5980   Initialize success
13:02:30.0398 5980   ============================================================
13:03:26.0541 4640   ============================================================
13:03:26.0541 4640   Scan started
13:03:26.0541 4640   Mode: Manual;
13:03:26.0541 4640   ============================================================
13:03:29.0505 4640   !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
13:03:29.0520 4640   !SASCORE - ok
13:03:29.0661 4640   ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:03:29.0661 4640   ACDaemon - ok
13:03:29.0879 4640   ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
13:03:29.0879 4640   ACPI - ok
13:03:29.0941 4640   AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:03:29.0941 4640   AdobeARMservice - ok
13:03:30.0035 4640   adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
13:03:30.0051 4640   adp94xx - ok
13:03:30.0082 4640   adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
13:03:30.0082 4640   adpahci - ok
13:03:30.0129 4640   adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
13:03:30.0129 4640   adpu160m - ok
13:03:30.0160 4640   adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
13:03:30.0160 4640   adpu320 - ok
13:03:30.0191 4640   AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
13:03:30.0207 4640   AeLookupSvc - ok
13:03:30.0238 4640   AERTFilters (330a1e4df07c2e29949ed8631cd8828e) C:\Windows\system32\AERTSrv.exe
13:03:30.0238 4640   AERTFilters - ok
13:03:30.0300 4640   Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
13:03:30.0316 4640   Afc - ok
13:03:30.0534 4640   AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
13:03:30.0581 4640   AFD - ok
13:03:30.0815 4640   agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
13:03:30.0831 4640   agp440 - ok
13:03:30.0877 4640   aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:03:30.0909 4640   aic78xx - ok
13:03:30.0940 4640   ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
13:03:30.0955 4640   ALG - ok
13:03:31.0002 4640   aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys
13:03:31.0018 4640   aliide - ok
13:03:31.0065 4640   amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
13:03:31.0080 4640   amdagp - ok
13:03:31.0111 4640   amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys
13:03:31.0127 4640   amdide - ok
13:03:31.0158 4640   AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
13:03:31.0189 4640   AmdK7 - ok
13:03:31.0236 4640   AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
13:03:31.0267 4640   AmdK8 - ok
13:03:31.0345 4640   Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
13:03:31.0377 4640   Appinfo - ok
13:03:31.0455 4640   Apple Mobile Device (7e94e567c1aa5abe6174032b3dab6c23) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
13:03:31.0470 4640   Apple Mobile Device - ok
13:03:31.0517 4640   arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
13:03:31.0533 4640   arc - ok
13:03:31.0611 4640   arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
13:03:31.0642 4640   arcsas - ok
13:03:31.0720 4640   AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
13:03:31.0751 4640   AsyncMac - ok
13:03:31.0845 4640   atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
13:03:31.0845 4640   atapi - ok
13:03:31.0907 4640   AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:03:31.0923 4640   AudioEndpointBuilder - ok
13:03:31.0954 4640   Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:03:31.0969 4640   Audiosrv - ok
13:03:32.0016 4640   Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
13:03:32.0032 4640   Beep - ok
13:03:32.0094 4640   BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
13:03:32.0110 4640   BFE - ok
13:03:32.0266 4640   BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120402.001\BHDrvx86.sys
13:03:32.0297 4640   BHDrvx86 - ok
13:03:32.0859 4640   BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
13:03:32.0874 4640   BITS - ok
13:03:32.0905 4640   blbdrive - ok
13:03:32.0999 4640   Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe
13:03:33.0015 4640   Bonjour Service - ok
13:03:33.0108 4640   bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
13:03:33.0202 4640   bowser - ok
13:03:33.0249 4640   BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:03:33.0249 4640   BrFiltLo - ok
13:03:33.0280 4640   BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:03:33.0311 4640   BrFiltUp - ok
13:03:33.0373 4640   Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
13:03:33.0373 4640   Browser - ok
13:03:33.0420 4640   Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:03:33.0420 4640   Brserid - ok
13:03:33.0451 4640   BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:03:33.0483 4640   BrSerWdm - ok
13:03:33.0545 4640   BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:03:33.0545 4640   BrUsbMdm - ok
13:03:33.0561 4640   BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:03:33.0561 4640   BrUsbSer - ok
13:03:33.0576 4640   BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
13:03:33.0592 4640   BTHMODEM - ok
13:03:33.0639 4640   cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
13:03:33.0654 4640   cdfs - ok
13:03:33.0670 4640   cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
13:03:33.0685 4640   cdrom - ok
13:03:33.0732 4640   CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:03:33.0748 4640   CertPropSvc - ok
13:03:33.0810 4640   circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
13:03:33.0841 4640   circlass - ok
13:03:33.0873 4640   CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
13:03:33.0873 4640   CLFS - ok
13:03:33.0966 4640   clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:03:33.0982 4640   clr_optimization_v2.0.50727_32 - ok
13:03:34.0153 4640   clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:03:34.0153 4640   clr_optimization_v4.0.30319_32 - ok
13:03:34.0200 4640   cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys
13:03:34.0216 4640   cmdide - ok
13:03:34.0309 4640   ComcastSecureBackupSharebackup (1255218702d9873021f28fac47c20150) C:\Program Files\SecureBackupShare\ComcastSecureBackupSharebackup.exe
13:03:34.0309 4640   ComcastSecureBackupSharebackup - ok
13:03:34.0325 4640   ComcastSecureBackupShareFilter (b8e08bfcab2be31804cea983d2094faf) C:\Windows\system32\DRIVERS\ComcastSecureBackupShare.sys
13:03:34.0341 4640   ComcastSecureBackupShareFilter - ok
13:03:34.0372 4640   Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
13:03:34.0372 4640   Compbatt - ok
13:03:34.0387 4640   COMSysApp - ok
13:03:34.0434 4640   crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
13:03:34.0434 4640   crcdisk - ok
13:03:34.0481 4640   Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
13:03:34.0497 4640   Crusoe - ok
13:03:34.0543 4640   CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
13:03:34.0559 4640   CryptSvc - ok
13:03:34.0606 4640   DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:03:34.0621 4640   DcomLaunch - ok
13:03:34.0637 4640   DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
13:03:34.0637 4640   DfsC - ok
13:03:34.0731 4640   DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
13:03:34.0777 4640   DFSR - ok
13:03:34.0855 4640   Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
13:03:34.0855 4640   Dhcp - ok
13:03:34.0887 4640   disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
13:03:34.0902 4640   disk - ok
13:03:34.0949 4640   Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
13:03:34.0965 4640   Dnscache - ok
13:03:34.0996 4640   dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
13:03:35.0011 4640   dot3svc - ok
13:03:35.0074 4640   Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
13:03:35.0074 4640   Dot4 - ok
13:03:35.0105 4640   Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:03:35.0121 4640   Dot4Print - ok
13:03:35.0183 4640   dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
13:03:35.0183 4640   dot4usb - ok
13:03:35.0230 4640   DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
13:03:35.0245 4640   DPS - ok
13:03:35.0277 4640   drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
13:03:35.0277 4640   drmkaud - ok
13:03:35.0355 4640   DSBrokerService (245f62a2aa67f4a61f10174bf1017327) C:\Program Files\DellSupport\brkrsvc.exe
13:03:35.0355 4640   DSBrokerService - ok
13:03:35.0386 4640   DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
13:03:35.0386 4640   DSproct - ok
13:03:35.0417 4640   dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
13:03:35.0433 4640   dsunidrv - ok
13:03:35.0479 4640   DXGKrnl (fb85f7f69e9b109820409243f578cc4d) C:\Windows\System32\drivers\dxgkrnl.sys
13:03:35.0511 4640   DXGKrnl - ok
13:03:35.0542 4640   e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
13:03:35.0573 4640   e1express - ok
13:03:35.0698 4640   E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:03:35.0698 4640   E1G60 - ok
13:03:35.0745 4640   EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
13:03:35.0760 4640   EapHost - ok
13:03:35.0791 4640   Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
13:03:35.0807 4640   Ecache - ok
13:03:36.0041 4640   eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
13:03:36.0150 4640   eeCtrl - ok
13:03:36.0369 4640   ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
13:03:36.0384 4640   ehRecvr - ok
13:03:36.0400 4640   ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
13:03:36.0400 4640   ehSched - ok
13:03:36.0431 4640   ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
13:03:36.0431 4640   ehstart - ok
13:03:36.0525 4640   elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
13:03:36.0525 4640   elxstor - ok
13:03:36.0603 4640   EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
13:03:36.0649 4640   EMDMgmt - ok
13:03:36.0759 4640   EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:03:36.0759 4640   EraserUtilRebootDrv - ok
13:03:36.0790 4640   EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
13:03:36.0805 4640   EventSystem - ok
13:03:36.0852 4640   exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
13:03:36.0883 4640   exfat - ok
13:03:36.0915 4640   fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
13:03:36.0915 4640   fastfat - ok
13:03:37.0008 4640   fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
13:03:37.0024 4640   fdc - ok
13:03:37.0055 4640   fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
13:03:37.0071 4640   fdPHost - ok
13:03:37.0102 4640   FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
13:03:37.0102 4640   FDResPub - ok
13:03:37.0149 4640   FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
13:03:37.0258 4640   FileInfo - ok
13:03:37.0461 4640   Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
13:03:37.0461 4640   Filetrace - ok
13:03:37.0539 4640   flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:03:37.0554 4640   flpydisk - ok
13:03:37.0601 4640   FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
13:03:37.0617 4640   FltMgr - ok
13:03:37.0663 4640   FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:03:37.0663 4640   FontCache3.0.0.0 - ok
13:03:37.0695 4640   Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
13:03:37.0695 4640   Fs_Rec - ok
13:03:37.0741 4640   gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
13:03:37.0741 4640   gagp30kx - ok
13:03:37.0804 4640   GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:03:37.0819 4640   GEARAspiWDM - ok
13:03:37.0929 4640   gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
13:03:37.0944 4640   gpsvc - ok
13:03:38.0038 4640   gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:03:38.0038 4640   gupdate - ok
13:03:38.0053 4640   gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:03:38.0069 4640   gupdatem - ok
13:03:38.0209 4640   HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:03:38.0225 4640   HDAudBus - ok
13:03:38.0256 4640   HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:03:38.0256 4640   HidBth - ok
13:03:38.0287 4640   HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:03:38.0287 4640   HidIr - ok
13:03:38.0319 4640   hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
13:03:38.0319 4640   hidserv - ok
13:03:38.0350 4640   HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
13:03:38.0350 4640   HidUsb - ok
13:03:38.0412 4640   hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
13:03:38.0428 4640   hkmsvc - ok
13:03:38.0475 4640   HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
13:03:38.0475 4640   HpCISSs - ok
13:03:38.0599 4640   hpqcxs08 (cc8a7d8a8dc9f357b57796583cf8b85f) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:03:38.0615 4640   hpqcxs08 - ok
13:03:38.0646 4640   hpqddsvc (4c2ca71caafd2cf1a673fc8dbfd219c4) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:03:38.0662 4640   hpqddsvc - ok
13:03:38.0740 4640   HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
13:03:38.0755 4640   HSF_DPV - ok
13:03:38.0802 4640   HSXHWBS2 (ed98350ecd4a5a9c9f1e641c09872bb2) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
13:03:38.0818 4640   HSXHWBS2 - ok
13:03:38.0865 4640   HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
13:03:38.0896 4640   HTTP - ok
13:03:38.0943 4640   i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
13:03:38.0943 4640   i2omp - ok
13:03:39.0005 4640   i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
13:03:39.0036 4640   i8042prt - ok
13:03:39.0192 4640   iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
13:03:39.0192 4640   iaStor - ok
13:03:39.0239 4640   iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
13:03:39.0270 4640   iaStorV - ok
13:03:39.0364 4640   IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:03:39.0379 4640   IDriverT - ok
13:03:39.0598 4640   idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:03:39.0629 4640   idsvc - ok
13:03:39.0785 4640   IDSVix86 (b6662611e8fa3a71473c4a9bd0d23755) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120413.001\IDSvix86.sys
13:03:39.0801 4640   IDSVix86 - ok
13:03:39.0972 4640   igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
13:03:40.0050 4640   igfx - ok
13:03:40.0097 4640   iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:03:40.0113 4640   iirsp - ok
13:03:40.0159 4640   IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
13:03:40.0159 4640   IKEEXT - ok
13:03:40.0331 4640   IntcAzAudAddService (f8f53c5449f15b23d4c61d51d2701da8) C:\Windows\system32\drivers\RTKVHDA.sys
13:03:40.0393 4640   IntcAzAudAddService - ok
13:03:40.0409 4640   intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\DRIVERS\intelide.sys
13:03:40.0409 4640   intelide - ok
13:03:40.0471 4640   intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
13:03:40.0471 4640   intelppm - ok
13:03:40.0518 4640   IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
13:03:40.0518 4640   IPBusEnum - ok
13:03:40.0565 4640   IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:03:40.0565 4640   IpFilterDriver - ok
13:03:40.0627 4640   iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
13:03:40.0627 4640   iphlpsvc - ok
13:03:40.0643 4640   IpInIp - ok
13:03:40.0705 4640   IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
13:03:40.0705 4640   IPMIDRV - ok
13:03:40.0768 4640   IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
13:03:40.0768 4640   IPNAT - ok
13:03:40.0846 4640   iPod Service (05cf6a56fbf436c347bb87fd1957adc1) C:\Program Files\iPod\bin\iPodService.exe
13:03:40.0861 4640   iPod Service - ok
13:03:40.0908 4640   IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
13:03:40.0955 4640   IRENUM - ok
13:03:40.0971 4640   is3srv - ok
13:03:41.0017 4640   isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
13:03:41.0049 4640   isapnp - ok
13:03:41.0095 4640   iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
13:03:41.0111 4640   iScsiPrt - ok
13:03:41.0173 4640   iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:03:41.0205 4640   iteatapi - ok
13:03:41.0251 4640   iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:03:41.0283 4640   iteraid - ok
13:03:41.0314 4640   kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:03:41.0329 4640   kbdclass - ok
13:03:41.0361 4640   kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
13:03:41.0361 4640   kbdhid - ok
13:03:42.0078 4640   KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:42.0094 4640   KeyIso - ok
13:03:42.0125 4640   KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
13:03:42.0141 4640   KSecDD - ok
13:03:42.0203 4640   KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
13:03:42.0219 4640   KtmRm - ok
13:03:42.0281 4640   LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
13:03:42.0281 4640   LanmanServer - ok
13:03:42.0359 4640   LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
13:03:42.0359 4640   LanmanWorkstation - ok
13:03:42.0421 4640   lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
13:03:42.0437 4640   lltdio - ok
13:03:42.0515 4640   lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
13:03:42.0515 4640   lltdsvc - ok
13:03:42.0593 4640   lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
13:03:42.0593 4640   lmhosts - ok
13:03:42.0655 4640   LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
13:03:42.0655 4640   LSI_FC - ok
13:03:42.0718 4640   LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
13:03:42.0718 4640   LSI_SAS - ok
13:03:42.0796 4640   LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
13:03:42.0796 4640   LSI_SCSI - ok
13:03:42.0843 4640   luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
13:03:42.0843 4640   luafv - ok
13:03:42.0858 4640   MCSTRM - ok
13:03:42.0936 4640   Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
13:03:42.0952 4640   Mcx2Svc - ok
13:03:42.0983 4640   mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
13:03:42.0983 4640   mdmxsdk - ok
13:03:43.0030 4640   megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
13:03:43.0030 4640   megasas - ok
13:03:43.0077 4640   mferkdk - ok
13:03:43.0123 4640   MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:03:43.0139 4640   MMCSS - ok
13:03:43.0156 4640   Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
13:03:43.0156 4640   Modem - ok
13:03:43.0212 4640   monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
13:03:43.0213 4640   monitor - ok
13:03:43.0244 4640   mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
13:03:43.0258 4640   mouclass - ok
13:03:43.0296 4640   mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
13:03:43.0299 4640   mouhid - ok
13:03:43.0355 4640   MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
13:03:43.0370 4640   MountMgr - ok
13:03:43.0447 4640   mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
13:03:43.0493 4640   mpio - ok
13:03:43.0532 4640   mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
13:03:43.0541 4640   mpsdrv - ok
13:03:43.0599 4640   MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
13:03:43.0623 4640   MpsSvc - ok
13:03:43.0660 4640   Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:03:43.0664 4640   Mraid35x - ok
13:03:43.0740 4640   MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
13:03:43.0744 4640   MRxDAV - ok
13:03:43.0820 4640   mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:03:43.0823 4640   mrxsmb - ok
13:03:43.0882 4640   mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:03:43.0887 4640   mrxsmb10 - ok
13:03:43.0949 4640   mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:03:43.0957 4640   mrxsmb20 - ok
13:03:43.0998 4640   msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys
13:03:44.0013 4640   msahci - ok
13:03:44.0091 4640   MSCamSvc (31e023681015c35ebfe1498b07813b87) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
13:03:44.0114 4640   MSCamSvc - ok
13:03:44.0183 4640   msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
13:03:44.0187 4640   msdsm - ok
13:03:44.0253 4640   MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
13:03:44.0259 4640   MSDTC - ok
13:03:44.0352 4640   Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
13:03:44.0355 4640   Msfs - ok
13:03:44.0387 4640   msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
13:03:44.0407 4640   msisadrv - ok
13:03:44.0483 4640   MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
13:03:44.0492 4640   MSiSCSI - ok
13:03:44.0516 4640   msiserver - ok
13:03:44.0650 4640   MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
13:03:44.0666 4640   MSKSSRV - ok
13:03:44.0731 4640   MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
13:03:44.0734 4640   MSPCLOCK - ok
13:03:44.0812 4640   MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
13:03:44.0814 4640   MSPQM - ok
13:03:44.0877 4640   MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
13:03:44.0883 4640   MsRPC - ok
13:03:44.0904 4640   mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
13:03:44.0906 4640   mssmbios - ok
13:03:44.0937 4640   MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
