Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Something up with Google Search


  • Please log in to reply
4 replies to this topic

#1 johnhock

johnhock

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 28 March 2012 - 11:05 AM

Hey guys,

I'm not having any overt problems but I can tell from the Google search results on this machine that something somewhere is up to no good. It's pretty sneaky. The results I get from this machine do not match those that I get from other machines performing the same search from the same connection. Also, I get the "404 Not Found - nginx" error when I try to right-click from one of the Google results. Malwarebytes does not seem to do the trick.

Suggestions?

Thanks,

John Hock

Edited by Budapest, 28 March 2012 - 07:15 PM.
Moved from Virus, Trojan, Spyware, and Malware Removal Logs ~Budapest


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:14 AM

Posted 28 March 2012 - 08:24 PM

Your hosts file has been hijacked ,before that lets make sure PC is clean

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Edited by narenxp, 28 March 2012 - 08:24 PM.


#3 PD!

PD!

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:07:14 AM

Posted 29 March 2012 - 12:55 AM

I just fixed the same problem using Norton's Power Eraser http://security.symantec.com/nbrt/npe.aspx
It was quick, really easy and I trust Norton as a company.

(But I do still reccomend following the advice above, as these people are super helpful and can ensure your computer is squeaky clean and problem free)

Edited by PD!, 29 March 2012 - 12:57 AM.


#4 johnhock

johnhock
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 01 April 2012 - 02:29 PM

Thanks for helping ... please pardon my delay in responding.

Here's the log from TDSSKiller:

