 |
Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
|
| View previous topic :: View next topic |
| Author |
Message |
akbode
Newbie
Joined: 15 Apr 2012
Last Visit: 19 Apr 2012
Posts: 6
|
 Posted: Sun Apr 15, 2012 12:25 pm Post subject: Help with redirect virus |
 |
|
I keep being redirected to advertising pages when I click on a link after doing a search. I ran dds and here are the logs. Can you help me?
Thank you.
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19088 BrowserJavaVersion: 1.6.0_21
Run by Anne at 14:15:03 on 2012-04-15
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.1915.699 [GMT -6:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\igfxext.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://xfinity.comcast.net/?cid=cgps02262012
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\5.2.0.13\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\5.2.0.13\ips\IPSBHO.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - c:\program files\xfin_portal\auxi\comcastAu.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\5.2.0.13\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [ComcastAntispyClient] "c:\program files\comcasttb\comcastspywarescan\ComcastAntispy.exe" /hide
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [NDSTray.exe] NDSTray.exe
mRun: [cfFncEnabler.exe] cfFncEnabler.exe
mRun: [ToshibaServiceStation] c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe /hide:60
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\users\anne\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0913D5A8-EAAD-4D04-821E-DF2C6404AAB0} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{C7C2CE88-D3AB-4247-8603-3E32EC6C0705} : DhcpNameServer = 192.168.1.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\anne\appdata\roaming\mozilla\firefox\profiles\7jf2702y.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\coffplgn\components\coFFPlgn.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\ipsffplgn\components\IPSFFPl.dll
FF - component: c:\users\anne\appdata\roaming\mozilla\firefox\profiles\7jf2702y.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\users\anne\appdata\roaming\mozilla\firefox\profiles\7jf2702y.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPcol308.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\picasa2\npPicasa3.dll
FF - plugin: c:\users\anne\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\users\anne\appdata\roaming\mozilla\firefox\profiles\7jf2702y.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0502000.00d\symds.sys [2012-2-28 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0502000.00d\symefa.sys [2012-2-28 744568]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\bashdefs\20120402.001\BHDrvx86.sys [2012-4-2 821880]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\ipsdefs\20120413.001\IDSvix86.sys [2012-4-13 368248]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\drivers\RtlProt.sys [2009-5-25 25896]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0502000.00d\ironx86.sys [2012-2-28 136312]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0502000.00d\symtdiv.sys [2012-2-28 331384]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\comcastspywarescan\ComcastAntiSpyService.exe [2009-6-17 616408]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-17 40960]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2010-10-20 13336]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\5.2.0.13\ccsvchst.exe [2012-2-28 130008]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-2-28 106104]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-9-30 7168]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187B.sys [2009-5-25 290304]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-12 135664]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-9-30 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-12 135664]
S3 SVRPEDRV;SVRPEDRV;c:\windows\system32\sysprep\PEDRV.SYS [2008-9-30 9216]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-1-20 16896]
.
=============== Created Last 30 ================
.
2012-04-15 02:54:45 -------- d-----w- c:\users\anne\appdata\roaming\SUPERAntiSpyware.com
2012-04-15 02:54:11 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-04-15 02:54:10 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-04-15 02:38:03 -------- d-----w- c:\users\anne\appdata\roaming\Malwarebytes
2012-04-15 02:37:39 -------- d-----w- c:\programdata\Malwarebytes
2012-04-15 01:16:06 -------- d-----w- c:\program files\PC Tools
2012-04-15 01:13:18 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-04-15 01:13:16 -------- d-----w- c:\program files\common files\PC Tools
2012-04-15 01:12:49 -------- d-----w- c:\programdata\PC Tools
2012-04-15 01:12:48 -------- d-----w- c:\users\anne\appdata\roaming\TestApp
2012-04-15 00:22:54 -------- d-----w- c:\users\anne\appdata\roaming\QuickScan
2012-04-14 19:42:21 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2012-04-08 01:56:47 -------- d-----w- c:\users\anne\appdata\local\NPE
2012-04-06 02:41:56 -------- d-----w- c:\programdata\Etiam
.
==================== Find3M ====================
.
2012-02-28 13:58:53 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-02-07 17:02:40 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
.
============= FINISH: 14:17:15.99 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume2
Install Date: 5/25/2009 5:39:48 PM
System Uptime: 4/15/2012 1:52:00 PM (1 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Celeron(R) CPU 900 @ 2.20GHz | CPU | 1097/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 140 GiB total, 90.877 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P3005
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: Hewlett-Packard
Name: HP LaserJet P3005
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1)
Amazon Links
Aperio ImageScope
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bonjour
BufferChm
CA Pest Patrol Realtime Protection
Cards_Calendar_OrderGift_DoMorePlugout
CD/DVD Drive Acoustic Silencer
Compatibility Pack for the 2007 Office system
Cool Timer 3.6
Coupon Printer for Windows
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DocProc
DocProcQFolder
DVD MovieFactory for TOSHIBA
eSupportQFolder
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 11.0
HP Imaging Device Functions 11.0
HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4
HP Photosmart Essential 2.5
HP Photosmart Essential 3.0
HP Smart Web Printing
HP Solution Center 11.0
HP Update
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 21
Java(TM) 6 Update 6
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft XML Parser
Mozilla Firefox 8.0 (x86 en-US)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network
Norton Security Suite
OCR Software by I.R.I.S. 11.0
OGA Notifier 2.0.0048.0
OpenOffice.org 3.1
PanoStandAlone
Picasa 3
PS_AIO_04_C4580_Software
PS_AIO_04_C4580_Software_Min
PSSWCORE
QuickBooks Financial Center
QuickTime
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek High Definition Audio Driver
REALTEK RTL8187B Wireless LAN Driver
Realtek USB 2.0 Card Reader
Realtek WiFi Protected Setup Library
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Shop for HP Supplies
SmartWebPrinting
SolutionCenter
Status
SUPERAntiSpyware
Synaptics Pointing Device Driver
Toolbox
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Desktop Links
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Hardware Setup
TOSHIBA Recovery Disc Creator
Toshiba Registration
TOSHIBA Service Station
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VideoToolkit01
WebReg
WildTangent Games
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
Yahoo! BrowserPlus 2.9.8
.
==== Event Viewer Messages From Past Week ========
.
4/9/2012 9:35:16 AM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 17 time(s).
4/9/2012 8:37:25 AM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 16 time(s).
4/9/2012 7:57:33 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 26 time(s).
4/9/2012 7:54:51 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 25 time(s).
4/9/2012 7:46:57 AM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 15 time(s).
4/9/2012 6:23:52 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 24 time(s).
4/9/2012 6:06:24 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 23 time(s).
4/9/2012 4:38:51 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 22 time(s).
4/9/2012 12:51:35 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 19 time(s).
4/9/2012 12:47:44 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 18 time(s).
4/9/2012 1:54:00 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 21 time(s).
4/9/2012 1:51:41 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 20 time(s).
4/8/2012 8:15:45 AM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 4 time(s).
4/8/2012 7:41:27 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 13 time(s).
4/8/2012 6:38:31 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 12 time(s).
4/8/2012 5:20:16 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 11 time(s).
4/8/2012 5:14:31 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 10 time(s).
4/8/2012 3:13:07 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 9 time(s).
4/8/2012 3:12:12 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPSLPSVC service.
4/8/2012 3:06:13 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 8 time(s).
4/8/2012 3:01:45 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 7 time(s).
4/8/2012 12:43:14 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 6 time(s).
4/8/2012 11:27:29 AM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 5 time(s).
4/8/2012 11:23:57 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
4/8/2012 11:04:17 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 14 time(s).
4/14/2012 8:30:10 AM, Error: Service Control Manager [7000] - The Network Connections service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2012 8:30:10 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
4/14/2012 8:29:40 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.
4/14/2012 7:20:54 PM, Error: PCTCore [280] -
4/13/2012 8:53:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
4/13/2012 8:53:11 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/13/2012 8:53:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/12/2012 2:47:02 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
4/12/2012 2:43:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.
4/12/2012 1:09:37 PM, Error: netbt [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
4/11/2012 3:14:54 PM, Error: Microsoft-Windows-ResourcePublication [1002] - Element Provider\Microsoft.Base.Publication/Publication/Computer failed to publish. Ensure that both PKEY_PUBSVCS_METADATA and PKEY_PUBSVCS_TYPE are set properly on the function instance and there were no errors adding the function instance.