13:03:44.0940 4640   MSTEE - ok
13:03:44.0991 4640   Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
13:03:44.0998 4640   Mup - ok
13:03:45.0081 4640   N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
13:03:45.0089 4640   N360 - ok
13:03:45.0129 4640   napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
13:03:45.0146 4640   napagent - ok
13:03:45.0182 4640   NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
13:03:45.0191 4640   NativeWifiP - ok
13:03:45.0506 4640   NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120413.025\NAVENG.SYS
13:03:45.0524 4640   NAVENG - ok
13:03:45.0684 4640   NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120413.025\NAVEX15.SYS
13:03:45.0855 4640   NAVEX15 - ok
13:03:45.0996 4640   NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
13:03:46.0048 4640   NDIS - ok
13:03:46.0086 4640   NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
13:03:46.0090 4640   NdisTapi - ok
13:03:46.0271 4640   Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
13:03:46.0300 4640   Ndisuio - ok
13:03:46.0342 4640   NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:03:46.0357 4640   NdisWan - ok
13:03:46.0409 4640   NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
13:03:47.0494 4640   NDProxy - ok
13:03:47.0620 4640   Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll
13:03:47.0624 4640   Net Driver HPZ12 - ok
13:03:47.0753 4640   NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
13:03:47.0768 4640   NetBIOS - ok
13:03:47.0816 4640   netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
13:03:47.0838 4640   netbt - ok
13:03:47.0881 4640   Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:47.0884 4640   Netlogon - ok
13:03:47.0930 4640   Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
13:03:47.0937 4640   Netman - ok
13:03:48.0354 4640   netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
13:03:48.0362 4640   netprofm - ok
13:03:48.0432 4640   NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:03:48.0436 4640   NetTcpPortSharing - ok
13:03:48.0490 4640   nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:03:48.0528 4640   nfrd960 - ok
13:03:48.0586 4640   NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
13:03:48.0595 4640   NlaSvc - ok
13:03:48.0682 4640   nosGetPlusHelper (0e58f99692802c501454eac3d2ac3394) C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
13:03:48.0707 4640   nosGetPlusHelper - ok
13:03:48.0754 4640   Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
13:03:48.0757 4640   Npfs - ok
13:03:48.0829 4640   nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
13:03:48.0832 4640   nsi - ok
13:03:48.0863 4640   nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
13:03:48.0878 4640   nsiproxy - ok
13:03:48.0961 4640   Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
13:03:49.0017 4640   Ntfs - ok
13:03:49.0066 4640   ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:03:49.0069 4640   ntrigdigi - ok
13:03:49.0116 4640   Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
13:03:49.0127 4640   Null - ok
13:03:49.0168 4640   nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
13:03:49.0172 4640   nvraid - ok
13:03:49.0228 4640   nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
13:03:49.0257 4640   nvstor - ok
13:03:49.0303 4640   nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
13:03:49.0334 4640   nv_agp - ok
13:03:49.0349 4640   NwlnkFlt - ok
13:03:49.0380 4640   NwlnkFwd - ok
13:03:49.0448 4640   ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
13:03:49.0471 4640   ohci1394 - ok
13:03:49.0570 4640   p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:49.0597 4640   p2pimsvc - ok
13:03:49.0616 4640   p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:49.0623 4640   p2psvc - ok
13:03:49.0660 4640   Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:03:49.0670 4640   Parport - ok
13:03:49.0725 4640   partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
13:03:49.0743 4640   partmgr - ok
13:03:49.0775 4640   Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:03:49.0796 4640   Parvdm - ok
13:03:49.0837 4640   PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
13:03:49.0845 4640   PcaSvc - ok
13:03:49.0912 4640   pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
13:03:49.0949 4640   pci - ok
13:03:50.0003 4640   pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
13:03:50.0033 4640   pciide - ok
13:03:50.0279 4640   pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
13:03:50.0284 4640   pcmcia - ok
13:03:50.0373 4640   PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:03:50.0388 4640   PEAUTH - ok
13:03:50.0484 4640   pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
13:03:50.0534 4640   pla - ok
13:03:50.0670 4640   PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
13:03:50.0676 4640   PlugPlay - ok
13:03:50.0714 4640   Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll
13:03:50.0716 4640   Pml Driver HPZ12 - ok
13:03:50.0776 4640   PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:50.0785 4640   PNRPAutoReg - ok
13:03:50.0834 4640   PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:50.0842 4640   PNRPsvc - ok
13:03:50.0893 4640   PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
13:03:50.0902 4640   PolicyAgent - ok
13:03:50.0995 4640   PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
13:03:51.0006 4640   PptpMiniport - ok
13:03:51.0073 4640   Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
13:03:51.0076 4640   Processor - ok
13:03:51.0118 4640   ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
13:03:51.0125 4640   ProfSvc - ok
13:03:51.0166 4640   ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:51.0169 4640   ProtectedStorage - ok
13:03:51.0221 4640   PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
13:03:51.0224 4640   PSched - ok
13:03:51.0395 4640   PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
13:03:51.0425 4640   PxHelp20 - ok
13:03:51.0781 4640   ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
13:03:51.0818 4640   ql2300 - ok
13:03:51.0865 4640   ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:03:51.0890 4640   ql40xx - ok
13:03:51.0948 4640   QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
13:03:51.0955 4640   QWAVE - ok
13:03:51.0999 4640   QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
13:03:52.0001 4640   QWAVEdrv - ok
13:03:52.0144 4640   R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
13:03:52.0243 4640   R300 - ok
13:03:52.0290 4640   RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
13:03:52.0290 4640   RasAcd - ok
13:03:52.0336 4640   RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
13:03:52.0336 4640   RasAuto - ok
13:03:52.0368 4640   Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:03:52.0368 4640   Rasl2tp - ok
13:03:52.0430 4640   RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
13:03:52.0430 4640   RasMan - ok
13:03:52.0461 4640   RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
13:03:52.0477 4640   RasPppoe - ok
13:03:52.0508 4640   RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
13:03:52.0508 4640   RasSstp - ok
13:03:52.0680 4640   rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
13:03:52.0726 4640   rdbss - ok
13:03:52.0867 4640   RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:03:52.0867 4640   RDPCDD - ok
13:03:53.0007 4640   rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
13:03:53.0007 4640   rdpdr - ok
13:03:53.0023 4640   RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
13:03:53.0023 4640   RDPENCDD - ok
13:03:53.0054 4640   RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
13:03:53.0054 4640   RDPWD - ok
13:03:53.0101 4640   RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
13:03:53.0101 4640   RemoteAccess - ok
13:03:53.0132 4640   RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
13:03:53.0148 4640   RemoteRegistry - ok
13:03:53.0335 4640   RoxMediaDB9 (ebcde8b48fadc6479d96a56d0a432160) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
13:03:53.0366 4640   RoxMediaDB9 - ok
13:03:53.0428 4640   RoxWatch9 (ab2b1de1c8f31efce2384b14b3dc4260) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
13:03:53.0444 4640   RoxWatch9 - ok
13:03:53.0475 4640   RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
13:03:53.0475 4640   RpcLocator - ok
13:03:53.0538 4640   RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:03:53.0538 4640   RpcSs - ok
13:03:53.0647 4640   rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
13:03:53.0787 4640   rspndr - ok
13:03:53.0912 4640   SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:53.0928 4640   SamSs - ok
13:03:53.0990 4640   SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
13:03:54.0006 4640   SASDIFSV - ok
13:03:54.0037 4640   SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
13:03:54.0037 4640   SASKUTIL - ok
13:03:54.0068 4640   sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:03:54.0084 4640   sbp2port - ok
13:03:54.0130 4640   SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
13:03:54.0130 4640   SCardSvr - ok
13:03:54.0208 4640   Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
13:03:54.0224 4640   Schedule - ok
13:03:54.0286 4640   SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:03:54.0302 4640   SCPolicySvc - ok
13:03:54.0333 4640   SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
13:03:54.0349 4640   SDRSVC - ok
13:03:54.0411 4640   secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:03:54.0411 4640   secdrv - ok
13:03:54.0489 4640   seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
13:03:54.0489 4640   seclogon - ok
13:03:54.0536 4640   SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
13:03:54.0536 4640   SENS - ok
13:03:54.0583 4640   Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
13:03:54.0583 4640   Serenum - ok
13:03:54.0614 4640   Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
13:03:54.0614 4640   Serial - ok
13:03:54.0786 4640   sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
13:03:54.0817 4640   sermouse - ok
13:03:54.0910 4640   SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
13:03:54.0910 4640   SessionEnv - ok
13:03:54.0957 4640   sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
13:03:54.0957 4640   sffdisk - ok
13:03:54.0973 4640   sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
13:03:54.0973 4640   sffp_mmc - ok
13:03:55.0004 4640   sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
13:03:55.0004 4640   sffp_sd - ok
13:03:55.0020 4640   sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:03:55.0020 4640   sfloppy - ok
13:03:55.0066 4640   SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
13:03:55.0082 4640   SharedAccess - ok
13:03:55.0113 4640   ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
13:03:55.0129 4640   ShellHWDetection - ok
13:03:55.0160 4640   sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
13:03:55.0160 4640   sisagp - ok
13:03:55.0176 4640   SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
13:03:55.0191 4640   SiSRaid2 - ok
13:03:55.0238 4640   SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
13:03:55.0238 4640   SiSRaid4 - ok
13:03:55.0347 4640   slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
13:03:55.0503 4640   slsvc - ok
13:03:55.0550 4640   SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
13:03:55.0550 4640   SLUINotify - ok
13:03:55.0581 4640   Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
13:03:55.0597 4640   Smb - ok
13:03:55.0768 4640   SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
13:03:55.0784 4640   SNMPTRAP - ok
13:03:55.0862 4640   spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
13:03:55.0893 4640   spldr - ok
13:03:55.0924 4640   Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
13:03:55.0924 4640   Spooler - ok
13:03:55.0987 4640   sprtsvc_dellsupportcenter - ok
13:03:56.0221 4640   SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\N360\0502000.00D\SRTSP.SYS
13:03:56.0236 4640   SRTSP - ok
13:03:56.0283 4640   SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\N360\0502000.00D\SRTSPX.SYS
13:03:56.0299 4640   SRTSPX - ok
13:03:56.0361 4640   srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
13:03:56.0377 4640   srv - ok
13:03:56.0455 4640   srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
13:03:56.0455 4640   srv2 - ok
13:03:56.0470 4640   srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
13:03:56.0470 4640   srvnet - ok
13:03:56.0642 4640   SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
13:03:56.0658 4640   SSDPSRV - ok
13:03:56.0938 4640   SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
13:03:56.0938 4640   SstpSvc - ok
13:03:57.0141 4640   stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
13:03:57.0157 4640   stisvc - ok
13:03:57.0250 4640   stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
13:03:57.0266 4640   stllssvr - ok
13:03:57.0297 4640   swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
13:03:57.0313 4640   swenum - ok
13:03:57.0360 4640   swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
13:03:57.0375 4640   swprv - ok
13:03:57.0406 4640   Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:03:57.0453 4640   Symc8xx - ok
13:03:57.0500 4640   SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\N360\0502000.00D\SYMDS.SYS
13:03:57.0531 4640   SymDS - ok
13:03:57.0594 4640   SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\N360\0502000.00D\SYMEFA.SYS
13:03:57.0625 4640   SymEFA - ok
13:03:57.0687 4640   SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
13:03:57.0687 4640   SymEvent - ok
13:03:57.0765 4640   SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\N360\0502000.00D\Ironx86.SYS
13:03:57.0781 4640   SymIRON - ok
13:03:57.0843 4640   SYMTDIv (d42a7229e333af725f1445f785e4658d) C:\Windows\System32\Drivers\N360\0502000.00D\SYMTDIV.SYS
13:03:57.0859 4640   SYMTDIv - ok
13:03:57.0890 4640   Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:03:57.0906 4640   Sym_hi - ok
13:03:57.0921 4640   Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:03:57.0921 4640   Sym_u3 - ok
13:03:58.0436 4640   SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
13:03:58.0514 4640   SysMain - ok
13:03:58.0530 4640   szkg5 - ok
13:03:58.0545 4640   szkgfs - ok
13:03:58.0639 4640   TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
13:03:58.0654 4640   TabletInputService - ok
13:03:58.0717 4640   TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
13:03:58.0717 4640   TapiSrv - ok
13:03:58.0795 4640   TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
13:03:58.0795 4640   TBS - ok
13:03:58.0857 4640   Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
13:03:58.0904 4640   Tcpip - ok
13:03:58.0935 4640   Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
13:03:58.0951 4640   Tcpip6 - ok
13:03:58.0966 4640   tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
13:03:58.0966 4640   tcpipreg - ok
13:03:59.0013 4640   TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
13:03:59.0029 4640   TDPIPE - ok
13:03:59.0044 4640   TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
13:03:59.0076 4640   TDTCP - ok
13:03:59.0107 4640   tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
13:03:59.0107 4640   tdx - ok
13:03:59.0169 4640   TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
13:03:59.0169 4640   TermDD - ok
13:03:59.0200 4640   TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
13:03:59.0216 4640   TermService - ok
13:03:59.0247 4640   Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
13:03:59.0247 4640   Themes - ok
13:03:59.0294 4640   THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:03:59.0294 4640   THREADORDER - ok
13:03:59.0341 4640   TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
13:03:59.0341 4640   TrkWks - ok
13:03:59.0356 4640   TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
13:03:59.0372 4640   TrustedInstaller - ok
13:03:59.0419 4640   tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:03:59.0450 4640   tssecsrv - ok
13:03:59.0497 4640   tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
13:03:59.0512 4640   tunmp - ok
13:03:59.0544 4640   tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
13:03:59.0544 4640   tunnel - ok
13:03:59.0606 4640   uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
13:03:59.0622 4640   uagp35 - ok
13:03:59.0684 4640   udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
13:03:59.0715 4640   udfs - ok
13:03:59.0762 4640   UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
13:03:59.0762 4640   UI0Detect - ok
13:03:59.0809 4640   uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
13:03:59.0809 4640   uliagpkx - ok
13:03:59.0902 4640   uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
13:03:59.0902 4640   uliahci - ok
13:03:59.0980 4640   UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:03:59.0980 4640   UlSata - ok
13:04:00.0012 4640   ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:04:00.0012 4640   ulsata2 - ok
13:04:00.0058 4640   umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
13:04:00.0058 4640   umbus - ok
13:04:00.0090 4640   upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
13:04:00.0105 4640   upnphost - ok
13:04:00.0168 4640   USBAAPL (60a68a5ea173a97971ee9f1ff49eb2b3) C:\Windows\system32\Drivers\usbaapl.sys
13:04:00.0183 4640   USBAAPL - ok
13:04:00.0214 4640   usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
13:04:00.0214 4640   usbaudio - ok
13:04:00.0277 4640   usbbus (9419faac6552a51542dbba02971c841c) C:\Windows\system32\DRIVERS\lgusbbus.sys
13:04:00.0277 4640   usbbus - ok
13:04:00.0370 4640   usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
13:04:00.0386 4640   usbccgp - ok
13:04:00.0464 4640   usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:04:00.0480 4640   usbcir - ok
13:04:00.0526 4640   UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\Windows\system32\DRIVERS\lgusbdiag.sys
13:04:00.0573 4640   UsbDiag - ok
13:04:00.0620 4640   usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
13:04:00.0620 4640   usbehci - ok
13:04:00.0667 4640   UsbGps (071b8e7a0ca11a2a9b32109058136bbe) C:\Windows\system32\DRIVERS\lgusbgps.sys
13:04:00.0698 4640   UsbGps - ok
13:04:00.0760 4640   usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
13:04:00.0760 4640   usbhub - ok
13:04:00.0807 4640   USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\Windows\system32\DRIVERS\lgusbmodem.sys
13:04:00.0823 4640   USBModem - ok
13:04:00.0854 4640   usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
13:04:00.0854 4640   usbohci - ok
13:04:00.0885 4640   usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
13:04:00.0901 4640   usbprint - ok
13:04:00.0916 4640   usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
13:04:00.0916 4640   usbscan - ok
13:04:00.0963 4640   USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:04:00.0963 4640   USBSTOR - ok
13:04:00.0994 4640   usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:04:01.0010 4640   usbuhci - ok
13:04:01.0088 4640   usnjsvc (9d19b042a4fd5c02195071ea2fe0c821) C:\Program Files\Windows Live\Messenger\usnsvc.exe
13:04:01.0104 4640   usnjsvc - ok
13:04:01.0135 4640   UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
13:04:01.0135 4640   UxSms - ok
13:04:01.0182 4640   vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
13:04:01.0197 4640   vds - ok
13:04:01.0244 4640   vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
13:04:01.0260 4640   vga - ok
13:04:01.0306 4640   VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
13:04:01.0306 4640   VgaSave - ok
13:04:01.0353 4640   viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
13:04:01.0353 4640   viaagp - ok
13:04:01.0369 4640   ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
13:04:01.0384 4640   ViaC7 - ok
13:04:01.0400 4640   viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys
13:04:01.0416 4640   viaide - ok
13:04:01.0462 4640   volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
13:04:01.0462 4640   volmgr - ok
13:04:01.0509 4640   volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
13:04:01.0509 4640   volmgrx - ok
13:04:01.0540 4640   volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
13:04:01.0572 4640   volsnap - ok
13:04:01.0587 4640   vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
13:04:01.0587 4640   vsmraid - ok
13:04:01.0728 4640   VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
13:04:01.0743 4640   VSS - ok
13:04:01.0852 4640   VX3000 (42870675b4d84acd81a9da69b83f14c5) C:\Windows\system32\DRIVERS\VX3000.sys
13:04:01.0915 4640   VX3000 - ok
13:04:01.0946 4640   W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
13:04:01.0962 4640   W32Time - ok
13:04:02.0008 4640   WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
13:04:02.0008 4640   WacomPen - ok
13:04:02.0055 4640   Wanarp &