12:30:02.0963 5828 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
12:30:04.0460 5828 ============================================================
12:30:04.0460 5828 Current date / time: 2012/04/01 12:30:04.0460
12:30:04.0460 5828 SystemInfo:
12:30:04.0460 5828
12:30:04.0460 5828 OS Version: 6.0.6001 ServicePack: 1.0
12:30:04.0460 5828 Product type: Workstation
12:30:04.0460 5828 ComputerName: ROCINANTE
12:30:04.0460 5828 UserName: John2
12:30:04.0460 5828 Windows directory: C:\Windows
12:30:04.0460 5828 System windows directory: C:\Windows
12:30:04.0460 5828 Processor architecture: Intel x86
12:30:04.0460 5828 Number of processors: 2
12:30:04.0460 5828 Page size: 0x1000
12:30:04.0460 5828 Boot type: Normal boot
12:30:04.0460 5828 ============================================================
12:30:06.0129 5828 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:30:06.0129 5828 Drive \Device\Harddisk1\DR1 - Size: 0x11C0000 (0.02 Gb), SectorSize: 0x200, Cylinders: 0x2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:30:06.0176 5828 \Device\Harddisk0\DR0:
12:30:06.0176 5828 MBR used
12:30:06.0176 5828 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000
12:30:06.0176 5828 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x24012800
12:30:06.0176 5828 \Device\Harddisk1\DR1:
12:30:06.0192 5828 Invalid mbr signature
12:30:06.0254 5828 Initialize success
12:30:06.0254 5828 ============================================================
12:30:36.0768 6104 ============================================================
12:30:36.0768 6104 Scan started
12:30:36.0768 6104 Mode: Manual; TDLFS;
12:30:36.0768 6104 ============================================================
12:30:37.0470 6104 45269a7c - ok
12:30:37.0563 6104 61883 (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys
12:30:37.0563 6104 61883 - ok
12:30:37.0626 6104 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
12:30:37.0626 6104 ACPI - ok
12:30:37.0673 6104 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
12:30:37.0688 6104 adp94xx - ok
12:30:37.0751 6104 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
12:30:37.0751 6104 adpahci - ok
12:30:37.0797 6104 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
12:30:37.0797 6104 adpu160m - ok
12:30:37.0875 6104 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
12:30:37.0875 6104 adpu320 - ok
12:30:37.0985 6104 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
12:30:37.0985 6104 AeLookupSvc - ok
12:30:38.0047 6104 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
12:30:38.0047 6104 AFD - ok
12:30:38.0125 6104 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
12:30:38.0141 6104 agp440 - ok
12:30:38.0219 6104 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
12:30:38.0219 6104 aic78xx - ok
12:30:38.0265 6104 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
12:30:38.0265 6104 ALG - ok
12:30:38.0281 6104 aliide (e32a92e1574a467f7c762922f6162d76) C:\Windows\system32\drivers\aliide.sys
12:30:38.0281 6104 aliide - ok
12:30:38.0297 6104 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
12:30:38.0297 6104 amdagp - ok
12:30:38.0328 6104 amdide (b52b576cb0099a62f87214f371031561) C:\Windows\system32\drivers\amdide.sys
12:30:38.0328 6104 amdide - ok
12:30:38.0390 6104 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
12:30:38.0390 6104 AmdK7 - ok
12:30:38.0437 6104 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
12:30:38.0437 6104 AmdK8 - ok
12:30:38.0562 6104 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
12:30:38.0562 6104 Appinfo - ok
12:30:38.0640 6104 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
12:30:38.0640 6104 arc - ok
12:30:38.0718 6104 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
12:30:38.0718 6104 arcsas - ok
12:30:38.0843 6104 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:30:38.0843 6104 aspnet_state - ok
12:30:39.0014 6104 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
12:30:39.0014 6104 AsyncMac - ok
12:30:39.0077 6104 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
12:30:39.0077 6104 atapi - ok
12:30:39.0170 6104 atksgt (f9c24d25d9ff29f894995a64812b4d85) C:\Windows\system32\DRIVERS\atksgt.sys
12:30:39.0170 6104 atksgt - ok
12:30:39.0264 6104 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
12:30:39.0264 6104 AudioEndpointBuilder - ok
12:30:39.0279 6104 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
12:30:39.0279 6104 Audiosrv - ok
12:30:39.0357 6104 Avc (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys
12:30:39.0357 6104 Avc - ok
12:30:39.0451 6104 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
12:30:39.0451 6104 Beep - ok
12:30:39.0529 6104 BFE (8582e233c346aefe759833e8a30dd697) C:\Windows\System32\bfe.dll
12:30:39.0529 6104 BFE - ok
12:30:39.0810 6104 BHDrvx86 (eb7f1f1dfa95c25d762c22d3cf13d4e0) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120317.002\BHDrvx86.sys
12:30:39.0825 6104 BHDrvx86 - ok
12:30:39.0950 6104 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\system32\qmgr.dll
12:30:39.0981 6104 BITS - ok
12:30:40.0028 6104 blbdrive - ok
12:30:40.0075 6104 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
12:30:40.0075 6104 bowser - ok
12:30:40.0137 6104 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
12:30:40.0137 6104 BrFiltLo - ok
12:30:40.0169 6104 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
12:30:40.0169 6104 BrFiltUp - ok
12:30:40.0215 6104 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
12:30:40.0215 6104 Browser - ok
12:30:40.0278 6104 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
12:30:40.0278 6104 Brserid - ok
12:30:40.0309 6104 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
12:30:40.0309 6104 BrSerWdm - ok
12:30:40.0356 6104 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
12:30:40.0356 6104 BrUsbMdm - ok
12:30:40.0371 6104 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
12:30:40.0371 6104 BrUsbSer - ok
12:30:40.0449 6104 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
12:30:40.0449 6104 BTHMODEM - ok
12:30:40.0668 6104 catchme - ok
12:30:40.0761 6104 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
12:30:40.0761 6104 cdfs - ok
12:30:40.0808 6104 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
12:30:40.0808 6104 cdrom - ok
12:30:40.0886 6104 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
12:30:40.0886 6104 CertPropSvc - ok
12:30:40.0917 6104 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
12:30:40.0917 6104 circlass - ok
12:30:40.0980 6104 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
12:30:40.0995 6104 CLFS - ok
12:30:41.0089 6104 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:30:41.0089 6104 clr_optimization_v2.0.50727_32 - ok
12:30:41.0214 6104 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:30:41.0229 6104 clr_optimization_v4.0.30319_32 - ok
12:30:41.0276 6104 cmdide (c177dd90b5dc1dcaa96ccece752e6f0f) C:\Windows\system32\drivers\cmdide.sys
12:30:41.0276 6104 cmdide - ok
12:30:41.0323 6104 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\drivers\compbatt.sys
12:30:41.0323 6104 Compbatt - ok
12:30:41.0339 6104 COMSysApp - ok
12:30:41.0354 6104 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
12:30:41.0354 6104 crcdisk - ok
12:30:41.0385 6104 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
12:30:41.0385 6104 Crusoe - ok
12:30:41.0448 6104 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
12:30:41.0448 6104 CryptSvc - ok