4/11/2012 2:50:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
4/11/2012 12:29:33 PM, Error: BROWSER [8009] - The browser was unable to promote itself to master browser. The computer that currently believes it is the master browser is AKBODE-PC.
4/11/2012 12:08:53 PM, Error: netbt [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.31. The computer with the IP address 192.168.1.96 did not allow the name to be claimed by this computer.
4/10/2012 9:28:25 AM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 2 time(s).
4/10/2012 9:26:50 AM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 1 time(s).
4/10/2012 9:26:07 AM, Error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
4/10/2012 9:25:07 AM, Error: Service Control Manager [7000] - The Intel(R) Matrix Storage Event Monitor service failed to start due to the following error: The system cannot find the file specified.
4/10/2012 7:51:28 AM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 28 time(s).
4/10/2012 7:22:58 AM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 27 time(s).
4/10/2012 12:39:27 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 3 time(s).
4/10/2012 12:37:16 PM, Error: PlugPlayManager [11] - The device Root\LEGACY_SMR250\0000 disappeared from the system without first being prepared for removal.
.
==== End Of File =========================== |
|
| Back to top |
|
 |
Cypher
Moderator
Joined: 05 Jul 2009
Last Visit: 25 May 2013
Posts: 4051
Location: Land Of The Leprechauns
|
| Posted: Mon Apr 16, 2012 7:18 am Post subject: |
|
|
Hi and welcome to Spyware Warrior Forum.
My name is Cypher, and I will be helping you with your malware problems.
This may or may not, solve other issues you have with your machine.
If you no longer require help i would be grateful if you would let me know.
Before we start please note the following important guidelines. - If you don't know or understand something, please don't hesitate to ask.
- Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
- Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
Remember, absence of symptoms does not mean the infection is all gone.
- Please DO NOT run any other tools or scans whilst I am helping you.
- Please DO NOT install any other software (or hardware) during the cleaning process.
- Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
- Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
- Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!
Note: If you haven't done so already, please read this topic Things to know before you post where the conditions for receiving help here are explained.
| Quote: |
| Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop. |
Because of this, I advise you to backup any personal files and folders before you start
Please download Malwarebytes' Anti-Malware and save to your desktop.
- Right-click mbam-setup.exe And select " Run as administrator " then follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware
- Then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform Quick Scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
- When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
- The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Next.
TDSSKiller
Please download TDSSKiller.exe and save it to your Desktop.
- Right click on TDSSKiller.exe and select " Run as administrator " to run it.
- Click on Start Scan, the scan will run.
- When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
- Now click on Report to open the log file created by TDSSKiller in your root directory C:\
- To find the log go to Start > Computer > C:
- Post the contents of that log in your next reply please.
- DO NOT TRY TO FIX ANYTHING AT THIS POINT
Logs/Information to Post in your Next Reply
- Malwarebytes log.
- TDSSKiller log.
_________________
Admin/Teacher at Malware Removal University
Member of...
 |
|
| Back to top |
|
|
akbode
Newbie
Joined: 15 Apr 2012
Last Visit: 19 Apr 2012
Posts: 6
|
| Posted: Mon Apr 16, 2012 9:51 am Post subject: logs |
|
|
Thanks for your help. Here are the logs, neither scan showed anything to be fixed.
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.04.16.04
Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 8.0.6001.19088
Anne :: ANNE-PC [administrator]
4/16/2012 11:30:26 AM
mbam-log-2012-04-16 (11-30-26).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 192885
Time elapsed: 8 minute(s), 54 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
11:44:33.0415 5952 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
11:44:34.0433 5952 ============================================================
11:44:34.0433 5952 Current date / time: 2012/04/16 11:44:34.0433
11:44:34.0433 5952 SystemInfo:
11:44:34.0433 5952
11:44:34.0433 5952 OS Version: 6.0.6001 ServicePack: 1.0
11:44:34.0433 5952 Product type: Workstation
11:44:34.0433 5952 ComputerName: ANNE-PC
11:44:34.0434 5952 UserName: Anne
11:44:34.0434 5952 Windows directory: C:\Windows
11:44:34.0434 5952 System windows directory: C:\Windows
11:44:34.0435 5952 Processor architecture: Intel x86
11:44:34.0435 5952 Number of processors: 1
11:44:34.0435 5952 Page size: 0x1000
11:44:34.0435 5952 Boot type: Normal boot
11:44:34.0435 5952 ============================================================
11:44:35.0796 5952 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:44:35.0799 5952 \Device\Harddisk0\DR0:
11:44:35.0799 5952 MBR used
11:44:35.0799 5952 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x118BC800
11:44:35.0885 5952 Initialize success
11:44:35.0885 5952 ============================================================
11:44:39.0678 5860 ============================================================
11:44:39.0678 5860 Scan started
11:44:39.0678 5860 Mode: Manual;
11:44:39.0679 5860 ============================================================
11:44:41.0907 5860 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
11:44:41.0912 5860 !SASCORE - ok
11:44:42.0112 5860 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
11:44:42.0120 5860 ACPI - ok
11:44:42.0233 5860 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:44:42.0241 5860 AdobeARMservice - ok
11:44:42.0384 5860 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
11:44:42.0397 5860 adp94xx - ok
11:44:42.0529 5860 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
11:44:42.0543 5860 adpahci - ok
11:44:42.0576 5860 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
11:44:42.0580 5860 adpu160m - ok
11:44:42.0693 5860 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
11:44:42.0699 5860 adpu320 - ok
11:44:42.0846 5860 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
11:44:42.0848 5860 AeLookupSvc - ok
11:44:42.0968 5860 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
11:44:42.0981 5860 AFD - ok
11:44:43.0141 5860 AgereSoftModem (5d97943c128ed756d1b0a08302c1b1f8) C:\Windows\system32\DRIVERS\AGRSM.sys
11:44:43.0166 5860 AgereSoftModem - ok
11:44:43.0313 5860 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
11:44:43.0317 5860 agp440 - ok
11:44:43.0379 5860 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:44:43.0384 5860 aic78xx - ok
11:44:43.0538 5860 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
11:44:43.0541 5860 ALG - ok
11:44:43.0648 5860 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
11:44:43.0652 5860 aliide - ok
11:44:43.0792 5860 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
11:44:43.0802 5860 amdagp - ok
11:44:43.0950 5860 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
11:44:43.0954 5860 amdide - ok
11:44:44.0138 5860 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
11:44:44.0142 5860 AmdK7 - ok
11:44:44.0318 5860 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
11:44:44.0322 5860 AmdK8 - ok
11:44:44.0504 5860 AntiSpywareService (f9dac844b1d370da4c984d4c22f5e696) C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
11:44:44.0520 5860 AntiSpywareService - ok
11:44:44.0638 5860 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
11:44:44.0639 5860 Appinfo - ok
11:44:44.0859 5860 Apple Mobile Device (4b5ae15e5c73eb4dc8dbec2788230d41) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
11:44:44.0877 5860 Apple Mobile Device - ok
11:44:44.0976 5860 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
11:44:44.0981 5860 arc - ok
11:44:45.0145 5860 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
11:44:45.0149 5860 arcsas - ok
11:44:45.0328 5860 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:44:45.0331 5860 AsyncMac - ok
11:44:45.0432 5860 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
11:44:45.0435 5860 atapi - ok
11:44:45.0544 5860 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
11:44:45.0552 5860 AudioEndpointBuilder - ok
11:44:45.0567 5860 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
11:44:45.0578 5860 Audiosrv - ok