kile32 · « **Reply #20 on:** April 14, 2012, 05:03:51 PM »

I tried to edit the previous reply because it was incorrect. Here are the correct before and after results

13:02:23.0768 5980   TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
13:02:25.0781 5980   ============================================================
13:02:25.0781 5980   Current date / time: 2012/04/14 13:02:25.0781
13:02:25.0781 5980   SystemInfo:
13:02:25.0781 5980
13:02:25.0781 5980   OS Version: 6.0.6002 ServicePack: 2.0
13:02:25.0781 5980   Product type: Workstation
13:02:25.0781 5980   ComputerName: KILE-PC
13:02:25.0781 5980   UserName: Kile
13:02:25.0781 5980   Windows directory: C:\Windows
13:02:25.0781 5980   System windows directory: C:\Windows
13:02:25.0781 5980   Processor architecture: Intel x86
13:02:25.0781 5980   Number of processors: 2
13:02:25.0781 5980   Page size: 0x1000
13:02:25.0781 5980   Boot type: Normal boot
13:02:25.0781 5980   ============================================================
13:02:30.0305 5980   Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:02:30.0320 5980   \Device\Harddisk0\DR0:
13:02:30.0320 5980   MBR used
13:02:30.0320 5980   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x1400000
13:02:30.0320 5980   \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1418000, BlocksNum 0x24016000
13:02:30.0398 5980   Initialize success
13:02:30.0398 5980   ============================================================
13:03:26.0541 4640   ============================================================
13:03:26.0541 4640   Scan started
13:03:26.0541 4640   Mode: Manual;
13:03:26.0541 4640   ============================================================
13:03:29.0505 4640   !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
13:03:29.0520 4640   !SASCORE - ok
13:03:29.0661 4640   ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:03:29.0661 4640   ACDaemon - ok
13:03:29.0879 4640   ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
13:03:29.0879 4640   ACPI - ok
13:03:29.0941 4640   AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:03:29.0941 4640   AdobeARMservice - ok
13:03:30.0035 4640   adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
13:03:30.0051 4640   adp94xx - ok
13:03:30.0082 4640   adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
13:03:30.0082 4640   adpahci - ok
13:03:30.0129 4640   adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
13:03:30.0129 4640   adpu160m - ok
13:03:30.0160 4640   adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
13:03:30.0160 4640   adpu320 - ok
13:03:30.0191 4640   AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
13:03:30.0207 4640   AeLookupSvc - ok
13:03:30.0238 4640   AERTFilters (330a1e4df07c2e29949ed8631cd8828e) C:\Windows\system32\AERTSrv.exe
13:03:30.0238 4640   AERTFilters - ok
13:03:30.0300 4640   Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
13:03:30.0316 4640   Afc - ok
13:03:30.0534 4640   AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
13:03:30.0581 4640   AFD - ok
13:03:30.0815 4640   agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
13:03:30.0831 4640   agp440 - ok
13:03:30.0877 4640   aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:03:30.0909 4640   aic78xx - ok
13:03:30.0940 4640   ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
13:03:30.0955 4640   ALG - ok
13:03:31.0002 4640   aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys
13:03:31.0018 4640   aliide - ok
13:03:31.0065 4640   amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
13:03:31.0080 4640   amdagp - ok
13:03:31.0111 4640   amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys
13:03:31.0127 4640   amdide - ok
13:03:31.0158 4640   AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
13:03:31.0189 4640   AmdK7 - ok
13:03:31.0236 4640   AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
13:03:31.0267 4640   AmdK8 - ok
13:03:31.0345 4640   Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
13:03:31.0377 4640   Appinfo - ok
13:03:31.0455 4640   Apple Mobile Device (7e94e567c1aa5abe6174032b3dab6c23) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
13:03:31.0470 4640   Apple Mobile Device - ok
13:03:31.0517 4640   arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
13:03:31.0533 4640   arc - ok
13:03:31.0611 4640   arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
13:03:31.0642 4640   arcsas - ok
13:03:31.0720 4640   AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
13:03:31.0751 4640   AsyncMac - ok
13:03:31.0845 4640   atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
13:03:31.0845 4640   atapi - ok
13:03:31.0907 4640   AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:03:31.0923 4640   AudioEndpointBuilder - ok
13:03:31.0954 4640   Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:03:31.0969 4640   Audiosrv - ok
13:03:32.0016 4640   Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
13:03:32.0032 4640   Beep - ok
13:03:32.0094 4640   BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
13:03:32.0110 4640   BFE - ok
13:03:32.0266 4640   BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120402.001\BHDrvx86.sys
13:03:32.0297 4640   BHDrvx86 - ok
13:03:32.0859 4640   BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
13:03:32.0874 4640   BITS - ok
13:03:32.0905 4640   blbdrive - ok
13:03:32.0999 4640   Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe
13:03:33.0015 4640   Bonjour Service - ok
13:03:33.0108 4640   bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
13:03:33.0202 4640   bowser - ok
13:03:33.0249 4640   BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:03:33.0249 4640   BrFiltLo - ok
13:03:33.0280 4640   BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:03:33.0311 4640   BrFiltUp - ok
13:03:33.0373 4640   Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
13:03:33.0373 4640   Browser - ok
13:03:33.0420 4640   Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:03:33.0420 4640   Brserid - ok
13:03:33.0451 4640   BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:03:33.0483 4640   BrSerWdm - ok
13:03:33.0545 4640   BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:03:33.0545 4640   BrUsbMdm - ok
13:03:33.0561 4640   BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:03:33.0561 4640   BrUsbSer - ok
13:03:33.0576 4640   BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
13:03:33.0592 4640   BTHMODEM - ok
13:03:33.0639 4640   cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
13:03:33.0654 4640   cdfs - ok
13:03:33.0670 4640   cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
13:03:33.0685 4640   cdrom - ok
13:03:33.0732 4640   CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:03:33.0748 4640   CertPropSvc - ok
13:03:33.0810 4640   circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
13:03:33.0841 4640   circlass - ok
13:03:33.0873 4640   CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
13:03:33.0873 4640   CLFS - ok
13:03:33.0966 4640   clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:03:33.0982 4640   clr_optimization_v2.0.50727_32 - ok
13:03:34.0153 4640   clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:03:34.0153 4640   clr_optimization_v4.0.30319_32 - ok
13:03:34.0200 4640   cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys
13:03:34.0216 4640   cmdide - ok
13:03:34.0309 4640   ComcastSecureBackupSharebackup (1255218702d9873021f28fac47c20150) C:\Program Files\SecureBackupShare\ComcastSecureBackupSharebackup.exe
13:03:34.0309 4640   ComcastSecureBackupSharebackup - ok
13:03:34.0325 4640   ComcastSecureBackupShareFilter (b8e08bfcab2be31804cea983d2094faf) C:\Windows\system32\DRIVERS\ComcastSecureBackupShare.sys
13:03:34.0341 4640   ComcastSecureBackupShareFilter - ok
13:03:34.0372 4640   Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
13:03:34.0372 4640   Compbatt - ok
13:03:34.0387 4640   COMSysApp - ok
13:03:34.0434 4640   crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
13:03:34.0434 4640   crcdisk - ok
13:03:34.0481 4640   Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
13:03:34.0497 4640   Crusoe - ok
13:03:34.0543 4640   CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
13:03:34.0559 4640   CryptSvc - ok
13:03:34.0606 4640   DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:03:34.0621 4640   DcomLaunch - ok
13:03:34.0637 4640   DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
13:03:34.0637 4640   DfsC - ok
13:03:34.0731 4640   DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
13:03:34.0777 4640   DFSR - ok
13:03:34.0855 4640   Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
13:03:34.0855 4640   Dhcp - ok
13:03:34.0887 4640   disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
13:03:34.0902 4640   disk - ok
13:03:34.0949 4640   Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
13:03:34.0965 4640   Dnscache - ok
13:03:34.0996 4640   dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
13:03:35.0011 4640   dot3svc - ok
13:03:35.0074 4640   Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
13:03:35.0074 4640   Dot4 - ok
13:03:35.0105 4640   Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:03:35.0121 4640   Dot4Print - ok
13:03:35.0183 4640   dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
13:03:35.0183 4640   dot4usb - ok
13:03:35.0230 4640   DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
13:03:35.0245 4640   DPS - ok
13:03:35.0277 4640   drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
13:03:35.0277 4640   drmkaud - ok
13:03:35.0355 4640   DSBrokerService (245f62a2aa67f4a61f10174bf1017327) C:\Program Files\DellSupport\brkrsvc.exe
13:03:35.0355 4640   DSBrokerService - ok
13:03:35.0386 4640   DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
13:03:35.0386 4640   DSproct - ok
13:03:35.0417 4640   dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
13:03:35.0433 4640   dsunidrv - ok
13:03:35.0479 4640   DXGKrnl (fb85f7f69e9b109820409243f578cc4d) C:\Windows\System32\drivers\dxgkrnl.sys
13:03:35.0511 4640   DXGKrnl - ok
13:03:35.0542 4640   e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
13:03:35.0573 4640   e1express - ok
13:03:35.0698 4640   E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:03:35.0698 4640   E1G60 - ok
13:03:35.0745 4640   EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
13:03:35.0760 4640   EapHost - ok
13:03:35.0791 4640   Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
13:03:35.0807 4640   Ecache - ok
13:03:36.0041 4640   eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
13:03:36.0150 4640   eeCtrl - ok
13:03:36.0369 4640   ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
13:03:36.0384 4640   ehRecvr - ok
13:03:36.0400 4640   ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
13:03:36.0400 4640   ehSched - ok
13:03:36.0431 4640   ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
13:03:36.0431 4640   ehstart - ok
13:03:36.0525 4640   elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
13:03:36.0525 4640   elxstor - ok
13:03:36.0603 4640   EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
13:03:36.0649 4640   EMDMgmt - ok
13:03:36.0759 4640   EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:03:36.0759 4640   EraserUtilRebootDrv - ok
13:03:36.0790 4640   EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
13:03:36.0805 4640   EventSystem - ok
13:03:36.0852 4640   exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
13:03:36.0883 4640   exfat - ok
13:03:36.0915 4640   fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
13:03:36.0915 4640   fastfat - ok
13:03:37.0008 4640   fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
13:03:37.0024 4640   fdc - ok
13:03:37.0055 4640   fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
13:03:37.0071 4640   fdPHost - ok
13:03:37.0102 4640   FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
13:03:37.0102 4640   FDResPub - ok
13:03:37.0149 4640   FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
13:03:37.0258 4640   FileInfo - ok
13:03:37.0461 4640   Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
13:03:37.0461 4640   Filetrace - ok
13:03:37.0539 4640   flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:03:37.0554 4640   flpydisk - ok
13:03:37.0601 4640   FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
13:03:37.0617 4640   FltMgr - ok
13:03:37.0663 4640   FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:03:37.0663 4640   FontCache3.0.0.0 - ok
13:03:37.0695 4640   Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
13:03:37.0695 4640   Fs_Rec - ok
13:03:37.0741 4640   gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
13:03:37.0741 4640   gagp30kx - ok
13:03:37.0804 4640   GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:03:37.0819 4640   GEARAspiWDM - ok
13:03:37.0929 4640   gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
13:03:37.0944 4640   gpsvc - ok
13:03:38.0038 4640   gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:03:38.0038 4640   gupdate - ok
13:03:38.0053 4640   gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:03:38.0069 4640   gupdatem - ok
13:03:38.0209 4640   HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:03:38.0225 4640   HDAudBus - ok
13:03:38.0256 4640   HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:03:38.0256 4640   HidBth - ok
13:03:38.0287 4640   HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:03:38.0287 4640   HidIr - ok
13:03:38.0319 4640   hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
13:03:38.0319 4640   hidserv - ok
13:03:38.0350 4640   HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
13:03:38.0350 4640   HidUsb - ok
13:03:38.0412 4640   hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
13:03:38.0428 4640   hkmsvc - ok
13:03:38.0475 4640   HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
13:03:38.0475 4640   HpCISSs - ok
13:03:38.0599 4640   hpqcxs08 (cc8a7d8a8dc9f357b57796583cf8b85f) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:03:38.0615 4640   hpqcxs08 - ok
13:03:38.0646 4640   hpqddsvc (4c2ca71caafd2cf1a673fc8dbfd219c4) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:03:38.0662 4640   hpqddsvc - ok
13:03:38.0740 4640   HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
13:03:38.0755 4640   HSF_DPV - ok
13:03:38.0802 4640   HSXHWBS2 (ed98350ecd4a5a9c9f1e641c09872bb2) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