12:30:41.0619 6104 DaumCleanerService (433057c74d4fd22d921e74ac7d052ab6) C:\Program Files\Daum\Cleaner\DaumCleanerService.exe
12:30:41.0619 6104 DaumCleanerService - ok
12:30:41.0775 6104 DcomLaunch (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
12:30:41.0775 6104 DcomLaunch - ok
12:30:41.0853 6104 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
12:30:41.0853 6104 DfsC - ok
12:30:41.0931 6104 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
12:30:41.0947 6104 Dhcp - ok
12:30:42.0009 6104 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
12:30:42.0009 6104 disk - ok
12:30:42.0134 6104 Dnscache (4805d9a6d281c7a7defd9094dec6af7d) C:\Windows\System32\dnsrslvr.dll
12:30:42.0150 6104 Dnscache - ok
12:30:42.0197 6104 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
12:30:42.0212 6104 dot3svc - ok
12:30:42.0337 6104 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
12:30:42.0337 6104 Dot4 - ok
12:30:42.0415 6104 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:30:42.0415 6104 Dot4Print - ok
12:30:42.0477 6104 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
12:30:42.0477 6104 dot4usb - ok
12:30:42.0618 6104 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
12:30:42.0618 6104 DPS - ok
12:30:42.0680 6104 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
12:30:42.0680 6104 drmkaud - ok
12:30:42.0727 6104 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
12:30:42.0743 6104 DXGKrnl - ok
12:30:42.0836 6104 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
12:30:42.0836 6104 e1express - ok
12:30:42.0914 6104 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
12:30:42.0914 6104 E1G60 - ok
12:30:42.0977 6104 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
12:30:42.0992 6104 EapHost - ok
12:30:43.0101 6104 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
12:30:43.0101 6104 Ecache - ok
12:30:43.0273 6104 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:30:43.0289 6104 eeCtrl - ok
12:30:43.0413 6104 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
12:30:43.0413 6104 ehRecvr - ok
12:30:43.0460 6104 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
12:30:43.0460 6104 ehSched - ok
12:30:43.0491 6104 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
12:30:43.0491 6104 ehstart - ok
12:30:43.0585 6104 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
12:30:43.0601 6104 elxstor - ok
12:30:43.0663 6104 EMDMgmt (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll
12:30:43.0679 6104 EMDMgmt - ok
12:30:43.0835 6104 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:30:43.0850 6104 EraserUtilRebootDrv - ok
12:30:43.0959 6104 EventSystem (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll
12:30:43.0959 6104 EventSystem - ok
12:30:44.0131 6104 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
12:30:44.0131 6104 exfat - ok
12:30:44.0193 6104 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
12:30:44.0193 6104 fastfat - ok
12:30:44.0271 6104 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
12:30:44.0287 6104 fdc - ok
12:30:44.0427 6104 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
12:30:44.0443 6104 fdPHost - ok
12:30:44.0474 6104 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
12:30:44.0474 6104 FDResPub - ok
12:30:44.0552 6104 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
12:30:44.0552 6104 FileInfo - ok
12:30:44.0599 6104 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
12:30:44.0599 6104 Filetrace - ok
12:30:44.0646 6104 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
12:30:44.0646 6104 flpydisk - ok
12:30:44.0786 6104 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
12:30:44.0786 6104 FltMgr - ok
12:30:44.0911 6104 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:30:44.0911 6104 FontCache3.0.0.0 - ok
12:30:45.0129 6104 FreeAgentGoNext Service (9513b437b7adb1e6065b7f0d83d11ecf) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
12:30:45.0145 6104 FreeAgentGoNext Service - ok
12:30:45.0270 6104 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
12:30:45.0270 6104 Fs_Rec - ok
12:30:45.0332 6104 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
12:30:45.0332 6104 gagp30kx - ok
12:30:45.0395 6104 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:30:45.0395 6104 GEARAspiWDM - ok
12:30:45.0519 6104 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
12:30:45.0535 6104 GoogleDesktopManager-051210-111108 - ok
12:30:45.0597 6104 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
12:30:45.0613 6104 GoToAssist - ok
12:30:45.0785 6104 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
12:30:45.0800 6104 gpsvc - ok
12:30:46.0050 6104 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
12:30:46.0050 6104 gupdate - ok
12:30:46.0112 6104 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
12:30:46.0112 6104 gupdatem - ok
12:30:46.0190 6104 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:30:46.0190 6104 gusvc - ok
12:30:46.0393 6104 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
12:30:46.0393 6104 HdAudAddService - ok
12:30:46.0471 6104 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:30:46.0471 6104 HDAudBus - ok
12:30:46.0565 6104 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
12:30:46.0565 6104 HidBth - ok
12:30:46.0596 6104 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
12:30:46.0596 6104 HidIr - ok
12:30:46.0674 6104 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\System32\hidserv.dll
12:30:46.0674 6104 hidserv - ok
12:30:46.0736 6104 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
12:30:46.0736 6104 HidUsb - ok
12:30:46.0799 6104 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
12:30:46.0799 6104 hkmsvc - ok
12:30:46.0830 6104 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
12:30:46.0830 6104 HpCISSs - ok
12:30:46.0877 6104 HSF_DPV (99f85640054ba65190b860d878a7c9ae) C:\Windows\system32\DRIVERS\HSX_DPV.sys
12:30:46.0892 6104 HSF_DPV - ok
12:30:46.0908 6104 HSXHWBS2 (fe440536bd98af772130dc3a6fe1915f) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
12:30:46.0908 6104 HSXHWBS2 - ok
12:30:46.0970 6104 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
12:30:46.0970 6104 HTTP - ok
12:30:47.0017 6104 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
12:30:47.0017 6104 i2omp - ok
12:30:47.0095 6104 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
12:30:47.0095 6104 i8042prt - ok
12:30:47.0157 6104 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
12:30:47.0157 6104 iaStor - ok
12:30:47.0189 6104 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
12:30:47.0189 6104 iaStorV - ok
12:30:47.0313 6104 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:30:47.0329 6104 idsvc - ok
12:30:47.0563 6104 IDSVix86 (b6662611e8fa3a71473c4a9bd0d23755) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120330.002\IDSvix86.sys
12:30:47.0579 6104 IDSVix86 - ok
12:30:47.0781 6104 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
12:30:47.0813 6104 igfx - ok
12:30:47.0859 6104 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
12:30:47.0859 6104 iirsp - ok
12:30:47.0906 6104 IKEEXT (a3bc480a2bf8aa8e4dabd2d5dce0afac) C:\Windows\System32\ikeext.dll
12:30:47.0922 6104 IKEEXT - ok
12:30:48.0140 6104 IntcAzAudAddService (4eae74c8bcbca309a5d7cbad7e231427) C:\Windows\system32\drivers\RTKVHDA.sys
12:30:48.0171 6104 IntcAzAudAddService - ok
12:30:48.0234 6104 intelide (59b00efb24ead979becf413703bb1fac) C:\Windows\system32\DRIVERS\intelide.sys
12:30:48.0234 6104 intelide - ok