11:44:45.0704 5860 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:44:45.0706 5860 Beep - ok
11:44:45.0828 5860 BFE (8582e233c346aefe759833e8a30dd697) C:\Windows\System32\bfe.dll
11:44:45.0833 5860 BFE - ok
11:44:45.0990 5860 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120402.001\BHDrvx86.sys
11:44:46.0021 5860 BHDrvx86 - ok
11:44:46.0181 5860 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\System32\qmgr.dll
11:44:46.0196 5860 BITS - ok
11:44:46.0314 5860 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
11:44:46.0318 5860 blbdrive - ok
11:44:46.0400 5860 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe
11:44:46.0406 5860 Bonjour Service - ok
11:44:46.0515 5860 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
11:44:46.0533 5860 bowser - ok
11:44:46.0659 5860 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:44:46.0669 5860 BrFiltLo - ok
11:44:46.0790 5860 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:44:46.0801 5860 BrFiltUp - ok
11:44:46.0903 5860 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
11:44:46.0906 5860 Browser - ok
11:44:47.0213 5860 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:44:47.0218 5860 Brserid - ok
11:44:47.0353 5860 BrSerIf (3a9d55d28f61749a4564afd1d660c050) C:\Windows\system32\Drivers\BrSerIf.sys
11:44:47.0358 5860 BrSerIf - ok
11:44:47.0471 5860 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:44:47.0476 5860 BrSerWdm - ok
11:44:47.0606 5860 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:44:47.0609 5860 BrUsbMdm - ok
11:44:47.0736 5860 BrUsbSer (a24c7b39602218f8dbdb2b6704325fc7) C:\Windows\system32\Drivers\BrUsbSer.sys
11:44:47.0740 5860 BrUsbSer - ok
11:44:47.0904 5860 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:44:47.0907 5860 BTHMODEM - ok
11:44:48.0041 5860 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS
11:44:48.0046 5860 BVRPMPR5 - ok
11:44:48.0249 5860 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:44:48.0255 5860 cdfs - ok
11:44:48.0385 5860 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
11:44:48.0392 5860 cdrom - ok
11:44:48.0513 5860 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
11:44:48.0515 5860 CertPropSvc - ok
11:44:48.0583 5860 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
11:44:48.0586 5860 circlass - ok
11:44:48.0703 5860 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
11:44:48.0710 5860 CLFS - ok
11:44:48.0820 5860 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:44:48.0823 5860 clr_optimization_v2.0.50727_32 - ok
11:44:48.0981 5860 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:44:48.0987 5860 clr_optimization_v4.0.30319_32 - ok
11:44:49.0251 5860 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
11:44:49.0254 5860 CmBatt - ok
11:44:49.0371 5860 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
11:44:49.0374 5860 cmdide - ok
11:44:49.0503 5860 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
11:44:49.0506 5860 Compbatt - ok
11:44:49.0592 5860 COMSysApp - ok
11:44:49.0709 5860 ConfigFree Service (d10d01b2dfcd8d2f32a32ed29e8da1c2) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
11:44:49.0711 5860 ConfigFree Service - ok
11:44:49.0894 5860 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
11:44:49.0897 5860 crcdisk - ok
11:44:50.0024 5860 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
11:44:50.0028 5860 Crusoe - ok
11:44:50.0161 5860 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
11:44:50.0164 5860 CryptSvc - ok
11:44:50.0329 5860 DcomLaunch (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
11:44:50.0342 5860 DcomLaunch - ok
11:44:50.0477 5860 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
11:44:50.0481 5860 DfsC - ok
11:44:50.0691 5860 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
11:44:50.0755 5860 DFSR - ok
11:44:50.0893 5860 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
11:44:50.0899 5860 Dhcp - ok
11:44:51.0043 5860 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
11:44:51.0047 5860 disk - ok
11:44:51.0164 5860 Dnscache (4805d9a6d281c7a7defd9094dec6af7d) C:\Windows\System32\dnsrslvr.dll
11:44:51.0168 5860 Dnscache - ok
11:44:51.0226 5860 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
11:44:51.0233 5860 dot3svc - ok
11:44:51.0365 5860 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
11:44:51.0371 5860 Dot4 - ok
11:44:51.0495 5860 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:44:51.0498 5860 Dot4Print - ok
11:44:51.0666 5860 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
11:44:51.0669 5860 dot4usb - ok
11:44:51.0801 5860 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
11:44:51.0805 5860 DPS - ok
11:44:51.0936 5860 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:44:51.0940 5860 drmkaud - ok
11:44:52.0083 5860 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
11:44:52.0098 5860 DXGKrnl - ok
11:44:52.0215 5860 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:44:52.0220 5860 E1G60 - ok
11:44:52.0351 5860 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
11:44:52.0355 5860 EapHost - ok
11:44:52.0484 5860 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
11:44:52.0490 5860 Ecache - ok
11:44:52.0616 5860 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
11:44:52.0626 5860 eeCtrl - ok
11:44:52.0779 5860 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
11:44:52.0789 5860 elxstor - ok
11:44:53.0013 5860 EMDMgmt (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll
11:44:53.0027 5860 EMDMgmt - ok
11:44:53.0210 5860 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:44:53.0218 5860 EraserUtilRebootDrv - ok
11:44:53.0336 5860 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
11:44:53.0341 5860 ErrDev - ok
11:44:53.0509 5860 EventSystem (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll
11:44:53.0517 5860 EventSystem - ok
11:44:53.0660 5860 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
11:44:53.0665 5860 exfat - ok
11:44:53.0795 5860 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
11:44:53.0801 5860 fastfat - ok
11:44:53.0957 5860 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
11:44:53.0966 5860 fdc - ok
11:44:54.0093 5860 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
11:44:54.0097 5860 fdPHost - ok
11:44:54.0207 5860 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
11:44:54.0210 5860 FDResPub - ok
11:44:54.0300 5860 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:44:54.0304 5860 FileInfo - ok
11:44:54.0445 5860 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:44:54.0448 5860 Filetrace - ok
11:44:54.0499 5860 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
11:44:54.0502 5860 flpydisk - ok
11:44:54.0560 5860 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
11:44:54.0567 5860 FltMgr - ok
11:44:54.0721 5860 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:44:54.0723 5860 FontCache3.0.0.0 - ok
11:44:54.0840 5860 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
11:44:54.0843 5860 Fs_Rec - ok
11:44:54.0971 5860 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
11:44:54.0984 5860 FwLnk - ok
11:44:55.0032 5860 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
11:44:55.0036 5860 gagp30kx - ok
11:44:55.0201 5860 GameConsoleService (4fbccbdd99a75c9efbc90392cf32af61) C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
11:44:55.0208 5860 GameConsoleService - ok
11:44:55.0335 5860 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:44:55.0339 5860 GEARAspiWDM - ok
11:44:55.0469 5860 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
11:44:55.0472 5860 GoogleDesktopManager-051210-111108 - ok
11:44:55.0603 5860 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
11:44:55.0618 5860 gpsvc - ok
11:44:55.0720 5860 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
11:44:55.0727 5860 gupdate - ok
11:44:55.0769 5860 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
11:44:55.0772 5860 gupdatem - ok
11:44:55.0855 5860 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:44:55.0860 5860 gusvc - ok
11:44:55.0994 5860 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
11:44:56.0004 5860 HdAudAddService - ok
11:44:56.0145 5860 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:44:56.0149 5860 HDAudBus - ok
11:44:56.0195 5860 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:44:56.0198 5860 HidBth - ok
11:44:56.0312 5860 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:44:56.0315 5860 HidIr - ok
11:44:56.0373 5860 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
11:44:56.0377 5860 hidserv - ok
11:44:56.0489 5860 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
11:44:56.0493 5860 HidUsb - ok
11:44:56.0608 5860 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
11:44:56.0612 5860 hkmsvc - ok
11:44:56.0728 5860 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
11:44:56.0731 5860 HpCISSs - ok