13:03:38.0818 4640   HSXHWBS2 - ok
13:03:38.0865 4640   HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
13:03:38.0896 4640   HTTP - ok
13:03:38.0943 4640   i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
13:03:38.0943 4640   i2omp - ok
13:03:39.0005 4640   i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
13:03:39.0036 4640   i8042prt - ok
13:03:39.0192 4640   iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
13:03:39.0192 4640   iaStor - ok
13:03:39.0239 4640   iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
13:03:39.0270 4640   iaStorV - ok
13:03:39.0364 4640   IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:03:39.0379 4640   IDriverT - ok
13:03:39.0598 4640   idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:03:39.0629 4640   idsvc - ok
13:03:39.0785 4640   IDSVix86 (b6662611e8fa3a71473c4a9bd0d23755) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120413.001\IDSvix86.sys
13:03:39.0801 4640   IDSVix86 - ok
13:03:39.0972 4640   igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
13:03:40.0050 4640   igfx - ok
13:03:40.0097 4640   iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:03:40.0113 4640   iirsp - ok
13:03:40.0159 4640   IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
13:03:40.0159 4640   IKEEXT - ok
13:03:40.0331 4640   IntcAzAudAddService (f8f53c5449f15b23d4c61d51d2701da8) C:\Windows\system32\drivers\RTKVHDA.sys
13:03:40.0393 4640   IntcAzAudAddService - ok
13:03:40.0409 4640   intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\DRIVERS\intelide.sys
13:03:40.0409 4640   intelide - ok
13:03:40.0471 4640   intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
13:03:40.0471 4640   intelppm - ok
13:03:40.0518 4640   IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
13:03:40.0518 4640   IPBusEnum - ok
13:03:40.0565 4640   IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:03:40.0565 4640   IpFilterDriver - ok
13:03:40.0627 4640   iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
13:03:40.0627 4640   iphlpsvc - ok
13:03:40.0643 4640   IpInIp - ok
13:03:40.0705 4640   IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
13:03:40.0705 4640   IPMIDRV - ok
13:03:40.0768 4640   IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
13:03:40.0768 4640   IPNAT - ok
13:03:40.0846 4640   iPod Service (05cf6a56fbf436c347bb87fd1957adc1) C:\Program Files\iPod\bin\iPodService.exe
13:03:40.0861 4640   iPod Service - ok
13:03:40.0908 4640   IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
13:03:40.0955 4640   IRENUM - ok
13:03:40.0971 4640   is3srv - ok
13:03:41.0017 4640   isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
13:03:41.0049 4640   isapnp - ok
13:03:41.0095 4640   iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
13:03:41.0111 4640   iScsiPrt - ok
13:03:41.0173 4640   iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:03:41.0205 4640   iteatapi - ok
13:03:41.0251 4640   iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:03:41.0283 4640   iteraid - ok
13:03:41.0314 4640   kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:03:41.0329 4640   kbdclass - ok
13:03:41.0361 4640   kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
13:03:41.0361 4640   kbdhid - ok
13:03:42.0078 4640   KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:42.0094 4640   KeyIso - ok
13:03:42.0125 4640   KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
13:03:42.0141 4640   KSecDD - ok
13:03:42.0203 4640   KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
13:03:42.0219 4640   KtmRm - ok
13:03:42.0281 4640   LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
13:03:42.0281 4640   LanmanServer - ok
13:03:42.0359 4640   LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
13:03:42.0359 4640   LanmanWorkstation - ok
13:03:42.0421 4640   lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
13:03:42.0437 4640   lltdio - ok
13:03:42.0515 4640   lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
13:03:42.0515 4640   lltdsvc - ok
13:03:42.0593 4640   lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
13:03:42.0593 4640   lmhosts - ok
13:03:42.0655 4640   LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
13:03:42.0655 4640   LSI_FC - ok
13:03:42.0718 4640   LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
13:03:42.0718 4640   LSI_SAS - ok
13:03:42.0796 4640   LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
13:03:42.0796 4640   LSI_SCSI - ok
13:03:42.0843 4640   luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
13:03:42.0843 4640   luafv - ok
13:03:42.0858 4640   MCSTRM - ok
13:03:42.0936 4640   Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
13:03:42.0952 4640   Mcx2Svc - ok
13:03:42.0983 4640   mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
13:03:42.0983 4640   mdmxsdk - ok
13:03:43.0030 4640   megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
13:03:43.0030 4640   megasas - ok
13:03:43.0077 4640   mferkdk - ok
13:03:43.0123 4640   MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:03:43.0139 4640   MMCSS - ok
13:03:43.0156 4640   Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
13:03:43.0156 4640   Modem - ok
13:03:43.0212 4640   monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
13:03:43.0213 4640   monitor - ok
13:03:43.0244 4640   mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
13:03:43.0258 4640   mouclass - ok
13:03:43.0296 4640   mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
13:03:43.0299 4640   mouhid - ok
13:03:43.0355 4640   MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
13:03:43.0370 4640   MountMgr - ok
13:03:43.0447 4640   mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
13:03:43.0493 4640   mpio - ok
13:03:43.0532 4640   mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
13:03:43.0541 4640   mpsdrv - ok
13:03:43.0599 4640   MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
13:03:43.0623 4640   MpsSvc - ok
13:03:43.0660 4640   Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:03:43.0664 4640   Mraid35x - ok
13:03:43.0740 4640   MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
13:03:43.0744 4640   MRxDAV - ok
13:03:43.0820 4640   mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:03:43.0823 4640   mrxsmb - ok
13:03:43.0882 4640   mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:03:43.0887 4640   mrxsmb10 - ok
13:03:43.0949 4640   mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:03:43.0957 4640   mrxsmb20 - ok
13:03:43.0998 4640   msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys
13:03:44.0013 4640   msahci - ok
13:03:44.0091 4640   MSCamSvc (31e023681015c35ebfe1498b07813b87) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
13:03:44.0114 4640   MSCamSvc - ok
13:03:44.0183 4640   msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
13:03:44.0187 4640   msdsm - ok
13:03:44.0253 4640   MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
13:03:44.0259 4640   MSDTC - ok
13:03:44.0352 4640   Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
13:03:44.0355 4640   Msfs - ok
13:03:44.0387 4640   msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
13:03:44.0407 4640   msisadrv - ok
13:03:44.0483 4640   MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
13:03:44.0492 4640   MSiSCSI - ok
13:03:44.0516 4640   msiserver - ok
13:03:44.0650 4640   MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
13:03:44.0666 4640   MSKSSRV - ok
13:03:44.0731 4640   MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
13:03:44.0734 4640   MSPCLOCK - ok
13:03:44.0812 4640   MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
13:03:44.0814 4640   MSPQM - ok
13:03:44.0877 4640   MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
13:03:44.0883 4640   MsRPC - ok
13:03:44.0904 4640   mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
13:03:44.0906 4640   mssmbios - ok
13:03:44.0937 4640   MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
13:03:44.0940 4640   MSTEE - ok
13:03:44.0991 4640   Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
13:03:44.0998 4640   Mup - ok
13:03:45.0081 4640   N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
13:03:45.0089 4640   N360 - ok
13:03:45.0129 4640   napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
13:03:45.0146 4640   napagent - ok
13:03:45.0182 4640   NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
13:03:45.0191 4640   NativeWifiP - ok
13:03:45.0506 4640   NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120413.025\NAVENG.SYS
13:03:45.0524 4640   NAVENG - ok
13:03:45.0684 4640   NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120413.025\NAVEX15.SYS
13:03:45.0855 4640   NAVEX15 - ok
13:03:45.0996 4640   NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
13:03:46.0048 4640   NDIS - ok
13:03:46.0086 4640   NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
13:03:46.0090 4640   NdisTapi - ok
13:03:46.0271 4640   Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
13:03:46.0300 4640   Ndisuio - ok
13:03:46.0342 4640   NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:03:46.0357 4640   NdisWan - ok
13:03:46.0409 4640   NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
13:03:47.0494 4640   NDProxy - ok
13:03:47.0620 4640   Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll
13:03:47.0624 4640   Net Driver HPZ12 - ok
13:03:47.0753 4640   NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
13:03:47.0768 4640   NetBIOS - ok
13:03:47.0816 4640   netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
13:03:47.0838 4640   netbt - ok
13:03:47.0881 4640   Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:47.0884 4640   Netlogon - ok
13:03:47.0930 4640   Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
13:03:47.0937 4640   Netman - ok
13:03:48.0354 4640   netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
13:03:48.0362 4640   netprofm - ok
13:03:48.0432 4640   NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:03:48.0436 4640   NetTcpPortSharing - ok
13:03:48.0490 4640   nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:03:48.0528 4640   nfrd960 - ok
13:03:48.0586 4640   NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
13:03:48.0595 4640   NlaSvc - ok
13:03:48.0682 4640   nosGetPlusHelper (0e58f99692802c501454eac3d2ac3394) C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
13:03:48.0707 4640   nosGetPlusHelper - ok
13:03:48.0754 4640   Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
13:03:48.0757 4640   Npfs - ok
13:03:48.0829 4640   nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
13:03:48.0832 4640   nsi - ok
13:03:48.0863 4640   nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
13:03:48.0878 4640   nsiproxy - ok
13:03:48.0961 4640   Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
13:03:49.0017 4640   Ntfs - ok
13:03:49.0066 4640   ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:03:49.0069 4640   ntrigdigi - ok
13:03:49.0116 4640   Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
13:03:49.0127 4640   Null - ok
13:03:49.0168 4640   nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
13:03:49.0172 4640   nvraid - ok
13:03:49.0228 4640   nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
13:03:49.0257 4640   nvstor - ok
13:03:49.0303 4640   nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
13:03:49.0334 4640   nv_agp - ok
13:03:49.0349 4640   NwlnkFlt - ok
13:03:49.0380 4640   NwlnkFwd - ok
13:03:49.0448 4640   ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
13:03:49.0471 4640   ohci1394 - ok
13:03:49.0570 4640   p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:49.0597 4640   p2pimsvc - ok
13:03:49.0616 4640   p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:49.0623 4640   p2psvc - ok
13:03:49.0660 4640   Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:03:49.0670 4640   Parport - ok
13:03:49.0725 4640   partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
13:03:49.0743 4640   partmgr - ok
13:03:49.0775 4640   Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:03:49.0796 4640   Parvdm - ok
13:03:49.0837 4640   PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
13:03:49.0845 4640   PcaSvc - ok
13:03:49.0912 4640   pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
13:03:49.0949 4640   pci - ok
13:03:50.0003 4640   pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
13:03:50.0033 4640   pciide - ok
13:03:50.0279 4640   pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
13:03:50.0284 4640   pcmcia - ok
13:03:50.0373 4640   PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:03:50.0388 4640   PEAUTH - ok
13:03:50.0484 4640   pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
13:03:50.0534 4640   pla - ok
13:03:50.0670 4640   PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
13:03:50.0676 4640   PlugPlay - ok
13:03:50.0714 4640   Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll
13:03:50.0716 4640   Pml Driver HPZ12 - ok
13:03:50.0776 4640   PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:50.0785 4640   PNRPAutoReg - ok
13:03:50.0834 4640   PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:03:50.0842 4640   PNRPsvc - ok
13:03:50.0893 4640   PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
13:03:50.0902 4640   PolicyAgent - ok
13:03:50.0995 4640   PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
13:03:51.0006 4640   PptpMiniport - ok
13:03:51.0073 4640   Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
13:03:51.0076 4640   Processor - ok
13:03:51.0118 4640   ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
13:03:51.0125 4640   ProfSvc - ok
13:03:51.0166 4640   ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:51.0169 4640   ProtectedStorage - ok
13:03:51.0221 4640   PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
13:03:51.0224 4640   PSched - ok
13:03:51.0395 4640   PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
13:03:51.0425 4640   PxHelp20 - ok
13:03:51.0781 4640   ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
13:03:51.0818 4640   ql2300 - ok
13:03:51.0865 4640   ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:03:51.0890 4640   ql40xx - ok
13:03:51.0948 4640   QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
13:03:51.0955 4640   QWAVE - ok
13:03:51.0999 4640   QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
13:03:52.0001 4640   QWAVEdrv - ok
13:03:52.0144 4640   R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