12:30:48.0312 6104 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
12:30:48.0312 6104 intelppm - ok
12:30:48.0405 6104 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
12:30:48.0405 6104 IPBusEnum - ok
12:30:48.0452 6104 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:30:48.0452 6104 IpFilterDriver - ok
12:30:48.0515 6104 iphlpsvc (6a35d233693edc29a12742049bc5e37f) C:\Windows\System32\iphlpsvc.dll
12:30:48.0515 6104 iphlpsvc - ok
12:30:48.0530 6104 IpInIp - ok
12:30:48.0577 6104 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
12:30:48.0577 6104 IPMIDRV - ok
12:30:48.0655 6104 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
12:30:48.0655 6104 IPNAT - ok
12:30:48.0733 6104 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
12:30:48.0733 6104 IRENUM - ok
12:30:49.0310 6104 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
12:30:49.0310 6104 isapnp - ok
12:30:49.0357 6104 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
12:30:49.0373 6104 iScsiPrt - ok
12:30:49.0435 6104 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
12:30:49.0435 6104 iteatapi - ok
12:30:49.0529 6104 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
12:30:49.0560 6104 iteraid - ok
12:30:49.0809 6104 JL2005C - ok
12:30:49.0903 6104 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
12:30:49.0934 6104 kbdclass - ok
12:30:49.0981 6104 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
12:30:49.0981 6104 kbdhid - ok
12:30:50.0075 6104 KeyIso (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
12:30:50.0090 6104 KeyIso - ok
12:30:50.0153 6104 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
12:30:50.0153 6104 KSecDD - ok
12:30:50.0293 6104 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
12:30:50.0340 6104 KtmRm - ok
12:30:50.0543 6104 LanmanServer (1925e63c91cf1610ae41bfd539062079) C:\Windows\System32\srvsvc.dll
12:30:50.0589 6104 LanmanServer - ok
12:30:50.0714 6104 LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll
12:30:50.0745 6104 LanmanWorkstation - ok
12:30:50.0979 6104 lirsgt (8ccf9ed46d52af1375875f74a91ffacf) C:\Windows\system32\DRIVERS\lirsgt.sys
12:30:50.0979 6104 lirsgt - ok
12:30:51.0042 6104 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
12:30:51.0057 6104 lltdio - ok
12:30:51.0151 6104 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
12:30:51.0151 6104 lltdsvc - ok
12:30:51.0198 6104 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
12:30:51.0198 6104 lmhosts - ok
12:30:51.0260 6104 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
12:30:51.0260 6104 LSI_FC - ok
12:30:51.0338 6104 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
12:30:51.0338 6104 LSI_SAS - ok
12:30:51.0416 6104 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
12:30:51.0416 6104 LSI_SCSI - ok
12:30:51.0525 6104 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
12:30:51.0541 6104 luafv - ok
12:30:51.0588 6104 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
12:30:51.0588 6104 Mcx2Svc - ok
12:30:51.0619 6104 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
12:30:51.0650 6104 mdmxsdk - ok
12:30:51.0713 6104 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
12:30:51.0713 6104 megasas - ok
12:30:51.0884 6104 Microsoft SharePoint Workspace Audit Service - ok
12:30:52.0196 6104 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
12:30:52.0196 6104 MMCSS - ok
12:30:52.0321 6104 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
12:30:52.0321 6104 Modem - ok
12:30:52.0508 6104 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
12:30:52.0508 6104 monitor - ok
12:30:52.0664 6104 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
12:30:52.0695 6104 mouclass - ok
12:30:52.0742 6104 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
12:30:52.0742 6104 mouhid - ok
12:30:52.0820 6104 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
12:30:52.0820 6104 MountMgr - ok
12:30:52.0898 6104 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
12:30:52.0898 6104 mpio - ok
12:30:52.0992 6104 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
12:30:52.0992 6104 mpsdrv - ok
12:30:53.0085 6104 MpsSvc (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll
12:30:53.0101 6104 MpsSvc - ok
12:30:53.0117 6104 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
12:30:53.0117 6104 Mraid35x - ok
12:30:53.0179 6104 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
12:30:53.0179 6104 MRxDAV - ok
12:30:53.0241 6104 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:30:53.0241 6104 mrxsmb - ok
12:30:53.0413 6104 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:30:53.0413 6104 mrxsmb10 - ok
12:30:53.0772 6104 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:30:53.0772 6104 mrxsmb20 - ok
12:30:53.0803 6104 msahci (2681302b63b318cbea6c82902ac5428c) C:\Windows\system32\drivers\msahci.sys
12:30:53.0803 6104 msahci - ok
12:30:53.0834 6104 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
12:30:53.0834 6104 msdsm - ok
12:30:53.0881 6104 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
12:30:53.0881 6104 MSDTC - ok
12:30:53.0975 6104 MSDV (343291a4dfd7c923c3f71f550830ec1c) C:\Windows\system32\DRIVERS\msdv.sys
12:30:54.0006 6104 MSDV - ok
12:30:54.0099 6104 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
12:30:54.0099 6104 Msfs - ok
12:30:54.0162 6104 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
12:30:54.0177 6104 msisadrv - ok
12:30:54.0240 6104 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
12:30:54.0240 6104 MSiSCSI - ok
12:30:54.0302 6104 msiserver - ok
12:30:54.0333 6104 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
12:30:54.0333 6104 MSKSSRV - ok
12:30:54.0474 6104 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
12:30:54.0474 6104 MSPCLOCK - ok
12:30:54.0505 6104 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
12:30:54.0505 6104 MSPQM - ok
12:30:54.0536 6104 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
12:30:54.0552 6104 MsRPC - ok
12:30:54.0583 6104 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
12:30:54.0583 6104 mssmbios - ok
12:30:54.0599 6104 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
12:30:54.0599 6104 MSTEE - ok
12:30:54.0630 6104 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
12:30:54.0630 6104 Mup - ok
12:30:54.0770 6104 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
12:30:54.0770 6104 N360 - ok
12:30:54.0879 6104 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
12:30:54.0879 6104 napagent - ok
12:30:55.0020 6104 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
12:30:55.0051 6104 NativeWifiP - ok
12:30:55.0347 6104 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120331.009\NAVENG.SYS
12:30:55.0347 6104 NAVENG - ok
12:30:55.0457 6104 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120331.009\NAVEX15.SYS
12:30:55.0488 6104 NAVEX15 - ok
12:30:55.0644 6104 NDIS (c8560010a542b5dca94c62468dc20784) C:\Windows\system32\drivers\ndis.sys
12:30:55.0644 6104 NDIS - ok
12:30:55.0706 6104 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
12:30:55.0706 6104 NdisTapi - ok
12:30:55.0769 6104 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
12:30:55.0769 6104 Ndisuio - ok
12:30:55.0847 6104 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
12:30:55.0847 6104 NdisWan - ok
12:30:56.0034 6104 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
12:30:56.0034 6104 NDProxy - ok
12:30:56.0252 6104 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