11:44:56.0882 5860 hpqcxs08 (ed377b3c83fdea8d906109a085d219ba) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
11:44:56.0891 5860 hpqcxs08 - ok
11:44:57.0035 5860 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
11:44:57.0039 5860 hpqddsvc - ok
11:44:57.0193 5860 HPSLPSVC (6f9cb6539a1b2508bd1c53d29334431a) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
11:44:57.0212 5860 HPSLPSVC - ok
11:44:57.0405 5860 HTTP (33b02459e86d0a2b86a6b9fe19139390) C:\Windows\system32\drivers\HTTP.sys
11:44:57.0416 5860 HTTP - ok
11:44:57.0520 5860 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
11:44:57.0529 5860 i2omp - ok
11:44:57.0672 5860 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:44:57.0679 5860 i8042prt - ok
11:44:57.0749 5860 IAANTMON - ok
11:44:57.0900 5860 iaStor (26541a068572f650a2fa490726fe81be) C:\Windows\system32\DRIVERS\iaStor.sys
11:44:57.0907 5860 iaStor - ok
11:44:58.0014 5860 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:44:58.0022 5860 IAStorDataMgrSvc - ok
11:44:58.0175 5860 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
11:44:58.0183 5860 iaStorV - ok
11:44:58.0306 5860 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
11:44:58.0309 5860 IDriverT - ok
11:44:58.0454 5860 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:44:58.0478 5860 idsvc - ok
11:44:58.0655 5860 IDSVix86 (b6662611e8fa3a71473c4a9bd0d23755) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120413.001\IDSvix86.sys
11:44:58.0665 5860 IDSVix86 - ok
11:44:58.0860 5860 igfx (6fb1858d1f0923d122b0331865695041) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:44:58.0930 5860 igfx - ok
11:44:59.0055 5860 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:44:59.0060 5860 iirsp - ok
11:44:59.0205 5860 IKEEXT (a3bc480a2bf8aa8e4dabd2d5dce0afac) C:\Windows\System32\ikeext.dll
11:44:59.0218 5860 IKEEXT - ok
11:44:59.0433 5860 IntcAzAudAddService (b9cbd3dea7ca02868621173bf7a2af9f) C:\Windows\system32\drivers\RTKVHDA.sys
11:44:59.0481 5860 IntcAzAudAddService - ok
11:44:59.0590 5860 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:44:59.0594 5860 intelide - ok
11:44:59.0731 5860 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:44:59.0734 5860 intelppm - ok
11:44:59.0850 5860 IO_Memory - ok
11:44:59.0984 5860 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
11:44:59.0989 5860 IPBusEnum - ok
11:45:00.0118 5860 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:45:00.0121 5860 IpFilterDriver - ok
11:45:00.0201 5860 iphlpsvc (6a35d233693edc29a12742049bc5e37f) C:\Windows\System32\iphlpsvc.dll
11:45:00.0208 5860 iphlpsvc - ok
11:45:00.0297 5860 IpInIp - ok
11:45:00.0356 5860 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
11:45:00.0360 5860 IPMIDRV - ok
11:45:00.0514 5860 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:45:00.0518 5860 IPNAT - ok
11:45:00.0651 5860 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:45:00.0654 5860 IRENUM - ok
11:45:00.0783 5860 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
11:45:00.0787 5860 isapnp - ok
11:45:00.0918 5860 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
11:45:00.0924 5860 iScsiPrt - ok
11:45:01.0048 5860 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:45:01.0053 5860 iteatapi - ok
11:45:01.0184 5860 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:45:01.0188 5860 iteraid - ok
11:45:01.0287 5860 ITMRTSVC (54f694c6cd3a1149ba3a8bdacc83badc) C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
11:45:01.0294 5860 ITMRTSVC - ok
11:45:01.0421 5860 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:45:01.0424 5860 kbdclass - ok
11:45:01.0553 5860 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
11:45:01.0556 5860 kbdhid - ok
11:45:01.0673 5860 KeyIso (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
11:45:01.0683 5860 KeyIso - ok
11:45:01.0838 5860 KR10I (e8ca038f51f7761bd6e3a3b0b8014263) C:\Windows\system32\drivers\kr10i.sys
11:45:01.0845 5860 KR10I - ok
11:45:01.0974 5860 KR10N (6a4adb9186dd0e114e623daf57e42b31) C:\Windows\system32\drivers\kr10n.sys
11:45:01.0981 5860 KR10N - ok
11:45:02.0115 5860 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
11:45:02.0127 5860 KSecDD - ok
11:45:02.0247 5860 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
11:45:02.0265 5860 KtmRm - ok
11:45:02.0392 5860 LanmanServer (1925e63c91cf1610ae41bfd539062079) C:\Windows\system32\srvsvc.dll
11:45:02.0399 5860 LanmanServer - ok
11:45:02.0528 5860 LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll
11:45:02.0544 5860 LanmanWorkstation - ok
11:45:02.0596 5860 Lavasoft Kernexplorer - ok
11:45:02.0726 5860 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:45:02.0730 5860 lltdio - ok
11:45:02.0853 5860 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
11:45:02.0861 5860 lltdsvc - ok
11:45:02.0979 5860 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
11:45:02.0983 5860 lmhosts - ok
11:45:03.0178 5860 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
11:45:03.0184 5860 LSI_FC - ok
11:45:03.0304 5860 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
11:45:03.0314 5860 LSI_SAS - ok
11:45:03.0437 5860 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
11:45:03.0447 5860 LSI_SCSI - ok
11:45:03.0565 5860 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:45:03.0569 5860 luafv - ok
11:45:03.0724 5860 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
11:45:03.0725 5860 MBAMSwissArmy - ok
11:45:03.0871 5860 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
11:45:03.0875 5860 megasas - ok
11:45:04.0006 5860 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
11:45:04.0017 5860 MegaSR - ok
11:45:04.0168 5860 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:45:04.0173 5860 MMCSS - ok
11:45:04.0289 5860 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:45:04.0291 5860 Modem - ok
11:45:04.0428 5860 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:45:04.0439 5860 monitor - ok
11:45:04.0570 5860 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:45:04.0574 5860 mouclass - ok
11:45:04.0703 5860 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:45:04.0707 5860 mouhid - ok
11:45:04.0831 5860 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:45:04.0835 5860 MountMgr - ok
11:45:04.0973 5860 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
11:45:04.0978 5860 mpio - ok
11:45:05.0095 5860 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:45:05.0099 5860 mpsdrv - ok
11:45:05.0230 5860 MpsSvc (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll
11:45:05.0241 5860 MpsSvc - ok
11:45:05.0375 5860 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:45:05.0378 5860 Mraid35x - ok
11:45:05.0522 5860 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
11:45:05.0527 5860 MRxDAV - ok
11:45:05.0646 5860 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:45:05.0651 5860 mrxsmb - ok
11:45:05.0818 5860 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:45:05.0825 5860 mrxsmb10 - ok
11:45:05.0937 5860 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:45:05.0942 5860 mrxsmb20 - ok
11:45:06.0066 5860 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
11:45:06.0071 5860 msahci - ok
11:45:06.0214 5860 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
11:45:06.0218 5860 msdsm - ok
11:45:06.0333 5860 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
11:45:06.0340 5860 MSDTC - ok
11:45:06.0430 5860 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:45:06.0434 5860 Msfs - ok
11:45:06.0564 5860 msisadrv (1e00b9b8601f24a96ad71a7d0fc5f136) C:\Windows\system32\drivers\msisadrv.sys
11:45:06.0568 5860 msisadrv - ok
11:45:06.0687 5860 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
11:45:06.0694 5860 MSiSCSI - ok
11:45:06.0790 5860 msiserver - ok
11:45:06.0852 5860 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:45:06.0856 5860 MSKSSRV - ok
11:45:06.0980 5860 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:45:06.0983 5860 MSPCLOCK - ok
11:45:07.0100 5860 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:45:07.0104 5860 MSPQM - ok
11:45:07.0158 5860 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
11:45:07.0165 5860 MsRPC - ok
11:45:07.0303 5860 mssmbios (215634cf935b696e3ebca813d02e9165) C:\Windows\system32\DRIVERS\mssmbios.sys
11:45:07.0314 5860 mssmbios - ok
11:45:07.0444 5860 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:45:07.0447 5860 MSTEE - ok
11:45:07.0563 5860 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
11:45:07.0573 5860 Mup - ok
11:45:07.0707 5860 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
11:45:07.0711 5860 N360 - ok
11:45:07.0826 5860 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
11:45:07.0837 5860 napagent - ok
11:45:07.0969 5860 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
11:45:07.0975 5860 NativeWifiP - ok
11:45:08.0163 5860 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120415.016\NAVENG.SYS
11:45:08.0168 5860 NAVENG - ok