13:03:52.0243 4640   R300 - ok
13:03:52.0290 4640   RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
13:03:52.0290 4640   RasAcd - ok
13:03:52.0336 4640   RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
13:03:52.0336 4640   RasAuto - ok
13:03:52.0368 4640   Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:03:52.0368 4640   Rasl2tp - ok
13:03:52.0430 4640   RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
13:03:52.0430 4640   RasMan - ok
13:03:52.0461 4640   RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
13:03:52.0477 4640   RasPppoe - ok
13:03:52.0508 4640   RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
13:03:52.0508 4640   RasSstp - ok
13:03:52.0680 4640   rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
13:03:52.0726 4640   rdbss - ok
13:03:52.0867 4640   RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:03:52.0867 4640   RDPCDD - ok
13:03:53.0007 4640   rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
13:03:53.0007 4640   rdpdr - ok
13:03:53.0023 4640   RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
13:03:53.0023 4640   RDPENCDD - ok
13:03:53.0054 4640   RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
13:03:53.0054 4640   RDPWD - ok
13:03:53.0101 4640   RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
13:03:53.0101 4640   RemoteAccess - ok
13:03:53.0132 4640   RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
13:03:53.0148 4640   RemoteRegistry - ok
13:03:53.0335 4640   RoxMediaDB9 (ebcde8b48fadc6479d96a56d0a432160) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
13:03:53.0366 4640   RoxMediaDB9 - ok
13:03:53.0428 4640   RoxWatch9 (ab2b1de1c8f31efce2384b14b3dc4260) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
13:03:53.0444 4640   RoxWatch9 - ok
13:03:53.0475 4640   RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
13:03:53.0475 4640   RpcLocator - ok
13:03:53.0538 4640   RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:03:53.0538 4640   RpcSs - ok
13:03:53.0647 4640   rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
13:03:53.0787 4640   rspndr - ok
13:03:53.0912 4640   SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:03:53.0928 4640   SamSs - ok
13:03:53.0990 4640   SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
13:03:54.0006 4640   SASDIFSV - ok
13:03:54.0037 4640   SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
13:03:54.0037 4640   SASKUTIL - ok
13:03:54.0068 4640   sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:03:54.0084 4640   sbp2port - ok
13:03:54.0130 4640   SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
13:03:54.0130 4640   SCardSvr - ok
13:03:54.0208 4640   Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
13:03:54.0224 4640   Schedule - ok
13:03:54.0286 4640   SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:03:54.0302 4640   SCPolicySvc - ok
13:03:54.0333 4640   SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
13:03:54.0349 4640   SDRSVC - ok
13:03:54.0411 4640   secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:03:54.0411 4640   secdrv - ok
13:03:54.0489 4640   seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
13:03:54.0489 4640   seclogon - ok
13:03:54.0536 4640   SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
13:03:54.0536 4640   SENS - ok
13:03:54.0583 4640   Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
13:03:54.0583 4640   Serenum - ok
13:03:54.0614 4640   Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
13:03:54.0614 4640   Serial - ok
13:03:54.0786 4640   sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
13:03:54.0817 4640   sermouse - ok
13:03:54.0910 4640   SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
13:03:54.0910 4640   SessionEnv - ok
13:03:54.0957 4640   sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
13:03:54.0957 4640   sffdisk - ok
13:03:54.0973 4640   sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
13:03:54.0973 4640   sffp_mmc - ok
13:03:55.0004 4640   sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
13:03:55.0004 4640   sffp_sd - ok
13:03:55.0020 4640   sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:03:55.0020 4640   sfloppy - ok
13:03:55.0066 4640   SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
13:03:55.0082 4640   SharedAccess - ok
13:03:55.0113 4640   ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
13:03:55.0129 4640   ShellHWDetection - ok
13:03:55.0160 4640   sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
13:03:55.0160 4640   sisagp - ok
13:03:55.0176 4640   SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
13:03:55.0191 4640   SiSRaid2 - ok
13:03:55.0238 4640   SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
13:03:55.0238 4640   SiSRaid4 - ok
13:03:55.0347 4640   slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
13:03:55.0503 4640   slsvc - ok
13:03:55.0550 4640   SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
13:03:55.0550 4640   SLUINotify - ok
13:03:55.0581 4640   Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
13:03:55.0597 4640   Smb - ok
13:03:55.0768 4640   SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
13:03:55.0784 4640   SNMPTRAP - ok
13:03:55.0862 4640   spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
13:03:55.0893 4640   spldr - ok
13:03:55.0924 4640   Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
13:03:55.0924 4640   Spooler - ok
13:03:55.0987 4640   sprtsvc_dellsupportcenter - ok
13:03:56.0221 4640   SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\N360\0502000.00D\SRTSP.SYS
13:03:56.0236 4640   SRTSP - ok
13:03:56.0283 4640   SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\N360\0502000.00D\SRTSPX.SYS
13:03:56.0299 4640   SRTSPX - ok
13:03:56.0361 4640   srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
13:03:56.0377 4640   srv - ok
13:03:56.0455 4640   srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
13:03:56.0455 4640   srv2 - ok
13:03:56.0470 4640   srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
13:03:56.0470 4640   srvnet - ok
13:03:56.0642 4640   SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
13:03:56.0658 4640   SSDPSRV - ok
13:03:56.0938 4640   SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
13:03:56.0938 4640   SstpSvc - ok
13:03:57.0141 4640   stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
13:03:57.0157 4640   stisvc - ok
13:03:57.0250 4640   stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
13:03:57.0266 4640   stllssvr - ok
13:03:57.0297 4640   swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
13:03:57.0313 4640   swenum - ok
13:03:57.0360 4640   swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
13:03:57.0375 4640   swprv - ok
13:03:57.0406 4640   Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:03:57.0453 4640   Symc8xx - ok
13:03:57.0500 4640   SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\N360\0502000.00D\SYMDS.SYS
13:03:57.0531 4640   SymDS - ok
13:03:57.0594 4640   SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\N360\0502000.00D\SYMEFA.SYS
13:03:57.0625 4640   SymEFA - ok
13:03:57.0687 4640   SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
13:03:57.0687 4640   SymEvent - ok
13:03:57.0765 4640   SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\N360\0502000.00D\Ironx86.SYS
13:03:57.0781 4640   SymIRON - ok
13:03:57.0843 4640   SYMTDIv (d42a7229e333af725f1445f785e4658d) C:\Windows\System32\Drivers\N360\0502000.00D\SYMTDIV.SYS
13:03:57.0859 4640   SYMTDIv - ok
13:03:57.0890 4640   Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:03:57.0906 4640   Sym_hi - ok
13:03:57.0921 4640   Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:03:57.0921 4640   Sym_u3 - ok
13:03:58.0436 4640   SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
13:03:58.0514 4640   SysMain - ok
13:03:58.0530 4640   szkg5 - ok
13:03:58.0545 4640   szkgfs - ok
13:03:58.0639 4640   TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
13:03:58.0654 4640   TabletInputService - ok
13:03:58.0717 4640   TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
13:03:58.0717 4640   TapiSrv - ok
13:03:58.0795 4640   TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
13:03:58.0795 4640   TBS - ok
13:03:58.0857 4640   Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
13:03:58.0904 4640   Tcpip - ok
13:03:58.0935 4640   Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
13:03:58.0951 4640   Tcpip6 - ok
13:03:58.0966 4640   tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
13:03:58.0966 4640   tcpipreg - ok
13:03:59.0013 4640   TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
13:03:59.0029 4640   TDPIPE - ok
13:03:59.0044 4640   TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
13:03:59.0076 4640   TDTCP - ok
13:03:59.0107 4640   tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
13:03:59.0107 4640   tdx - ok
13:03:59.0169 4640   TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
13:03:59.0169 4640   TermDD - ok
13:03:59.0200 4640   TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
13:03:59.0216 4640   TermService - ok
13:03:59.0247 4640   Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
13:03:59.0247 4640   Themes - ok
13:03:59.0294 4640   THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:03:59.0294 4640   THREADORDER - ok
13:03:59.0341 4640   TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
13:03:59.0341 4640   TrkWks - ok
13:03:59.0356 4640   TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
13:03:59.0372 4640   TrustedInstaller - ok
13:03:59.0419 4640   tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:03:59.0450 4640   tssecsrv - ok
13:03:59.0497 4640   tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
13:03:59.0512 4640   tunmp - ok
13:03:59.0544 4640   tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
13:03:59.0544 4640   tunnel - ok
13:03:59.0606 4640   uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
13:03:59.0622 4640   uagp35 - ok
13:03:59.0684 4640   udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
13:03:59.0715 4640   udfs - ok
13:03:59.0762 4640   UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
13:03:59.0762 4640   UI0Detect - ok
13:03:59.0809 4640   uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
13:03:59.0809 4640   uliagpkx - ok
13:03:59.0902 4640   uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
13:03:59.0902 4640   uliahci - ok
13:03:59.0980 4640   UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:03:59.0980 4640   UlSata - ok
13:04:00.0012 4640   ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:04:00.0012 4640   ulsata2 - ok
13:04:00.0058 4640   umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
13:04:00.0058 4640   umbus - ok
13:04:00.0090 4640   upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
13:04:00.0105 4640   upnphost - ok
13:04:00.0168 4640   USBAAPL (60a68a5ea173a97971ee9f1ff49eb2b3) C:\Windows\system32\Drivers\usbaapl.sys
13:04:00.0183 4640   USBAAPL - ok
13:04:00.0214 4640   usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
13:04:00.0214 4640   usbaudio - ok
13:04:00.0277 4640   usbbus (9419faac6552a51542dbba02971c841c) C:\Windows\system32\DRIVERS\lgusbbus.sys
13:04:00.0277 4640   usbbus - ok
13:04:00.0370 4640   usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
13:04:00.0386 4640   usbccgp - ok
13:04:00.0464 4640   usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:04:00.0480 4640   usbcir - ok
13:04:00.0526 4640   UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\Windows\system32\DRIVERS\lgusbdiag.sys
13:04:00.0573 4640   UsbDiag - ok
13:04:00.0620 4640   usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
13:04:00.0620 4640   usbehci - ok
13:04:00.0667 4640   UsbGps (071b8e7a0ca11a2a9b32109058136bbe) C:\Windows\system32\DRIVERS\lgusbgps.sys
13:04:00.0698 4640   UsbGps - ok
13:04:00.0760 4640   usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
13:04:00.0760 4640   usbhub - ok
13:04:00.0807 4640   USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\Windows\system32\DRIVERS\lgusbmodem.sys
13:04:00.0823 4640   USBModem - ok
13:04:00.0854 4640   usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
13:04:00.0854 4640   usbohci - ok
13:04:00.0885 4640   usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
13:04:00.0901 4640   usbprint - ok
13:04:00.0916 4640   usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
13:04:00.0916 4640   usbscan - ok
13:04:00.0963 4640   USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:04:00.0963 4640   USBSTOR - ok
13:04:00.0994 4640   usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:04:01.0010 4640   usbuhci - ok
13:04:01.0088 4640   usnjsvc (9d19b042a4fd5c02195071ea2fe0c821) C:\Program Files\Windows Live\Messenger\usnsvc.exe
13:04:01.0104 4640   usnjsvc - ok
13:04:01.0135 4640   UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
13:04:01.0135 4640   UxSms - ok
13:04:01.0182 4640   vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
13:04:01.0197 4640   vds - ok
13:04:01.0244 4640   vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
13:04:01.0260 4640   vga - ok
13:04:01.0306 4640   VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
13:04:01.0306 4640   VgaSave - ok
13:04:01.0353 4640   viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
13:04:01.0353 4640   viaagp - ok
13:04:01.0369 4640   ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
13:04:01.0384 4640   ViaC7 - ok
13:04:01.0400 4640   viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys
13:04:01.0416 4640   viaide - ok
13:04:01.0462 4640   volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
13:04:01.0462 4640   volmgr - ok
13:04:01.0509 4640   volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
13:04:01.0509 4640   volmgrx - ok
13:04:01.0540 4640   volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
13:04:01.0572 4640   volsnap - ok
13:04:01.0587 4640   vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
13:04:01.0587 4640   vsmraid - ok
13:04:01.0728 4640   VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
13:04:01.0743 4640   VSS - ok
13:04:01.0852 4640   VX3000 (42870675b4d84acd81a9da69b83f14c5) C:\Windows\system32\DRIVERS\VX3000.sys
13:04:01.0915 4640   VX3000 - ok
13:04:01.0946 4640   W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
13:04:01.0962 4640   W32Time - ok
13:04:02.0008 4640   WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system3