12:30:56.0252 6104 NetBIOS - ok
12:30:56.0330 6104 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
12:30:56.0330 6104 netbt - ok
12:30:56.0439 6104 Netlogon (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
12:30:56.0439 6104 Netlogon - ok
12:30:56.0611 6104 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
12:30:56.0611 6104 Netman - ok
12:30:56.0689 6104 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
12:30:56.0689 6104 netprofm - ok
12:30:56.0783 6104 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:30:56.0783 6104 NetTcpPortSharing - ok
12:30:56.0861 6104 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
12:30:56.0861 6104 nfrd960 - ok
12:30:56.0907 6104 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
12:30:56.0923 6104 NlaSvc - ok
12:30:56.0971 6104 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
12:30:56.0971 6104 Npfs - ok
12:30:57.0062 6104 nPStarterSVC (0b11b1ade8d4516cf3d8c36e923880a2) C:\Windows\system32\nPStarterSVC.exe
12:30:57.0070 6104 nPStarterSVC - ok
12:30:57.0159 6104 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
12:30:57.0159 6104 nsi - ok
12:30:57.0237 6104 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
12:30:57.0237 6104 nsiproxy - ok
12:30:57.0408 6104 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
12:30:57.0408 6104 Ntfs - ok
12:30:57.0471 6104 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
12:30:57.0471 6104 ntrigdigi - ok
12:30:57.0502 6104 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
12:30:57.0502 6104 Null - ok
12:30:57.0627 6104 NVHDA (a82534d453425f5fee4b6a583fdcf3eb) C:\Windows\system32\drivers\nvhda32v.sys
12:30:57.0642 6104 NVHDA - ok
12:30:58.0485 6104 nvlddmkm (66b4bf606fcc7f0622d4a21bb1461089) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:30:58.0734 6104 nvlddmkm - ok
12:30:58.0844 6104 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
12:30:58.0859 6104 nvraid - ok
12:30:58.0890 6104 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
12:30:58.0890 6104 nvstor - ok
12:30:59.0312 6104 nvsvc (d122f7c5f79c68868f5dc28cefeb2ecf) C:\Windows\system32\nvvsvc.exe
12:30:59.0436 6104 nvsvc - ok
12:30:59.0795 6104 nvUpdatusService (003cb0a155568b4a53a301f07c734233) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
12:30:59.0858 6104 nvUpdatusService - ok
12:31:00.0060 6104 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
12:31:00.0076 6104 nv_agp - ok
12:31:00.0092 6104 NwlnkFlt - ok
12:31:00.0107 6104 NwlnkFwd - ok
12:31:00.0170 6104 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
12:31:00.0170 6104 ohci1394 - ok
12:31:00.0294 6104 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:31:00.0310 6104 ose - ok
12:31:00.0522 6104 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:31:00.0615 6104 osppsvc - ok
12:31:00.0803 6104 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
12:31:00.0818 6104 p2pimsvc - ok
12:31:00.0834 6104 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
12:31:00.0834 6104 p2psvc - ok
12:31:00.0974 6104 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
12:31:00.0990 6104 Parport - ok
12:31:01.0161 6104 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
12:31:01.0177 6104 partmgr - ok
12:31:01.0208 6104 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
12:31:01.0208 6104 Parvdm - ok
12:31:01.0271 6104 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
12:31:01.0286 6104 PcaSvc - ok
12:31:01.0411 6104 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
12:31:01.0411 6104 pci - ok
12:31:01.0520 6104 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
12:31:01.0520 6104 pciide - ok
12:31:01.0676 6104 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
12:31:01.0676 6104 pcmcia - ok
12:31:01.0770 6104 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
12:31:01.0785 6104 PEAUTH - ok
12:31:02.0004 6104 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
12:31:02.0035 6104 pla - ok
12:31:02.0113 6104 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
12:31:02.0160 6104 PlugPlay - ok
12:31:02.0472 6104 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
12:31:02.0472 6104 PNRPAutoReg - ok
12:31:02.0487 6104 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
12:31:02.0503 6104 PNRPsvc - ok
12:31:02.0565 6104 PolicyAgent (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll
12:31:02.0565 6104 PolicyAgent - ok
12:31:02.0628 6104 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
12:31:02.0628 6104 PptpMiniport - ok
12:31:02.0784 6104 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
12:31:02.0784 6104 Processor - ok
12:31:02.0877 6104 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
12:31:02.0877 6104 ProfSvc - ok
12:31:02.0940 6104 ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
12:31:02.0955 6104 ProtectedStorage - ok
12:31:03.0002 6104 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
12:31:03.0002 6104 PSched - ok
12:31:03.0127 6104 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
12:31:03.0143 6104 PSI_SVC_2 - ok
12:31:03.0423 6104 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
12:31:03.0423 6104 PxHelp20 - ok
12:31:03.0845 6104 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
12:31:03.0845 6104 ql2300 - ok
12:31:03.0954 6104 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
12:31:03.0969 6104 ql40xx - ok
12:31:04.0047 6104 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
12:31:04.0063 6104 QWAVE - ok
12:31:04.0141 6104 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
12:31:04.0141 6104 QWAVEdrv - ok
12:31:04.0297 6104 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
12:31:04.0328 6104 R300 - ok
12:31:04.0437 6104 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
12:31:04.0437 6104 RasAcd - ok
12:31:04.0515 6104 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
12:31:04.0547 6104 RasAuto - ok
12:31:04.0609 6104 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:31:04.0609 6104 Rasl2tp - ok
12:31:04.0905 6104 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
12:31:04.0921 6104 RasMan - ok
12:31:05.0405 6104 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
12:31:05.0405 6104 RasPppoe - ok
12:31:05.0529 6104 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
12:31:05.0529 6104 RasSstp - ok
12:31:05.0748 6104 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
12:31:05.0748 6104 rdbss - ok
12:31:05.0810 6104 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:31:05.0810 6104 RDPCDD - ok
12:31:05.0904 6104 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
12:31:05.0904 6104 rdpdr - ok
12:31:05.0904 6104 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
12:31:05.0919 6104 RDPENCDD - ok
12:31:05.0982 6104 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
12:31:05.0982 6104 RDPWD - ok
12:31:06.0091 6104 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
12:31:06.0091 6104 RemoteAccess - ok
12:31:06.0153 6104 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
12:31:06.0185 6104 RemoteRegistry - ok
12:31:06.0325 6104 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
12:31:06.0325 6104 RimUsb - ok
12:31:06.0356 6104 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
12:31:06.0356 6104 RpcLocator - ok
12:31:06.0668 6104 RpcSs (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
12:31:06.0684 6104 RpcSs - ok
12:31:06.0824 6104 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
12:31:06.0824 6104 rspndr - ok
12:31:06.0887 6104 SamSs (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