11:45:08.0397 5860 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120415.016\NAVEX15.SYS
11:45:08.0434 5860 NAVEX15 - ok
11:45:08.0567 5860 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
11:45:08.0581 5860 NDIS - ok
11:45:08.0727 5860 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:45:08.0731 5860 NdisTapi - ok
11:45:08.0844 5860 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:45:08.0848 5860 Ndisuio - ok
11:45:08.0971 5860 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
11:45:08.0982 5860 NdisWan - ok
11:45:09.0101 5860 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:45:09.0105 5860 NDProxy - ok
11:45:09.0239 5860 Net Driver HPZ12 (949941e4de88df1faf49a4b3cffb756f) C:\Windows\system32\HPZinw12.dll
11:45:09.0250 5860 Net Driver HPZ12 - ok
11:45:09.0365 5860 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:45:09.0368 5860 NetBIOS - ok
11:45:09.0492 5860 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
11:45:09.0498 5860 netbt - ok
11:45:09.0618 5860 Netlogon (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
11:45:09.0621 5860 Netlogon - ok
11:45:09.0745 5860 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
11:45:09.0755 5860 Netman - ok
11:45:09.0878 5860 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
11:45:09.0887 5860 netprofm - ok
11:45:10.0008 5860 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:45:10.0014 5860 NetTcpPortSharing - ok
11:45:10.0118 5860 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:45:10.0121 5860 nfrd960 - ok
11:45:10.0238 5860 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
11:45:10.0246 5860 NlaSvc - ok
11:45:10.0363 5860 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
11:45:10.0374 5860 Npfs - ok
11:45:10.0487 5860 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
11:45:10.0493 5860 nsi - ok
11:45:10.0599 5860 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:45:10.0608 5860 nsiproxy - ok
11:45:10.0809 5860 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
11:45:10.0835 5860 Ntfs - ok
11:45:11.0202 5860 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:45:11.0208 5860 ntrigdigi - ok
11:45:11.0410 5860 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:45:11.0413 5860 Null - ok
11:45:11.0727 5860 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
11:45:11.0732 5860 nvraid - ok
11:45:11.0914 5860 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
11:45:11.0917 5860 nvstor - ok
11:45:12.0144 5860 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
11:45:12.0149 5860 nv_agp - ok
11:45:12.0387 5860 NwlnkFlt - ok
11:45:12.0653 5860 NwlnkFwd - ok
11:45:12.0839 5860 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:45:12.0850 5860 odserv - ok
11:45:12.0986 5860 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
11:45:12.0990 5860 ohci1394 - ok
11:45:13.0099 5860 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:45:13.0104 5860 ose - ok
11:45:13.0263 5860 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
11:45:13.0283 5860 p2pimsvc - ok
11:45:13.0326 5860 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
11:45:13.0339 5860 p2psvc - ok
11:45:13.0459 5860 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
11:45:13.0464 5860 Parport - ok
11:45:13.0591 5860 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
11:45:13.0596 5860 partmgr - ok
11:45:13.0724 5860 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
11:45:13.0727 5860 Parvdm - ok
11:45:13.0858 5860 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
11:45:13.0863 5860 PcaSvc - ok
11:45:13.0980 5860 pci (eca39351296d905baa4fa3244c152b00) C:\Windows\system32\drivers\pci.sys
11:45:13.0985 5860 pci - ok
11:45:14.0091 5860 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\DRIVERS\pciide.sys
11:45:14.0095 5860 pciide - ok
11:45:14.0211 5860 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
11:45:14.0217 5860 pcmcia - ok
11:45:14.0377 5860 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:45:14.0400 5860 PEAUTH - ok
11:45:14.0643 5860 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
11:45:14.0683 5860 pla - ok
11:45:14.0798 5860 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
11:45:14.0808 5860 PlugPlay - ok
11:45:14.0930 5860 Pml Driver HPZ12 (2f4ca141a609caf5c98f6e4760ef1b9b) C:\Windows\system32\HPZipm12.dll
11:45:14.0935 5860 Pml Driver HPZ12 - ok
11:45:15.0069 5860 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
11:45:15.0095 5860 PNRPAutoReg - ok
11:45:15.0138 5860 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
11:45:15.0152 5860 PNRPsvc - ok
11:45:15.0271 5860 PolicyAgent (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll
11:45:15.0282 5860 PolicyAgent - ok
11:45:15.0409 5860 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:45:15.0419 5860 PptpMiniport - ok
11:45:15.0526 5860 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
11:45:15.0535 5860 Processor - ok
11:45:15.0653 5860 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
11:45:15.0660 5860 ProfSvc - ok
11:45:15.0773 5860 ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
11:45:15.0777 5860 ProtectedStorage - ok
11:45:15.0906 5860 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
11:45:15.0911 5860 PSched - ok
11:45:16.0047 5860 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
11:45:16.0051 5860 PxHelp20 - ok
11:45:16.0233 5860 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
11:45:16.0259 5860 ql2300 - ok
11:45:16.0405 5860 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:45:16.0410 5860 ql40xx - ok
11:45:16.0526 5860 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
11:45:16.0536 5860 QWAVE - ok
11:45:16.0651 5860 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:45:16.0660 5860 QWAVEdrv - ok
11:45:16.0775 5860 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:45:16.0778 5860 RasAcd - ok
11:45:16.0827 5860 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
11:45:16.0835 5860 RasAuto - ok
11:45:16.0969 5860 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:45:16.0973 5860 Rasl2tp - ok
11:45:17.0096 5860 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
11:45:17.0105 5860 RasMan - ok
11:45:17.0220 5860 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
11:45:17.0231 5860 RasPppoe - ok
11:45:17.0285 5860 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
11:45:17.0292 5860 RasSstp - ok
11:45:17.0408 5860 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
11:45:17.0429 5860 rdbss - ok
11:45:17.0564 5860 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:45:17.0567 5860 RDPCDD - ok
11:45:17.0689 5860 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
11:45:17.0702 5860 rdpdr - ok
11:45:17.0812 5860 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:45:17.0817 5860 RDPENCDD - ok
11:45:17.0883 5860 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
11:45:17.0889 5860 RDPWD - ok
11:45:18.0057 5860 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
11:45:18.0061 5860 RemoteAccess - ok
11:45:18.0242 5860 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
11:45:18.0250 5860 RemoteRegistry - ok
11:45:18.0366 5860 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
11:45:18.0373 5860 RpcLocator - ok
11:45:18.0452 5860 RpcSs (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
11:45:18.0466 5860 RpcSs - ok
11:45:18.0592 5860 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:45:18.0596 5860 rspndr - ok
11:45:18.0721 5860 RTL8169 (7157e70a90cce49deb8885d23a073a39) C:\Windows\system32\DRIVERS\Rtlh86.sys
11:45:18.0734 5860 RTL8169 - ok
11:45:18.0826 5860 RTL8187B (b71d269b9ab5417963e986126c12b9fc) C:\Windows\system32\DRIVERS\RTL8187B.sys
11:45:18.0835 5860 RTL8187B - ok
11:45:18.0963 5860 RtlProt (0d60b8c10a2c5e8dd620b3fdeb1cda64) C:\Windows\system32\DRIVERS\rtlprot.sys
11:45:18.0980 5860 RtlProt - ok
11:45:19.0114 5860 RTSTOR (f5825e41286556ddb8cc83a91d88f3c6) C:\Windows\system32\drivers\RTSTOR.SYS
11:45:19.0124 5860 RTSTOR - ok
11:45:19.0262 5860 SamSs (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
11:45:19.0266 5860 SamSs - ok
11:45:19.0380 5860 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
11:45:19.0386 5860 SASDIFSV - ok
11:45:19.0425 5860 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
11:45:19.0428 5860 SASKUTIL - ok
11:45:19.0568 5860 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:45:19.0573 5860 sbp2port - ok
11:45:19.0719 5860 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
11:45:19.0725 5860 SCardSvr - ok
11:45:19.0804 5860 Schedule (7b587b8a6d4a99f79d2902d0385f29bd) C:\Windows\system32\schedsvc.dll
11:45:19.0834 5860 Schedule - ok
11:45:19.0947 5860 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
11:45:19.0949 5860 SCPolicySvc - ok
11:45:20.0028 5860 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
11:45:20.0034 5860 SDRSVC - ok