SuperDave · « **Reply #21 on:** April 14, 2012, 05:11:32 PM »

Please run aswMBR.exe again and post the log as well as this one.

Please download MBRCheck.exe by a_d_13 from one of the links provided below and save it to your desktop.

Link 1
Link 2
Link 3

•Double-click on MBRCheck.exe to run it.

•It will open a black window...please do not fix anything (if it gives you an option).

•When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.

•A log named MBRCheck_date_time.txt (i.e. MBRCheck_07.21.10_10.22.51.txt) will appear on the desktop.
•Please copy and paste the contents of that log in your next reply.

kile32 · « **Reply #22 on:** April 15, 2012, 08:29:20 AM »

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-15 09:27:24
-----------------------------
09:27:24.600 OS Version: Windows 6.0.6002 Service Pack 2
09:27:24.600 Number of processors: 2 586 0xF02
09:27:24.600 ComputerName: KILE-PC UserName: Kile
09:27:25.318 Initialize success
09:27:29.553 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:27:29.553 Disk 0 Vendor: WDC_WD3200AAKS-75VYA0 12.01B02 Size: 305245MB BusType: 3
09:27:29.585 Disk 0 MBR read successfully
09:27:29.585 Disk 0 MBR scan
09:27:29.585 Disk 0 Windows VISTA default MBR code
09:27:29.585 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
09:27:29.600 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 98304
09:27:29.600 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 294956 MB offset 21069824
09:27:29.616 Disk 0 scanning sectors +625139712
09:27:29.678 Disk 0 scanning C:\Windows\system32\drivers
09:27:37.135 Service scanning
09:27:48.055 Modules scanning
09:27:53.063 Disk 0 trace - called modules:
09:27:53.094 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
09:27:53.094 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84f9fa10]
09:27:53.094 3 CLASSPNP.SYS[881a38b3] -> nt!IofCallDriver -> [0x84de2268]
09:27:53.109 5 acpi.sys[806986bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8402b528]
09:27:53.109 Scan finished successfully
09:28:01.892 Disk 0 MBR has been saved successfully to "C:\Users\Kile\Desktop\MBR.dat"
09:28:01.923 The log file has been saved successfully to "C:\Users\Kile\Desktop\aswMBR.txt"

SuperDave · « **Reply #23 on:** April 15, 2012, 11:04:11 AM »

Please update and run SAS and MBAM again and post the logs. Also try running ComboFix again. You should be able to de-activate your AV because I had another user with the same AV and he had no problem de-activating it.

kile32 · « **Reply #24 on:** April 15, 2012, 08:55:27 PM »

That's the thing? I don't know how to deactivate it. None of the directions on your link matched what my setting on Norton.

Here is my SAS log. Huge list! I guess I still am not out of the woods yet. Although things are working much faster and smoother than from the start.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/15/2012 at 12:29 PM

Application Version : 5.0.1146

Core Rules Database Version : 8458
Trace Rules Database Version: 6270

Scan type : Complete Scan
Total Scan Time : 01:31:17

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 752
Memory threats detected : 0
Registry items scanned : 33723
Registry threats detected : 0
File items scanned : 162151
File threats detected : 1049