12:31:06.0887 6104 SamSs - ok
12:31:06.0949 6104 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
12:31:06.0949 6104 sbp2port - ok
12:31:07.0011 6104 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
12:31:07.0027 6104 SCardSvr - ok
12:31:07.0136 6104 Schedule (7b587b8a6d4a99f79d2902d0385f29bd) C:\Windows\system32\schedsvc.dll
12:31:07.0152 6104 Schedule - ok
12:31:07.0230 6104 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
12:31:07.0230 6104 SCPolicySvc - ok
12:31:07.0386 6104 scskusbf (fd0c8a2aacc788d415f1957099827f80) C:\Windows\system32\drivers\scskusbf.sys
12:31:07.0386 6104 scskusbf - ok
12:31:07.0433 6104 scskusbs (9c321e854e50601ac8e1282a055ed66a) C:\Windows\system32\drivers\scskusbs.sys
12:31:07.0433 6104 scskusbs - ok
12:31:07.0479 6104 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
12:31:07.0511 6104 SDRSVC - ok
12:31:07.0589 6104 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
12:31:07.0589 6104 secdrv - ok
12:31:07.0604 6104 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
12:31:07.0604 6104 seclogon - ok
12:31:07.0698 6104 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
12:31:07.0729 6104 SENS - ok
12:31:07.0791 6104 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
12:31:07.0791 6104 Serenum - ok
12:31:07.0823 6104 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
12:31:07.0838 6104 Serial - ok
12:31:07.0885 6104 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
12:31:07.0885 6104 sermouse - ok
12:31:07.0947 6104 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
12:31:07.0947 6104 SessionEnv - ok
12:31:07.0994 6104 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
12:31:08.0010 6104 sffdisk - ok
12:31:08.0057 6104 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
12:31:08.0057 6104 sffp_mmc - ok
12:31:08.0088 6104 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
12:31:08.0088 6104 sffp_sd - ok
12:31:08.0150 6104 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
12:31:08.0166 6104 sfloppy - ok
12:31:08.0213 6104 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
12:31:08.0228 6104 SharedAccess - ok
12:31:08.0353 6104 ShellHWDetection (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\System32\shsvcs.dll
12:31:08.0353 6104 ShellHWDetection - ok
12:31:08.0431 6104 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
12:31:08.0431 6104 sisagp - ok
12:31:08.0462 6104 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
12:31:08.0462 6104 SiSRaid2 - ok
12:31:08.0493 6104 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
12:31:08.0493 6104 SiSRaid4 - ok
12:31:08.0618 6104 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
12:31:08.0665 6104 slsvc - ok
12:31:08.0790 6104 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
12:31:08.0790 6104 SLUINotify - ok
12:31:08.0852 6104 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
12:31:08.0852 6104 Smb - ok
12:31:08.0930 6104 SMR250 (ecc0db3be1589dbb7e0fa7c1e0dda0e4) C:\Windows\system32\drivers\SMR250.SYS
12:31:08.0930 6104 SMR250 - ok
12:31:08.0993 6104 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
12:31:08.0993 6104 SNMPTRAP - ok
12:31:09.0024 6104 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
12:31:09.0024 6104 spldr - ok
12:31:09.0086 6104 Spooler (3665f79026a3f91fbca63f2c65a09b19) C:\Windows\System32\spoolsv.exe
12:31:09.0102 6104 Spooler - ok
12:31:09.0320 6104 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\N360\0502000.00D\SRTSP.SYS
12:31:09.0320 6104 SRTSP - ok
12:31:09.0351 6104 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\N360\0502000.00D\SRTSPX.SYS
12:31:09.0367 6104 SRTSPX - ok
12:31:09.0445 6104 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
12:31:09.0445 6104 srv - ok
12:31:09.0554 6104 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
12:31:09.0554 6104 srv2 - ok
12:31:09.0601 6104 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
12:31:09.0601 6104 srvnet - ok
12:31:09.0695 6104 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
12:31:09.0695 6104 SSDPSRV - ok
12:31:09.0960 6104 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
12:31:09.0960 6104 SstpSvc - ok
12:31:10.0053 6104 Steam Client Service - ok
12:31:10.0178 6104 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:31:10.0178 6104 Stereo Service - ok
12:31:10.0319 6104 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
12:31:10.0319 6104 stisvc - ok
12:31:10.0365 6104 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
12:31:10.0381 6104 stllssvr - ok
12:31:10.0443 6104 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
12:31:10.0443 6104 swenum - ok
12:31:10.0506 6104 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
12:31:10.0615 6104 swprv - ok
12:31:10.0662 6104 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
12:31:10.0662 6104 Symc8xx - ok
12:31:10.0755 6104 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\N360\0502000.00D\SYMDS.SYS
12:31:10.0755 6104 SymDS - ok
12:31:10.0880 6104 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\N360\0502000.00D\SYMEFA.SYS
12:31:10.0880 6104 SymEFA - ok
12:31:10.0974 6104 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
12:31:10.0974 6104 SymEvent - ok
12:31:11.0021 6104 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\N360\0502000.00D\Ironx86.SYS
12:31:11.0036 6104 SymIRON - ok
12:31:11.0083 6104 SYMTDIv (d42a7229e333af725f1445f785e4658d) C:\Windows\System32\Drivers\N360\0502000.00D\SYMTDIV.SYS
12:31:11.0083 6104 SYMTDIv - ok
12:31:11.0145 6104 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
12:31:11.0145 6104 Sym_hi - ok
12:31:11.0208 6104 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
12:31:11.0208 6104 Sym_u3 - ok
12:31:11.0286 6104 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
12:31:11.0286 6104 SysMain - ok
12:31:11.0333 6104 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
12:31:11.0333 6104 TabletInputService - ok
12:31:11.0395 6104 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
12:31:11.0411 6104 TapiSrv - ok
12:31:11.0489 6104 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
12:31:11.0489 6104 TBS - ok
12:31:11.0660 6104 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
12:31:11.0660 6104 Tcpip - ok
12:31:11.0691 6104 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
12:31:11.0707 6104 Tcpip6 - ok
12:31:11.0707 6104 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
12:31:11.0723 6104 tcpipreg - ok
12:31:11.0769 6104 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
12:31:11.0769 6104 TDPIPE - ok
12:31:11.0801 6104 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
12:31:11.0801 6104 TDTCP - ok
12:31:11.0847 6104 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
12:31:11.0847 6104 tdx - ok
12:31:11.0863 6104 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
12:31:11.0879 6104 TermDD - ok
12:31:11.0972 6104 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
12:31:11.0988 6104 TermService - ok
12:31:12.0081 6104 Themes (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\system32\shsvcs.dll
12:31:12.0081 6104 Themes - ok
12:31:12.0128 6104 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
12:31:12.0128 6104 THREADORDER - ok
12:31:12.0175 6104 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
12:31:12.0191 6104 TrkWks - ok
12:31:12.0237 6104 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
12:31:12.0237 6104 TrustedInstaller - ok