11:45:20.0160 5860 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:45:20.0164 5860 secdrv - ok
11:45:20.0300 5860 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
11:45:20.0305 5860 seclogon - ok
11:45:20.0441 5860 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
11:45:20.0447 5860 SENS - ok
11:45:20.0556 5860 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
11:45:20.0560 5860 Serenum - ok
11:45:20.0669 5860 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
11:45:20.0676 5860 Serial - ok
11:45:20.0825 5860 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:45:20.0834 5860 sermouse - ok
11:45:20.0954 5860 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
11:45:20.0960 5860 SessionEnv - ok
11:45:21.0075 5860 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
11:45:21.0083 5860 sffdisk - ok
11:45:21.0189 5860 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
11:45:21.0192 5860 sffp_mmc - ok
11:45:21.0248 5860 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
11:45:21.0251 5860 sffp_sd - ok
11:45:21.0283 5860 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:45:21.0286 5860 sfloppy - ok
11:45:21.0363 5860 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
11:45:21.0373 5860 SharedAccess - ok
11:45:21.0497 5860 ShellHWDetection (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\System32\shsvcs.dll
11:45:21.0507 5860 ShellHWDetection - ok
11:45:21.0622 5860 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
11:45:21.0626 5860 sisagp - ok
11:45:21.0804 5860 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
11:45:21.0808 5860 SiSRaid2 - ok
11:45:21.0928 5860 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
11:45:21.0933 5860 SiSRaid4 - ok
11:45:22.0167 5860 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
11:45:22.0346 5860 slsvc - ok
11:45:22.0479 5860 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
11:45:22.0493 5860 SLUINotify - ok
11:45:22.0617 5860 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
11:45:22.0621 5860 Smb - ok
11:45:22.0851 5860 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
11:45:22.0862 5860 SNMPTRAP - ok
11:45:22.0978 5860 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:45:22.0983 5860 spldr - ok
11:45:23.0106 5860 Spooler (3665f79026a3f91fbca63f2c65a09b19) C:\Windows\System32\spoolsv.exe
11:45:23.0114 5860 Spooler - ok
11:45:23.0361 5860 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\N360\0502000.00D\SRTSP.SYS
11:45:23.0382 5860 SRTSP - ok
11:45:23.0573 5860 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\N360\0502000.00D\SRTSPX.SYS
11:45:23.0578 5860 SRTSPX - ok
11:45:23.0781 5860 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
11:45:23.0790 5860 srv - ok
11:45:23.0867 5860 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
11:45:23.0872 5860 srv2 - ok
11:45:24.0000 5860 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
11:45:24.0005 5860 srvnet - ok
11:45:24.0128 5860 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
11:45:24.0141 5860 SSDPSRV - ok
11:45:24.0259 5860 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
11:45:24.0266 5860 SstpSvc - ok
11:45:24.0345 5860 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
11:45:24.0354 5860 StillCam - ok
11:45:24.0488 5860 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
11:45:24.0504 5860 stisvc - ok
11:45:24.0644 5860 SVRPEDRV (3e4239b92139f7174a0da7d53fe5e1ab) C:\Windows\System32\sysprep\PEDrv.sys
11:45:24.0655 5860 SVRPEDRV - ok
11:45:24.0776 5860 swenum (97e089971a6aba49ad5592bd6298e416) C:\Windows\system32\DRIVERS\swenum.sys
11:45:24.0780 5860 swenum - ok
11:45:24.0842 5860 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
11:45:24.0852 5860 swprv - ok
11:45:25.0009 5860 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:45:25.0012 5860 Symc8xx - ok
11:45:25.0192 5860 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\N360\0502000.00D\SYMDS.SYS
11:45:25.0203 5860 SymDS - ok
11:45:25.0416 5860 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\N360\0502000.00D\SYMEFA.SYS
11:45:25.0449 5860 SymEFA - ok
11:45:25.0568 5860 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
11:45:25.0572 5860 SymEvent - ok
11:45:25.0784 5860 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\N360\0502000.00D\Ironx86.SYS
11:45:25.0789 5860 SymIRON - ok
11:45:25.0963 5860 SYMTDIv (d42a7229e333af725f1445f785e4658d) C:\Windows\System32\Drivers\N360\0502000.00D\SYMTDIV.SYS
11:45:25.0974 5860 SYMTDIv - ok
11:45:26.0085 5860 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:45:26.0089 5860 Sym_hi - ok
11:45:26.0230 5860 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:45:26.0234 5860 Sym_u3 - ok
11:45:26.0366 5860 SynTP (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys
11:45:26.0372 5860 SynTP - ok
11:45:26.0450 5860 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
11:45:26.0466 5860 SysMain - ok
11:45:26.0583 5860 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
11:45:26.0589 5860 TabletInputService - ok
11:45:26.0769 5860 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
11:45:26.0778 5860 TapiSrv - ok
11:45:26.0833 5860 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
11:45:26.0840 5860 TBS - ok
11:45:26.0971 5860 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
11:45:26.0990 5860 Tcpip - ok
11:45:27.0148 5860 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
11:45:27.0162 5860 Tcpip6 - ok
11:45:27.0306 5860 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
11:45:27.0309 5860 tcpipreg - ok
11:45:27.0458 5860 tdcmdpst (6fdfba25002ce4bac463ac866ae71405) C:\Windows\system32\DRIVERS\tdcmdpst.sys
11:45:27.0462 5860 tdcmdpst - ok
11:45:27.0581 5860 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:45:27.0584 5860 TDPIPE - ok
11:45:27.0757 5860 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:45:27.0760 5860 TDTCP - ok
11:45:27.0809 5860 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
11:45:27.0814 5860 tdx - ok
11:45:27.0934 5860 TermDD (718b2f4355cd8eb2844741addac0e622) C:\Windows\system32\DRIVERS\termdd.sys
11:45:27.0944 5860 TermDD - ok
11:45:28.0130 5860 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
11:45:28.0140 5860 TermService - ok
11:45:28.0264 5860 Themes (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\system32\shsvcs.dll
11:45:28.0273 5860 Themes - ok
11:45:28.0445 5860 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:45:28.0449 5860 THREADORDER - ok
11:45:28.0578 5860 TNaviSrv (89f74c86523f5e334628dbce66e6d165) C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
11:45:28.0583 5860 TNaviSrv - ok
11:45:28.0723 5860 TODDSrv (c5ac715b65b01788abc22d10749dddd8) C:\Windows\system32\TODDSrv.exe
11:45:28.0730 5860 TODDSrv - ok
11:45:28.0881 5860 TosCoSrv (44dbac611b11646683b5b066a049b8e4) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
11:45:28.0899 5860 TosCoSrv - ok
11:45:28.0947 5860 TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
11:45:28.0951 5860 TOSHIBA SMART Log Service - ok
11:45:29.0068 5860 tos_sps32 (4399a9bf7d8f49991a07fd86590a1619) C:\Windows\system32\DRIVERS\tos_sps32.sys
11:45:29.0077 5860 tos_sps32 - ok
11:45:29.0191 5860 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
11:45:29.0204 5860 TrkWks - ok
11:45:29.0302 5860 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
11:45:29.0306 5860 TrustedInstaller - ok
11:45:29.0399 5860 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:45:29.0409 5860 tssecsrv - ok
11:45:29.0518 5860 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:45:29.0522 5860 tunmp - ok
11:45:29.0669 5860 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
11:45:29.0672 5860 tunnel - ok
11:45:29.0836 5860 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
11:45:29.0840 5860 TVALZ - ok
11:45:29.0887 5860 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
11:45:29.0891 5860 uagp35 - ok
11:45:30.0028 5860 udfs (c985b36e127ea9b8a92396120bff52d8) C:\Windows\system32\DRIVERS\udfs.sys
11:45:30.0036 5860 udfs - ok
11:45:30.0168 5860 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
11:45:30.0177 5860 UI0Detect - ok
11:45:30.0312 5860 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
11:45:30.0314 5860 UleadBurningHelper - ok
11:45:30.0439 5860 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
11:45:30.0443 5860 uliagpkx - ok
11:45:30.0575 5860 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
11:45:30.0582 5860 uliahci - ok
11:45:30.0706 5860 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:45:30.0711 5860 UlSata - ok
11:45:30.0881 5860 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:45:30.0886 5860 ulsata2 - ok
11:45:30.0989 5860 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:45:31.0010 5860 umbus - ok
11:45:31.0065 5860 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
11:45:31.0075 5860 upnphost - ok
11:45:31.0226 5860 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