Adware.Tracking Cookie
   C:\Users\Kile\AppData\Roaming\Microsoft\Windows\Cookies\LU59J01M.txt [ /doubleclick.net ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\kile@adxpose[2].txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\F7D3AC7M.txt [ Cookie:[email protected]/pagead/conversion/1026588662/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7IW7NF6V.txt [ Cookie:[email protected]/pagead/conversion/1035118810/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\MKIAG4PK.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\kile@yieldmanager[2].txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\kile@imrworldwide[3].txt [ Cookie:[email protected]/cgi-bin ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\BH4M1VRJ.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\9XGL5ED8.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\STHS97GA.txt [ Cookie:[email protected]/adsense/support ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\JYQ5Y1ID.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\SOLF1BRO.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\HIZ4Y5K0.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\DNF8Z1Z5.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6PZPTO3M.txt [ Cookie:[email protected]/adserving ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\EZOUCTBH.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\kile@atdmt[1].txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\LWAXM3YD.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\DHIZP7LQ.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\SH70HGNW.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\RLM76NCZ.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\IMCTVV7U.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\AZ92IEAD.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\8G91H74K.txt [ Cookie:[email protected]/pagead/conversion/1018962202/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\5QAJ3ARY.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\V3DWFQ7D.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\UZJ05X30.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\LGPNGQNO.txt [ Cookie:[email protected]/adsense/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PRPMSWE5.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\H54JV6CY.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\QU8N63UX.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\kile@specificclick[1].txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\W1EHAPEU.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZL2KLC1K.txt [ Cookie:[email protected]/ ]
   C:\USERS\KILE\Cookies\LU59J01M.txt [ Cookie:[email protected]/ ]
   cloud.bannergadgets.com [ C:\USERS\KILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\J5WYQFKA ]
   core.insightexpressai.com [ C:\USERS\KILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\J5WYQFKA ]
   media.mtvnservices.com [ C:\USERS\KILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\J5WYQFKA ]
   s0.2mdn.net [ C:\USERS\KILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\J5WYQFKA ]
   secure-us.imrworldwide.com [ C:\USERS\KILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\J5WYQFKA ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@247REALMEDIA[1].TXT [ /247REALMEDIA ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@2O7[1].TXT [ /2O7 ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\[email protected][1].TXT [ /AD.WSOD ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\[email protected][1].TXT [ /AD.YIELDMANAGER ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\[email protected][2].TXT [ /AD.YIELDMANAGER ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@ADINTERAX[2].TXT [ /ADINTERAX ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@ADVERTISING[1].TXT [ /ADVERTISING ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@ADXPOSE[1].TXT [ /ADXPOSE ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@ATDMT[2].TXT [ /ATDMT ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@DOUBLECLICK[3].TXT [ /DOUBLECLICK ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@IMRWORLDWIDE[2].TXT [ /IMRWORLDWIDE ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@INVITEMEDIA[1].TXT [ /INVITEMEDIA ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@KANOODLE[1].TXT [ /KANOODLE ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@KANOODLE[2].TXT [ /KANOODLE ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@KANOODLE[3].TXT [ /KANOODLE ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\[email protected][1].TXT [ /KASPERSKY.122.2O7 ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\[email protected][2].TXT [ /OASC09.247REALMEDIA ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@OVERTURE[2].TXT [ /OVERTURE ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@YADRO[2].TXT [ /YADRO ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@YIELDMANAGER[1].TXT [ /YIELDMANAGER ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@ZEDO[2].TXT [ /ZEDO ]
   C:\USERS\KILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KILE@ZEDO[3].TXT [ /ZEDO ]
   account.goodgamestudios.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   art.aim4media.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   cdn.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   cdn2.baronsmedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   click.searchnation.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   core.insightexpressai.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   crackle.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   ds.serving-sys.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   media.heavy.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   media1.break.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   media4.onsugar.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   objects.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   secure-us.imrworldwide.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   tag.2bluemedia.hiro.tv [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   videocdn.pgoamedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   www.quick-click-commissions.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q3CJS4SP ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[10].TXT [ /1SADX ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[11].TXT [ /1SADX ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[1].TXT [ /1SADX ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[2].TXT [ /1SADX ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[3].TXT [ /1SADX ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[4].TXT [ /1SADX ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[5].TXT [ /1SADX ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[6].TXT [ /1SADX ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[7].TXT [ /1SADX ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[8].TXT [ /1SADX ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@1SADX[9].TXT [ /1SADX ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[10].TXT [ /247REALMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[11].TXT [ /247REALMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[1].TXT [ /247REALMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[2].TXT [ /247REALMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[3].TXT [ /247REALMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[4].TXT [ /247REALMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[5].TXT [ /247REALMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[6].TXT [ /247REALMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[7].TXT [ /247REALMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[8].TXT [ /247REALMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247REALMEDIA[9].TXT [ /247REALMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@2O7[2].TXT [ /2O7 ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@2O7[3].TXT [ /2O7 ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /A1.INTERCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /A1.INTERCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /A1.INTERCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /A1.INTERCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /A1.INTERCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /A1.INTERCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /A1.INTERCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /A1.INTERCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /A1.INTERCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ACCOUNTS.GOOGLE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ACCOUNTS.GOOGLE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.360YIELD ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AD.360YIELD ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /AD.360YIELD ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AD.360YIELD ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /AD.360YIELD ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.DOUBLECLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.WSOD ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AD.WSOD ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AD.WSOD ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AD.WSOD ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /AD.WSOD ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /AD.YIELDMANAGER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /AD.YIELDMANAGER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD.YIELDMANAGER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AD.YIELDMANAGER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AD.YIELDMANAGER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /AD.YIELDMANAGER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AD.YIELDMANAGER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /AD.YIELDMANAGER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /AD.YIELDMANAGER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /AD.YIELDMANAGER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /AD.YIELDMANAGER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /AD2.ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /AD2.ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AD2.ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AD2.ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AD2.ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /AD2.ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AD2.ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /AD2.ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /AD2.ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /AD2.ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /AD2.ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[10].TXT [ /ADBRITE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[11].TXT [ /ADBRITE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[1].TXT [ /ADBRITE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[2].TXT [ /ADBRITE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[3].TXT [ /ADBRITE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[4].TXT [ /ADBRITE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[5].TXT [ /ADBRITE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[6].TXT [ /ADBRITE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[7].TXT [ /ADBRITE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[8].TXT [ /ADBRITE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[9].TXT [ /ADBRITE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /ADFARM1.ADITION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADINTERAX[1].TXT [ /ADINTERAX ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADINTERAX[2].TXT [ /ADINTERAX ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADINTERAX[4].TXT [ /ADINTERAX ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADJUGGLER[1].TXT [ /ADJUGGLER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADJUGGLER[2].TXT [ /ADJUGGLER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADJUGGLER[3].TXT [ /ADJUGGLER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[10].TXT [ /ADNETWORK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[11].TXT [ /ADNETWORK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[1].TXT [ /ADNETWORK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[2].TXT [ /ADNETWORK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[3].TXT [ /ADNETWORK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[4].TXT [ /ADNETWORK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[5].TXT [ /ADNETWORK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[6].TXT [ /ADNETWORK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[7].TXT [ /ADNETWORK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[8].TXT [ /ADNETWORK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADNETWORK[9].TXT [ /ADNETWORK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.24HLOCALSERVICES ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.ADK2 ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.ADK2 ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.ADK2 ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.ADK2 ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.ADK2 ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADS.ADK2 ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADS.ADK2 ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADS.ADK2 ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /ADS.ADK2 ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.ADOPTIMIZED ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.ADOPTIMIZED ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.BRIDGETRACK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.CPXCENTER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.CPXCENTER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.FINANCIALCONTENT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.FINANCIALCONTENT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.FINANCIALCONTENT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.FOOTAR ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.FOOTAR ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.FOOTAR ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.FOOTAR ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.FOOTBALLMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.FOOTBALLMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.FOOTBALLMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.FOOTBALLMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.GAMERSMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.GAMERSMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.GAMERSMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.GAMERSMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.GAMERSMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADS.GAMERSMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADS.GAMERSMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADS.GAMERSMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /ADS.GAMERSMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.GLISPA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.INTERGI ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.INTERGI ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.INTERGI ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.INTERGI ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.INTERGI ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADS.INTERGI ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADS.INTERGI ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADS.INTERGI ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.LYCOS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.LYCOS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.LYCOS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.LYCOS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.MSV-INC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.MSV-INC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.MSV-INC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.MSV-INC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADS.MSV-INC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.NETWORLDMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.PARTSBROKERS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.PIXFUTURE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /ADS.POINTROLL ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /ADS.POINTROLL ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.POINTROLL ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.POINTROLL ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.POINTROLL ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.POINTROLL ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.POINTROLL ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADS.POINTROLL ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADS.POINTROLL ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADS.POINTROLL ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /ADS.POINTROLL ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /ADS.PUBMATIC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /ADS.PUBMATIC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.PUBMATIC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.PUBMATIC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.PUBMATIC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.PUBMATIC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADS.PUBMATIC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADS.PUBMATIC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADS.PUBMATIC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADS.PUBMATIC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /ADS.PUBMATIC ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.REACT2MEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.SHOPSTYLE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.SHOPSTYLE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.SHOPSTYLE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /ADS.UNDERTONE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /ADS.UNDERTONE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS.UNDERTONE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.UNDERTONE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADS.UNDERTONE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS.UNDERTONE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADS.UNDERTONE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADS.UNDERTONE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADS.UNDERTONE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /ADS.UNDERTONE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS.XTARGETING ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS1.ZENOVIAEXCHANGE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADS1.ZENOVIAEXCHANGE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADS1.ZENOVIAEXCHANGE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADS2.IWEB.CORTICA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /ADSERVER.ADTECHUS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /ADSERVER.ADTECHUS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADSERVER.ADTECHUS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADSERVER.ADTECHUS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADSERVER.ADTECHUS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADSERVER.ADTECHUS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADSERVER.ADTECHUS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADSERVER.ADTECHUS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /ADSERVER.ADTECHUS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /ADSERVER.ADTECHUS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /ADSERVER.ADTECHUS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADSERVER.VALWA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECHUS[1].TXT [ /ADTECHUS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECHUS[2].TXT [ /ADTECHUS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECHUS[3].TXT [ /ADTECHUS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[1].TXT [ /ADTECH ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[2].TXT [ /ADTECH ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[3].TXT [ /ADTECH ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[4].TXT [ /ADTECH ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[5].TXT [ /ADTECH ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[6].TXT [ /ADTECH ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[7].TXT [ /ADTECH ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADULTSWIM[2].TXT [ /ADULTSWIM ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADUP.ROTATOR.HADJ7.ADJUGGLER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADUP.ROTATOR.HADJ7.ADJUGGLER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADUP.ROTATOR.HADJ7.ADJUGGLER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADUP.ROTATOR.HADJ7.ADJUGGLER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /ADUP.ROTATOR.HADJ7.ADJUGGLER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADVERTISERS.PIXFUTURE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /ADVERTISING.EZANGA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /ADVERTISING.EZANGA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /ADVERTISING.EZANGA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /ADVERTISING.EZANGA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /ADVERTISING.SHEKNOWS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[10].TXT [ /ADVERTISING ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[11].TXT [ /ADVERTISING ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[1].TXT [ /ADVERTISING ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[2].TXT [ /ADVERTISING ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[3].TXT [ /ADVERTISING ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[4].TXT [ /ADVERTISING ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[5].TXT [ /ADVERTISING ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[6].TXT [ /ADVERTISING ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[7].TXT [ /ADVERTISING ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[8].TXT [ /ADVERTISING ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[9].TXT [ /ADVERTISING ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[10].TXT [ /ADXPOSE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[11].TXT [ /ADXPOSE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[1].TXT [ /ADXPOSE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[2].TXT [ /ADXPOSE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[3].TXT [ /ADXPOSE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[4].TXT [ /ADXPOSE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[5].TXT [ /ADXPOSE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[6].TXT [ /ADXPOSE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[7].TXT [ /ADXPOSE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[8].TXT [ /ADXPOSE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[9].TXT [ /ADXPOSE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AIM4MEDIA[1].TXT [ /AIM4MEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AJPN.ROTATOR.HADJ1.ADJUGGLER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AJPN.ROTATOR.HADJ1.ADJUGGLER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AJPN.ROTATOR.HADJ1.ADJUGGLER ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AMAZON-ADSYSTEM[1].TXT [ /AMAZON-ADSYSTEM ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AMAZON-ADSYSTEM[2].TXT [ /AMAZON-ADSYSTEM ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AMAZON-ADSYSTEM[3].TXT [ /AMAZON-ADSYSTEM ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AMERIPRISESTATS[1].TXT [ /AMERIPRISESTATS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[10].TXT [ /APMEBF ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[11].TXT [ /APMEBF ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[1].TXT [ /APMEBF ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[2].TXT [ /APMEBF ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[3].TXT [ /APMEBF ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[4].TXT [ /APMEBF ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[5].TXT [ /APMEBF ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[6].TXT [ /APMEBF ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[7].TXT [ /APMEBF ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[8].TXT [ /APMEBF ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[9].TXT [ /APMEBF ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AR.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AR.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AR.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /AR.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AR.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /AT.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /AT.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /AT.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /AT.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /AT.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /AT.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /AT.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /AT.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /AT.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /AT.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /AT.ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[10].TXT [ /ATDMT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[11].TXT [ /ATDMT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[1].TXT [ /ATDMT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[2].TXT [ /ATDMT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[3].TXT [ /ATDMT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[4].TXT [ /ATDMT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[5].TXT [ /ATDMT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[6].TXT [ /ATDMT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[7].TXT [ /ATDMT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[8].TXT [ /ATDMT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[9].TXT [ /ATDMT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATWOLA[1].TXT [ /ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATWOLA[2].TXT [ /ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATWOLA[3].TXT [ /ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATWOLA[4].TXT [ /ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATWOLA[5].TXT [ /ATWOLA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AWESOME-FIND[1].TXT [ /AWESOME-FIND ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AZJMP[1].TXT [ /AZJMP ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AZJMP[2].TXT [ /AZJMP ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[1].TXT [ /BIZZCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[2].TXT [ /BIZZCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[3].TXT [ /BIZZCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[4].TXT [ /BIZZCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[5].TXT [ /BIZZCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[6].TXT [ /BIZZCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[7].TXT [ /BIZZCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[8].TXT [ /BIZZCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[9].TXT [ /BIZZCLICK ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /BLOG.GOURMETCOUNTRY ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /BLOG.GOURMETCOUNTRY ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /BLOG.GOURMETCOUNTRY ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BOOM-FIND[1].TXT [ /BOOM-FIND ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /BS.SERVING-SYS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /BS.SERVING-SYS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /BS.SERVING-SYS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /BS.SERVING-SYS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /BS.SERVING-SYS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /BS.SERVING-SYS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /BS.SERVING-SYS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /BS.SERVING-SYS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /BS.SERVING-SYS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /BS.SERVING-SYS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /BS.SERVING-SYS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[10].TXT [ /BURSTBEACON ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[11].TXT [ /BURSTBEACON ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[1].TXT [ /BURSTBEACON ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[2].TXT [ /BURSTBEACON ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[3].TXT [ /BURSTBEACON ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[4].TXT [ /BURSTBEACON ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[5].TXT [ /BURSTBEACON ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[6].TXT [ /BURSTBEACON ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[7].TXT [ /BURSTBEACON ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[8].TXT [ /BURSTBEACON ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTBEACON[9].TXT [ /BURSTBEACON ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[10].TXT [ /BURSTNET ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[11].TXT [ /BURSTNET ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[1].TXT [ /BURSTNET ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[2].TXT [ /BURSTNET ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[3].TXT [ /BURSTNET ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[4].TXT [ /BURSTNET ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[5].TXT [ /BURSTNET ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[6].TXT [ /BURSTNET ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[7].TXT [ /BURSTNET ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[8].TXT [ /BURSTNET ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BURSTNET[9].TXT [ /BURSTNET ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /C.ATDMT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /C.ATDMT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /C.GIGCOUNT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected] [ /CA2O7TQ0.TXT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected] [ /CAH2O7I4.TXT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected] [ /CAKMXXXO.TXT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected] [ /CAMGXXX6.TXT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CANYONRANCH.112.2O7 ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[10].TXT [ /CASALEMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[11].TXT [ /CASALEMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[1].TXT [ /CASALEMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[2].TXT [ /CASALEMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[3].TXT [ /CASALEMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[4].TXT [ /CASALEMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[5].TXT [ /CASALEMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[6].TXT [ /CASALEMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[7].TXT [ /CASALEMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[8].TXT [ /CASALEMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[9].TXT [ /CASALEMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected] [ /CATU5RU4.TXT ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CDN.JEMAMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /CDN.JEMAMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CITYGRIDMEDIA[2].TXT [ /CITYGRIDMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CITYGRIDMEDIA[3].TXT [ /CITYGRIDMEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][10].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][11].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][3].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][4].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][5].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][6].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][7].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][8].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][9].TXT [ /CLICK.EXPANDSEARCHANSWERS ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CLICK.GET-ANSWERS-FAST ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CLICK.PMI5MEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /CLICK.PMI5MEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CLICK.PRIMOSEARCH ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][1].TXT [ /CLICK.SEARCHNATION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\[email protected][2].TXT [ /CLICK.SEARCHNATION ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[1].TXT [ /CLICKSOR ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[2].TXT [ /CLICKSOR ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[3].TXT [ /CLICKSOR ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[4].TXT [ /CLICKSOR ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[6].TXT [ /CLICKSOR ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[7].TXT [ /CLICKSOR ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[8].TXT [ /CLICKSOR ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[9].TXT [ /CLICKSOR ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSURE[1].TXT [ /CLICKSURE ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@COLLECTIVE-MEDIA[10].TXT [ /COLLECTIVE-MEDIA ]
   C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@C

kile32 · « **Reply #25 on:** April 16, 2012, 12:09:19 AM »

I got it to work finally!