12:31:12.0315 6104 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:31:12.0315 6104 tssecsrv - ok
12:31:12.0393 6104 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
12:31:12.0393 6104 tunmp - ok
12:31:12.0456 6104 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
12:31:12.0456 6104 tunnel - ok
12:31:12.0518 6104 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
12:31:12.0518 6104 uagp35 - ok
12:31:12.0565 6104 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
12:31:12.0581 6104 udfs - ok
12:31:12.0659 6104 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
12:31:12.0659 6104 UI0Detect - ok
12:31:12.0690 6104 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
12:31:12.0690 6104 uliagpkx - ok
12:31:12.0721 6104 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
12:31:12.0721 6104 uliahci - ok
12:31:12.0783 6104 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
12:31:12.0783 6104 UlSata - ok
12:31:12.0830 6104 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
12:31:12.0846 6104 ulsata2 - ok
12:31:12.0877 6104 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
12:31:12.0877 6104 umbus - ok
12:31:12.0939 6104 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
12:31:12.0939 6104 upnphost - ok
12:31:13.0064 6104 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
12:31:13.0064 6104 usbaudio - ok
12:31:13.0158 6104 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
12:31:13.0158 6104 usbccgp - ok
12:31:13.0189 6104 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
12:31:13.0189 6104 usbcir - ok
12:31:13.0236 6104 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
12:31:13.0236 6104 usbehci - ok
12:31:13.0251 6104 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
12:31:13.0251 6104 usbhub - ok
12:31:13.0283 6104 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
12:31:13.0283 6104 usbohci - ok
12:31:13.0345 6104 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
12:31:13.0345 6104 usbprint - ok
12:31:13.0423 6104 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:31:13.0423 6104 USBSTOR - ok
12:31:13.0470 6104 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
12:31:13.0470 6104 usbuhci - ok
12:31:13.0517 6104 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
12:31:13.0532 6104 UxSms - ok
12:31:13.0579 6104 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
12:31:13.0595 6104 vds - ok
12:31:13.0704 6104 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
12:31:13.0704 6104 vga - ok
12:31:13.0766 6104 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
12:31:13.0766 6104 VgaSave - ok
12:31:13.0829 6104 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
12:31:13.0829 6104 viaagp - ok
12:31:13.0844 6104 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
12:31:13.0860 6104 ViaC7 - ok
12:31:13.0875 6104 viaide (689547ce911998d1e0da7a5992e025fc) C:\Windows\system32\drivers\viaide.sys
12:31:13.0875 6104 viaide - ok
12:31:13.0907 6104 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
12:31:13.0907 6104 volmgr - ok
12:31:13.0953 6104 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
12:31:13.0953 6104 volmgrx - ok
12:31:14.0031 6104 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
12:31:14.0031 6104 volsnap - ok
12:31:14.0078 6104 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
12:31:14.0078 6104 vsmraid - ok
12:31:14.0203 6104 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
12:31:14.0219 6104 VSS - ok
12:31:14.0234 6104 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
12:31:14.0250 6104 W32Time - ok
12:31:14.0281 6104 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
12:31:14.0281 6104 WacomPen - ok
12:31:14.0343 6104 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:31:14.0343 6104 Wanarp - ok
12:31:14.0359 6104 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:31:14.0359 6104 Wanarpv6 - ok
12:31:14.0390 6104 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
12:31:14.0406 6104 wcncsvc - ok
12:31:14.0499 6104 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
12:31:14.0515 6104 WcsPlugInService - ok
12:31:14.0531 6104 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
12:31:14.0531 6104 Wd - ok
12:31:14.0593 6104 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
12:31:14.0609 6104 Wdf01000 - ok
12:31:14.0671 6104 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
12:31:14.0671 6104 WdiServiceHost - ok
12:31:14.0671 6104 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
12:31:14.0687 6104 WdiSystemHost - ok
12:31:14.0718 6104 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
12:31:14.0718 6104 WebClient - ok
12:31:14.0811 6104 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
12:31:14.0811 6104 Wecsvc - ok
12:31:14.0858 6104 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
12:31:14.0874 6104 wercplsupport - ok
12:31:14.0921 6104 WerSvc (fd1965aaa112c6818a30ab02742d0461) C:\Windows\System32\WerSvc.dll
12:31:14.0921 6104 WerSvc - ok
12:31:14.0983 6104 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
12:31:14.0999 6104 winachsf - ok
12:31:15.0092 6104 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
12:31:15.0108 6104 WinDefend - ok
12:31:15.0123 6104 WinHttpAutoProxySvc - ok
12:31:15.0248 6104 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
12:31:15.0264 6104 Winmgmt - ok
12:31:15.0342 6104 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
12:31:15.0357 6104 WinRM - ok
12:31:15.0420 6104 Wlansvc (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll
12:31:15.0435 6104 Wlansvc - ok
12:31:15.0638 6104 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:31:15.0669 6104 wlidsvc - ok
12:31:15.0763 6104 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\drivers\wmiacpi.sys
12:31:15.0763 6104 WmiAcpi - ok
12:31:15.0841 6104 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
12:31:15.0841 6104 wmiApSrv - ok
12:31:16.0028 6104 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
12:31:16.0059 6104 WMPNetworkSvc - ok
12:31:16.0434 6104 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
12:31:16.0434 6104 WPCSvc - ok
12:31:16.0543 6104 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
12:31:16.0574 6104 WPDBusEnum - ok
12:31:16.0668 6104 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
12:31:16.0683 6104 WpdUsb - ok
12:31:16.0855 6104 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:31:16.0855 6104 WPFFontCache_v0400 - ok
12:31:16.0964 6104 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
12:31:16.0964 6104 ws2ifsl - ok
12:31:17.0027 6104 wscsvc (683dd16b590372f2c9661d277f35e49c) C:\Windows\system32\wscsvc.dll
12:31:17.0027 6104 wscsvc - ok
12:31:17.0042 6104 WSearch - ok
12:31:17.0136 6104 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
12:31:17.0167 6104 wuauserv - ok
12:31:17.0245 6104 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:31:17.0245 6104 WUDFRd - ok
12:31:17.0339 6104 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
12:31:17.0339 6104 wudfsvc - ok
12:31:17.0370 6104 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
12:31:17.0370 6104 XAudio - ok
12:31:17.0417 6104 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
12:31:17.0432 6104 XAudioService - ok
12:31:17.0495 6104 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
12:31:17.0604 6104 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:31:17.0604 6104 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:31:17.0651 6104 MBR (0x1B8) (250bebfd966fc59ae11e2a5547a7a0df) \Device\Harddisk1\DR1