11:45:31.0230 5860 USBAAPL - ok
11:45:31.0396 5860 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
11:45:31.0401 5860 usbccgp - ok
11:45:31.0535 5860 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:45:31.0546 5860 usbcir - ok
11:45:31.0670 5860 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
11:45:31.0681 5860 usbehci - ok
11:45:31.0851 5860 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
11:45:31.0858 5860 usbhub - ok
11:45:31.0972 5860 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
11:45:31.0976 5860 usbohci - ok
11:45:32.0107 5860 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
11:45:32.0110 5860 usbprint - ok
11:45:32.0230 5860 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
11:45:32.0235 5860 usbscan - ok
11:45:32.0409 5860 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:45:32.0413 5860 USBSTOR - ok
11:45:32.0517 5860 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:45:32.0522 5860 usbuhci - ok
11:45:32.0652 5860 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
11:45:32.0657 5860 usbvideo - ok
11:45:32.0817 5860 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
11:45:32.0823 5860 UxSms - ok
11:45:32.0943 5860 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
11:45:32.0959 5860 vds - ok
11:45:33.0074 5860 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
11:45:33.0077 5860 vga - ok
11:45:33.0206 5860 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:45:33.0210 5860 VgaSave - ok
11:45:33.0422 5860 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
11:45:33.0426 5860 viaagp - ok
11:45:33.0520 5860 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
11:45:33.0524 5860 ViaC7 - ok
11:45:33.0572 5860 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
11:45:33.0576 5860 viaide - ok
11:45:33.0676 5860 volmgr (bdd98bbe7323fc0975a26373d8050471) C:\Windows\system32\drivers\volmgr.sys
11:45:33.0683 5860 volmgr - ok
11:45:33.0844 5860 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
11:45:33.0853 5860 volmgrx - ok
11:45:34.0001 5860 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
11:45:34.0008 5860 volsnap - ok
11:45:34.0128 5860 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
11:45:34.0133 5860 vsmraid - ok
11:45:34.0315 5860 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
11:45:34.0344 5860 VSS - ok
11:45:34.0476 5860 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
11:45:34.0488 5860 W32Time - ok
11:45:34.0628 5860 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:45:34.0633 5860 WacomPen - ok
11:45:34.0763 5860 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:45:34.0768 5860 Wanarp - ok
11:45:34.0787 5860 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:45:34.0790 5860 Wanarpv6 - ok
11:45:34.0922 5860 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
11:45:34.0936 5860 wcncsvc - ok
11:45:35.0032 5860 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
11:45:35.0038 5860 WcsPlugInService - ok
11:45:35.0098 5860 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
11:45:35.0102 5860 Wd - ok
11:45:35.0244 5860 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
11:45:35.0259 5860 Wdf01000 - ok
11:45:35.0377 5860 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:45:35.0384 5860 WdiServiceHost - ok
11:45:35.0409 5860 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:45:35.0421 5860 WdiSystemHost - ok
11:45:35.0489 5860 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
11:45:35.0498 5860 WebClient - ok
11:45:35.0619 5860 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
11:45:35.0628 5860 Wecsvc - ok
11:45:35.0739 5860 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
11:45:35.0746 5860 wercplsupport - ok
11:45:35.0871 5860 WerSvc (fd1965aaa112c6818a30ab02742d0461) C:\Windows\System32\WerSvc.dll
11:45:35.0879 5860 WerSvc - ok
11:45:35.0974 5860 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
11:45:35.0982 5860 WinDefend - ok
11:45:36.0022 5860 WinHttpAutoProxySvc - ok
11:45:36.0173 5860 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
11:45:36.0178 5860 Winmgmt - ok
11:45:36.0354 5860 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
11:45:36.0386 5860 WinRM - ok
11:45:36.0558 5860 Wlansvc (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll
11:45:36.0575 5860 Wlansvc - ok
11:45:36.0692 5860 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
11:45:36.0696 5860 WmiAcpi - ok
11:45:36.0856 5860 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
11:45:36.0861 5860 wmiApSrv - ok
11:45:37.0000 5860 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
11:45:37.0022 5860 WMPNetworkSvc - ok
11:45:37.0129 5860 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
11:45:37.0144 5860 WPCSvc - ok
11:45:37.0253 5860 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
11:45:37.0266 5860 WPDBusEnum - ok
11:45:37.0465 5860 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:45:37.0482 5860 WPFFontCache_v0400 - ok
11:45:37.0602 5860 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:45:37.0605 5860 ws2ifsl - ok
11:45:37.0729 5860 wscsvc (683dd16b590372f2c9661d277f35e49c) C:\Windows\System32\wscsvc.dll
11:45:37.0736 5860 wscsvc - ok
11:45:37.0880 5860 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
11:45:37.0884 5860 WSDPrintDevice - ok
11:45:37.0971 5860 WSearch - ok
11:45:38.0109 5860 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
11:45:38.0153 5860 wuauserv - ok
11:45:38.0283 5860 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
11:45:38.0290 5860 wudfsvc - ok
11:45:38.0376 5860 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
11:45:38.0432 5860 \Device\Harddisk0\DR0 - ok
11:45:38.0462 5860 Boot (0x1200) (2dfa8e1cb655e53438573e974361969f) \Device\Harddisk0\DR0\Partition0
11:45:38.0469 5860 \Device\Harddisk0\DR0\Partition0 - ok
11:45:38.0476 5860 ============================================================
11:45:38.0477 5860 Scan finished
11:45:38.0477 5860 ============================================================
11:45:38.0527 5212 Detected object count: 0
11:45:38.0527 5212 Actual detected object count: 0 |
|
| Back to top |
|
|
Cypher
Moderator
Joined: 05 Jul 2009
Last Visit: 25 May 2013
Posts: 4051
Location: Land Of The Leprechauns
|
| Posted: Mon Apr 16, 2012 10:10 am Post subject: |
|
|
Hi akbode,
| Quote: |
| Thanks for your help. |
You're welcome.
| Quote: |
| I keep being redirected to advertising pages when I click on a link after doing a search. |
Does this happen when using Internet Explorer and Firefox?, let me know in your next reply.
We need to get some additional scans.
Please download OTL by Old Timer and save it to your Desktop.
- Right click on OTL.exe And select Run as administrator to run it.
- Under Output, ensure that Standard Output is selected.
- Under Extra Registry section, select Use SafeList.
- Click the Scan All Users checkbox.
- Click on Run Scan at the top left hand corner.
- When done, two Notepad files will open.
- OTL.txt <-- Will be opened
Extra.txt <-- Will be minimized
- Please post the contents of these 2 Notepad files in your next reply.
Next.
Please download aswMBR and save it to your Desktop.
- Right click aswMBR.exe & choose "Run as Administrator" to run it.
- Click Yes to the prompt to download Avast! virus definitions.
(Please be patient whilst the virus definitions download)
- With the AVscan set to Quick Scan, click the Scan button.
(Please be patient whilst your computer is scanned.)
- After a while when the scan reports "Scan finished successfully", click Save log & save the log to your desktop.
- Click OK > Exit.
- Note: Do not attempt to fix anything at this stage!
- Two files will be created, aswMBR.txt & a file named MBR.dat.
- MBR.dat is a backup of the MBR(master boot record), do not delete it..
- I strongly suggest you keep a copy of this backup stored on an external device.
- Copy & Paste the contents of aswMBR.txt into your next reply.
Logs/Information to Post in your Next Reply
- aswMBR.txt
- OTL.txt and Extra.txt contents.
- Do the redirected searches happen when using Internet Explor and Firefox?
_________________
Admin/Teacher at Malware Removal University
Member of...
|
|
| Back to top |
|
|
akbode
Newbie
Joined: 15 Apr 2012
Last Visit: 19 Apr 2012
Posts: 6
|
| Posted: Mon Apr 16, 2012 1:21 pm Post subject: ok |
|
|
I can not get the OLT scan to complete the quick scan. It keeps "not responding".
I am working on the avast one.
I almost never use IE, I tried to search on it today after I got your message and did not have any issues, but even on firefox I do not get redirected every time (about 75% of the time though).
Thanks so much for your time and talent! |
|
| Back to top |
|
|
akbode
Newbie
Joined: 15 Apr 2012
Last Visit: 19 Apr 2012
Posts: 6
|
| Posted: Mon Apr 16, 2012 5:15 pm Post subject: Avast log |
|
|
I still can not get the OLT to run.