ComboFix 12-04-15.02 - Kile 04/15/2012 22:06:13.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2036.865 [GMT -5:00]
Running from: c:\users\Kile\Desktop\ComboFix.exe
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Kile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery
c:\users\Kile\Favorites\ehthumbs_vista.db
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_usnjsvc
.
.
((((((((((((((((((((((((( Files Created from 2012-03-16 to 2012-04-16 )))))))))))))))))))))))))))))))
.
.
2012-04-16 03:14 . 2012-04-16 03:14   --------   d-----w-   c:\users\Default\AppData\Local\temp
2012-04-15 15:19 . 2012-04-15 15:19   --------   d-----w-   c:\users\Kile\AppData\Local\VS Revo Group
2012-04-15 15:19 . 2009-12-30 15:21   27192   ----a-w-   c:\windows\system32\drivers\revoflt.sys
2012-04-15 15:19 . 2012-04-15 15:19   --------   d-----w-   c:\program files\VS Revo Group
2012-04-15 01:53 . 2012-04-15 01:53   74703   ----a-w-   c:\windows\system32\mfc45.dll
2012-04-15 01:53 . 2012-04-15 01:54   --------   d-----w-   c:\programdata\iolo
2012-04-15 01:53 . 2012-04-15 01:53   --------   d-----w-   c:\program files\iolo
2012-04-15 01:48 . 2012-03-20 08:53   6582328   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{A66504D9-B908-4655-A814-7C8E62574E27}\mpengine.dll
2012-04-14 20:12 . 2012-04-14 20:12   98816   ----a-w-   c:\windows\system32\mfps.dll
2012-04-14 18:46 . 2012-04-14 18:46   --------   d-----w-   c:\program files\Windows Portable Devices
2012-04-14 18:40 . 2009-09-10 02:00   92672   ----a-w-   c:\windows\system32\UIAnimation.dll
2012-04-14 18:40 . 2009-09-10 02:01   3023360   ----a-w-   c:\windows\system32\UIRibbon.dll
2012-04-14 18:40 . 2009-09-10 02:00   1164800   ----a-w-   c:\windows\system32\UIRibbonRes.dll
2012-04-14 18:38 . 2012-02-29 15:11   5120   ----a-w-   c:\windows\system32\wmi.dll
2012-04-14 18:38 . 2012-02-29 15:11   172032   ----a-w-   c:\windows\system32\wintrust.dll
2012-04-14 18:38 . 2012-02-29 15:09   157696   ----a-w-   c:\windows\system32\imagehlp.dll
2012-04-14 18:38 . 2012-02-29 13:32   12800   ----a-w-   c:\windows\system32\drivers\fs_rec.sys
2012-04-14 18:38 . 2012-03-06 06:39   3602816   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2012-04-14 18:38 . 2012-03-06 06:39   3550080   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-04-14 18:31 . 2011-08-13 04:43   6144   ----a-w-   c:\program files\Internet Explorer\iecompat.dll
2012-04-14 18:30 . 2011-12-14 16:17   680448   ----a-w-   c:\windows\system32\msvcrt.dll
2012-04-14 18:30 . 2011-11-25 15:59   376320   ----a-w-   c:\windows\system32\winsrv.dll
2012-04-14 18:30 . 2011-09-20 21:02   905088   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2012-04-14 18:30 . 2011-10-25 15:58   1314816   ----a-w-   c:\windows\system32\quartz.dll
2012-04-14 18:30 . 2011-10-25 15:58   497152   ----a-w-   c:\windows\system32\qdvd.dll
2012-04-14 18:29 . 2011-11-17 06:48   440192   ----a-w-   c:\windows\system32\drivers\ksecdd.sys
2012-04-14 18:29 . 2011-11-16 16:23   377344   ----a-w-   c:\windows\system32\winhttp.dll
2012-04-14 18:29 . 2011-11-16 16:23   278528   ----a-w-   c:\windows\system32\schannel.dll
2012-04-14 18:29 . 2011-11-16 16:21   1259008   ----a-w-   c:\windows\system32\lsasrv.dll
2012-04-14 18:29 . 2011-11-16 16:23   72704   ----a-w-   c:\windows\system32\secur32.dll
2012-04-14 18:29 . 2011-11-16 14:12   9728   ----a-w-   c:\windows\system32\lsass.exe
2012-04-14 18:29 . 2011-02-22 14:13   288768   ----a-w-   c:\windows\system32\XpsGdiConverter.dll
2012-04-14 18:29 . 2011-02-22 13:33   1068544   ----a-w-   c:\windows\system32\DWrite.dll
2012-04-14 18:29 . 2011-02-22 13:33   797696   ----a-w-   c:\windows\system32\FntCache.dll
2012-04-14 18:22 . 2011-10-14 16:02   429056   ----a-w-   c:\windows\system32\EncDec.dll
2012-04-14 18:22 . 2011-09-30 15:57   707584   ----a-w-   c:\program files\Common Files\System\wab32.dll
2012-04-14 18:21 . 2011-11-18 20:23   1205064   ----a-w-   c:\windows\system32\ntdll.dll
2012-04-14 18:21 . 2011-07-29 16:01   293376   ----a-w-   c:\windows\system32\psisdecd.dll
2012-04-14 18:21 . 2011-07-29 16:01   217088   ----a-w-   c:\windows\system32\psisrndr.ax
2012-04-14 18:21 . 2011-07-29 16:00   69632   ----a-w-   c:\windows\system32\Mpeg2Data.ax
2012-04-14 18:21 . 2011-07-29 16:00   57856   ----a-w-   c:\windows\system32\MSDvbNP.ax
2012-04-14 18:20 . 2012-02-02 15:16   2044416   ----a-w-   c:\windows\system32\win32k.sys
2012-04-14 18:19 . 2011-10-14 16:03   189952   ----a-w-   c:\windows\system32\winmm.dll
2012-04-14 18:19 . 2011-10-14 16:00   23552   ----a-w-   c:\windows\system32\mciseq.dll
2012-04-14 18:18 . 2011-11-18 17:47   66560   ----a-w-   c:\windows\system32\packager.dll
2012-04-14 18:16 . 2011-10-25 15:56   49152   ----a-w-   c:\windows\system32\csrsrv.dll
2012-04-14 18:15 . 2011-11-08 14:42   2048   ----a-w-   c:\windows\system32\tzres.dll
2012-04-14 18:14 . 2011-08-25 16:15   555520   ----a-w-   c:\windows\system32\UIAutomationCore.dll
2012-04-14 18:14 . 2011-08-25 16:14   563712   ----a-w-   c:\windows\system32\oleaut32.dll
2012-04-14 18:14 . 2011-08-25 16:14   238080   ----a-w-   c:\windows\system32\oleacc.dll
2012-04-14 18:14 . 2011-08-25 13:31   4096   ----a-w-   c:\windows\system32\oleaccrc.dll
2012-04-14 18:12 . 2012-01-09 15:54   613376   ----a-w-   c:\windows\system32\rdpencom.dll
2012-04-14 18:12 . 2012-01-09 13:58   180736   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2012-04-14 18:11 . 2010-05-04 19:13   231424   ----a-w-   c:\windows\system32\msshsq.dll
2012-04-14 18:04 . 2012-04-14 18:04   --------   d-----w-   C:\TDSSKiller_Quarantine
2012-04-14 03:19 . 2012-04-14 03:19   --------   d-----w-   c:\program files\Microsoft Download Manager
2012-04-13 05:30 . 2012-03-01 11:01   2409784   ----a-w-   c:\program files\Windows Mail\OESpamFilter.dat
2012-04-13 00:49 . 2012-04-13 00:49   --------   d-----w-   c:\programdata\Kaspersky Lab
2012-04-13 00:32 . 2012-04-13 00:32   --------   d-----w-   c:\program files\Common Files\Java
2012-04-12 07:17 . 2012-04-12 07:18   --------   d-----w-   c:\program files\CCleaner
2012-04-12 05:28 . 2012-04-12 05:31   --------   d-----w-   c:\windows\system32\ca-ES
2012-04-12 05:28 . 2012-04-12 05:30   --------   d-----w-   c:\windows\system32\eu-ES
2012-04-12 05:28 . 2012-04-12 05:30   --------   d-----w-   c:\windows\system32\vi-VN
2012-04-12 04:03 . 2012-04-12 04:11   --------   d-----w-   c:\windows\system32\SPReview
2012-04-12 03:40 . 2009-04-11 04:28   928768   ----a-w-   c:\windows\system32\scavenge.dll
2012-04-12 03:40 . 2009-04-11 04:27   57856   ----a-w-   c:\windows\system32\compcln.exe
2012-04-12 03:37 . 2009-04-11 04:28   1591296   ----a-w-   c:\windows\system32\setupapi.dll
2012-04-12 03:36 . 2009-04-11 04:32   438744   ----a-w-   c:\windows\system32\mcupdate_GenuineIntel.dll
2012-04-12 03:26 . 2012-04-12 03:26   --------   d-----w-   c:\windows\system32\EventProviders
2012-03-28 04:00 . 2012-03-28 05:36   --------   d-----w-   c:\users\Kile\AppData\Roaming\Norton Utilities
2012-03-28 03:55 . 2012-04-08 13:37   --------   d-----w-   c:\program files\Real
2012-03-28 03:52 . 2012-03-28 03:52   --------   d-----w-   c:\programdata\Norton Installer
2012-03-28 03:51 . 2010-11-30 07:23   44544   ----a-w-   c:\windows\system32\msxml4a.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-13 00:25 . 2010-05-24 12:14   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2012-04-04 20:56 . 2011-06-04 23:59   22344   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-03-15 02:44 . 2011-06-23 22:10   414368   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-23 15:18 . 2009-10-03 06:37   237072   ------w-   c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ComcastSecureBackupShare]
@="{72bcb80d-7778-eb4a-ec51-22340ad33e07}"
[HKEY_CLASSES_ROOT\CLSID\{72bcb80d-7778-eb4a-ec51-22340ad33e07}]
2010-12-14 17:06   3424488   ----a-w-   c:\program files\SecureBackupShare\ComcastSecureBackupShareshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ComcastSecureBackupShare2]
@="{b723586e-9ca0-5b27-341a-4990a8c342cf}"
[HKEY_CLASSES_ROOT\CLSID\{b723586e-9ca0-5b27-341a-4990a8c342cf}]
2010-12-14 17:06   3424488   ----a-w-   c:\program files\SecureBackupShare\ComcastSecureBackupShareshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ComcastSecureBackupShare3]
@="{f614e4c4-b3fa-5249-b9ea-4fe7d38b8cd0}"
[HKEY_CLASSES_ROOT\CLSID\{f614e4c4-b3fa-5249-b9ea-4fe7d38b8cd0}]
2010-12-14 17:06   3424488   ----a-w-   c:\program files\SecureBackupShare\ComcastSecureBackupShareshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"SansaDispatch"="c:\users\Kile\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2010-05-31 79872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-05-25 17920]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 4907008]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-12 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-12 133656]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"VX3000"="c:\windows\vVX3000.exe" [2009-06-26 757248]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-11-6 50688]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Secure Backup and Share Status.lnk - c:\program files\SecureBackupShare\ComcastSecureBackupSharestat.exe [2010-12-14 3539688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-08-13 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21   548352   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Constant Guard.lnk]
backup=c:\windows\pss\Constant Guard.lnkCommon Startup
backupExtension=Common Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2009-07-24 20:05   118640   ----a-w-   c:\program files\Microsoft LifeCam\LifeExp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2012-04-08 07:44   3905920   ----a-w-   c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]
2009-06-26 22:21   757248   ----a-w-   c:\windows\vVX3000.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-27 116608]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-05 77824]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12   REG_MULTI_SZ     Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt   REG_MULTI_SZ     hpqcxs08 hpqddsvc
nosGetPlusHelper   REG_MULTI_SZ     nosGetPlusHelper
LocalServiceAndNoImpersonation   REG_MULTI_SZ     FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg]
2011-07-05 15:26   435976   ----a-w-   c:\program files\SFT\GuardedID\GIDI.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-26 23:37]
.
2012-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-26 23:37]
.
2012-04-15 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2009-10-12 05:01]
.
2012-04-13 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-10-12 05:01]
.
2012-04-11 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-03-28 22:52]
.
2012-04-16 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-03-28 22:52]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.comcast.net/
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Trusted Zone: dell.com\www
Trusted Zone: realtor.org\www
Trusted Zone: yahoo.com\games
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
FF - ProfilePath - c:\users\Kile\AppData\Roaming\Mozilla\Firefox\Profiles\nc2ggpmw.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/?pc=Z039&form=ZGAPHP
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZUxdm593YYUS&fl=0&ptb=kLYXbKBETjdxxEa8dEf0nQ&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{f629a2e4-771b-4215-bfca-140d74011dbe} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-AROReminder - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-15 22:29
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
SansaDispatch = c:\users\Kile\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe?

?0?

/sansa/Application/SansaUpdaterInstall_1_018.exe?

.
scanning hidden files ...
.
.
c:\users\Kile\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\5.2.0.13\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5 977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,66,91,4b,f8,ec,40,2a,42,9d,eb,a2,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839 E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,66,91,4b,f8,ec,40,2a,42,9d,eb,a2,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1040)
c:\program files\SecureBackupShare\ComcastSecureBackupShareshell.dll
c:\program files\SecureBackupShare\LIBEAY32.dll
c:\windows\system32\ieframe.dll
c:\program files\Common Files\System\MAPI\1033\msmapi32.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\program files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
c:\windows\system32\DllHost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\SecureBackupShare\ComcastSecureBackupSharebackup.exe
c:\program files\SecureBackupShare\ComcastSecureBackupSharebackup.exe
c:\windows\system32\DllHost.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2012-04-15 22:35:15 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-16 03:35
.
Pre-Run: 238,673,174,528 bytes free
Post-Run: 238,567,510,016 bytes free
.
- - End Of File - - A9F231E9BF1421FCB813B19ACB0E01B0

SuperDave · « **Reply #26 on:** April 16, 2012, 11:26:16 AM »

Re-running ComboFix to remove infections:

Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Open notepad and copy/paste the text in the quotebox below into it:
Quote
KillAll::

FireFox::
Trusted Zone: dell.com\www
Trusted Zone: realtor.org\www
Trusted Zone: yahoo.com\games

DDS::
Trusted Zone: dell.com\www
Trusted Zone: realtor.org\www
Trusted Zone: yahoo.com\games
Save this as CFScript.txt, in the same location as ComboFix.exe
Referring to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at C:\ComboFix.txt
I don't need to see the log from this action.

**********************************************
SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

http://sites.google.com/site/sysprotantirootkit/

Unzip it into a folder on your desktop.

Double click Sysprot.exe to start the program.
Click on the Log tab.
In the Write to log box select the following items.

Process << Selected
Kernel Modules << Selected
SSDT << Selected
Kernel Hooks << Selected
IRP Hooks << NOT Selected
Ports << NOT Selected
Hidden Files << Selected

At the bottom of the page

Hidden Objects Only << Selected

Click on the Create Log button on the bottom right.
After a few seconds a new window should appear.
Select Scan Root Drive. Click on the Start button.
When it is complete a new window will appear to indicate that the scan is finished.
The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

kile32 · « **Reply #27 on:** April 16, 2012, 05:26:10 PM »

SysProt AntiRootkit v1.0.1.0
by swatkat

******************************************************************************************
******************************************************************************************

No Hidden Processes found

******************************************************************************************
******************************************************************************************
No Hidden Kernel Modules found

******************************************************************************************
******************************************************************************************
No SSDT Hooks found

******************************************************************************************
******************************************************************************************
No Kernel Hooks found

******************************************************************************************
******************************************************************************************
No hidden files/folders found

SuperDave · « **Reply #28 on:** April 16, 2012, 06:40:46 PM »

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the

button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

Click on to download the ESET Smart Installer. Save it to your desktop.
Double click on the icon on your desktop.

•Check

•Click the

button.
•Accept any security warnings from your browser.
•Check

•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push

•Push

, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the

button.
•Push

A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

kile32 · « **Reply #29 on:** April 17, 2012, 08:05:28 PM »

C:\Program Files\FoxTabVideoConverter\VideoConverter.exe   a variant of Win32/InstallCore.A application   cleaned by deleting - quarantined
C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll   a variant of Win32/Adware.Yontoo.A application   cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\14.04.2012_13.02.25\mbr0000\tdlfs0000\tsk0005.dta   a variant of Win32/Rootkit.Kryptik.KS trojan   cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\MSoft\VerCheck\VerCheck.exe   a variant of MSIL/Adware.SanctionedMedia.A application   cleaned by deleting - quarantined

Computer Hope Forum

News:

Author Topic: major problems with computer speed. Need big time help (Read 21839 times)

kile32

Re: major problems with computer speed. Need big time help

SuperDave

Re: major problems with computer speed. Need big time help

kile32

Re: major problems with computer speed. Need big time help

SuperDave

Re: major problems with computer speed. Need big time help

kile32

Re: major problems with computer speed. Need big time help

kile32

Re: major problems with computer speed. Need big time help

SuperDave

Re: major problems with computer speed. Need big time help

kile32

Re: major problems with computer speed. Need big time help

SuperDave

Re: major problems with computer speed. Need big time help

kile32

Re: major problems with computer speed. Need big time help

kile32

Re: major problems with computer speed. Need big time help

SuperDave

Re: major problems with computer speed. Need big time help

kile32

Re: major problems with computer speed. Need big time help

SuperDave

Re: major problems with computer speed. Need big time help

kile32

Re: major problems with computer speed. Need big time help