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-16 18:09:52
-----------------------------
18:09:52.609 OS Version: Windows 6.0.6001 Service Pack 1
18:09:52.610 Number of processors: 1 586 0x170A
18:09:52.613 ComputerName: ANNE-PC UserName: Anne
18:09:53.586 Initialize success
18:10:13.229 AVAST engine defs: 12041600
18:12:20.335 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:12:20.349 Disk 0 Vendor: TOSHIBA_ FG01 Size: 152627MB BusType: 3
18:12:20.373 Disk 0 MBR read successfully
18:12:20.383 Disk 0 MBR scan
18:12:20.432 Disk 0 Windows VISTA default MBR code
18:12:20.440 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
18:12:20.472 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 143737 MB offset 3074048
18:12:20.507 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 7389 MB offset 297447424
18:12:20.551 Disk 0 scanning sectors +312580096
18:12:20.690 Disk 0 scanning C:\Windows\system32\drivers
18:12:42.907 Service scanning
18:13:33.266 Modules scanning
18:14:01.412 Disk 0 trace - called modules:
18:14:01.453 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:14:01.464 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8640bac8]
18:14:01.489 3 CLASSPNP.SYS[8797b745] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x84911028]
18:14:02.396 AVAST engine scan C:\Windows
18:14:09.308 AVAST engine scan C:\Windows\system32
18:19:12.898 AVAST engine scan C:\Windows\system32\drivers
18:19:38.799 AVAST engine scan C:\Users\Anne
18:22:51.006 AVAST engine scan C:\ProgramData
18:29:03.336 Scan finished successfully
18:38:19.082 Disk 0 MBR has been saved successfully to "C:\Users\Anne\Documents\MBR.dat"
18:38:19.140 The log file has been saved successfully to "C:\Users\Anne\Documents\aswMBR.txt"
19:12:22.830 Disk 0 MBR has been saved successfully to "C:\Users\Anne\Documents\MBR.dat"
19:12:22.875 The log file has been saved successfully to "C:\Users\Anne\Documents\aswMBR.txt" |
|
| Back to top |
|
|
Cypher
Moderator
Joined: 05 Jul 2009
Last Visit: 25 May 2013
Posts: 4051
Location: Land Of The Leprechauns
|
| Posted: Tue Apr 17, 2012 1:54 am Post subject: |
|
|
Hi akbode,
| Quote: |
| Thanks so much for your time and talent! |
You're most welcome.
| Quote: |
| I can not get the OLT scan to complete the quick scan. It keeps "not responding". |
No problem we can come back to that if needed.
| Quote: |
| I almost never use IE, I tried to search on it today after I got your message and did not have any issues, but even on firefox I do not get redirected every time (about 75% of the time though). |
Ok lets try reinstalling FireFox first to see if that solves the problem, we will Backup your Firefox Bookmarks first.
Make a Backup of Firefox Bookmarks
- Please open your FireFox browser.
- Click the Bookmarks button on the navigation toolbar and select Show All Bookmarks to open the Library window.
- In the Library window, click the Import and Backup button and then select Backup....
- In the Bookmarks backup filename window that opens, choose a your Desktop as a location to save the file, which is named bookmarks-"date".json by default.
- Save the bookmarks json file. The Bookmarks backup filename window will close and you can close the Library window.
Next.
Please download a fresh copy of Firefox
- Using Internet Explorer download FireFox from Here.
- Save it to your desktop.
Next.
Uninstall Firefox
- Click on Start.
- All programs.
- Accessories.
- Run.
- In the open text box copy/paste appwiz.cpl Then click Ok.
- Uninstall the following if present.
| Quote: |
| Mozilla Firefox 8.0 |
Next.
Install Firefox
- Right click on Firefox Setup 11.0.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
- Then follow installation prompts...
Next.
Restore your Firefox Bookmarks
- Please open your FireFox browser.
- Click the Bookmarks button on the navigation toolbar and select Show All Bookmarks to open the Library window.
- In the Library window, click the Import and Backup button and then select Restore....
- Choose bookmarks .json file you saved on your Desktop.
- After choosing a backup, your bookmarks from that file will be restored. Close the Library window.
Now try using FireFox and let me know if your searches are still redirected.
_________________
Admin/Teacher at Malware Removal University
Member of...
|
|
| Back to top |
|
|
akbode
Newbie
Joined: 15 Apr 2012
Last Visit: 19 Apr 2012
Posts: 6
|
| Posted: Tue Apr 17, 2012 6:04 am Post subject: Great |
|
|
| Thanks so much, so far the reinstall of firefox seems to be working. I can't thank you enough. I will use it a bit more and make sure I don't get redirected. |
|
| Back to top |
|
|
Cypher
Moderator
Joined: 05 Jul 2009
Last Visit: 25 May 2013
Posts: 4051
Location: Land Of The Leprechauns
|
| Posted: Tue Apr 17, 2012 7:06 am Post subject: |
|
|
Hi akbode,
| Quote: |
| so far the reinstall of firefox seems to be working. I can't thank you enough. I will use it a bit more and make sure I don't get redirected. |
If reinstalling FF solved the problem, most likely a bad extension was the cause of the redirects.
Let me know if you get any more redirected searches.
I need you to run one more scan for me just to be sure, we also need to do a couple of updates.
Uninstall programs
- Click on Start.
- All programs.
- Accessories.
- Run.
- In the open text box copy/paste appwiz.cpl Then click Ok.
- Uninstall the following if present.
| Quote: |
Coupon Printer for Windows << Uninstall if you don't use.
Java(TM) 6 Update 21
Java(TM) 6 Update 6 |
Next.
Java SE Runtime Environment (JRE).
Please download from HERE
- Find Java SE 7u3.
- Click the Download JRE button to the right.
- Choose the correct Platform and Multi-language. Next, check the box that says I agree to the Java SE Runtime Environment 6 License Agreement.
- Click the Continue button.
- Click on the filename under Windows Offline Installation and save it to your desktop.
- Close all active windows.
- Install the program.
Next.
Update Adobe Reader
- You should Download and Install the newest version of Adobe Reader for reading pdf files.
- Older versions may have vulnerabilities that malware can use to infect your system.
- Go Here to download and install Adobe Reader X (10.1.3).
Next.
ESET online scannner
Note: You can use either Internet Explorer or Mozilla FireFox for this scan.
Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
- First please Disable any Antivirus you have active, as shown in This topic.
- Note: Don't forget to re-enable it after the scan.
- Next hold down Control then click on the following link to open a new window to ESET online scannner
- Select the option YES, I accept the Terms of Use then click on Start.
| Quote: |
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox. |
When prompted allow the Add-On/Active X to install.
Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
Now click on Advanced Settings and select the following:- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
- Now click on Start.
- The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
- When completed the Online Scan will begin automatically.
- Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
- When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
- Now click on Finish.
- Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
- Copy and paste that log as a reply to this topic.
Logs/Information to Post in your Next Reply
- ESET log.
- Please give me an update on your computers performance.
_________________
Admin/Teacher at Malware Removal University
Member of...
|
|
| Back to top |
|
|
akbode
Newbie
Joined: 15 Apr 2012
Last Visit: 19 Apr 2012
Posts: 6
|
| Posted: Thu Apr 19, 2012 5:54 am Post subject: Thanks!! |
|
|
My computer seems to be better! Thanks so much, you are awesome!
Here is the log:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=6c4b914bb90959458562432bbc410bdd
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-04-19 06:07:15
# local_time=2012-04-19 12:07:15 (-0700, Mountain Daylight Time)
# country="United States"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=3584 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 61953177 171409013 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=164630
# found=0
# cleaned=0
# scan_time=14196 |
|
| Back to top |
|
|
Cypher
Moderator
Joined: 05 Jul 2009
Last Visit: 25 May 2013
Posts: 4051
Location: Land Of The Leprechauns
|
| Posted: Thu Apr 19, 2012 6:54 am Post subject: |
|
|
Hi akbode,
| Quote: |
| My computer seems to be better! Thanks so much, you are awesome! |
Great news and you're welcome, glad we could help.
The good news is your latest set of logs appear to be clean!
This is my general post for when your logs show no more signs of malware.
Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:
You can now delete OLT,TDSSKiller and aswMBR from your desktop.
I recommend you keep Malwarebytes' Anti-Malware, keep it updated and run it once a week.
Protection Programs
Don't forget to re-enable any protection programs we disabled during your fix.
Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check
Microsoft Windows Update
Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Install the updates immediately if they are found.
To update Windows
Go to Start > All Programs > Windows Update > Check for updates.
To update Office
Open up any Office program.
Go to Help > Check for Updates
I would be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.
Safe surfing!
_________________
Admin/Teacher at Malware Removal University
Member of...
|
|
| Back to top |
|
|
Cypher
Moderator
Joined: 05 Jul 2009
Last Visit: 25 May 2013
Posts: 4051
Location: Land Of The Leprechauns
|
| Posted: Fri Apr 20, 2012 6:19 am Post subject: |
|
|
| Quote: |
As your issues appear to be resolved, this topic is now closed.
If you have been helped and wish to donate to help with the costs of this volunteer site, please read Spyware Warrior Donations |
_________________
Admin/Teacher at Malware Removal University
Member of...
|
|
| Back to top |
|
|
|
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group
|