Here is the aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-01 12:35:15
-----------------------------
12:35:16.008 OS Version: Windows 6.0.6001 Service Pack 1
12:35:16.008 Number of processors: 2 586 0xF0D
12:35:16.008 ComputerName: ROCINANTE UserName: John2
12:35:17.865 Initialize success
12:36:48.524 AVAST engine defs: 12040100
13:51:50.435 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:51:50.435 Disk 0 Vendor: Hitachi_HDT725032VLA360 V54OA73A Size: 305245MB BusType: 3
13:51:50.466 Disk 0 MBR read successfully
13:51:50.466 Disk 0 MBR scan
13:51:50.482 Disk 0 Windows VISTA default MBR code
13:51:50.497 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
13:51:50.513 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 112640
13:51:50.528 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 294949 MB offset 21084160
13:51:50.544 Disk 0 scanning sectors +625139712
13:51:50.638 Disk 0 scanning C:\Windows\system32\drivers
13:52:03.445 Service scanning
13:52:43.553 Modules scanning
13:53:04.550 Disk 0 trace - called modules:
13:53:05.112 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys
13:53:05.128 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a966758]
13:53:05.128 3 CLASSPNP.SYS[8efa9745] -> nt!IofCallDriver -> [0x8a178918]
13:53:05.143 5 acpi.sys[86e9e6a0] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x89382ba0]
13:53:07.514 AVAST engine scan C:\Windows
13:53:26.687 AVAST engine scan C:\Windows\system32
13:58:11.362 AVAST engine scan C:\Windows\system32\drivers
13:58:38.927 AVAST engine scan C:\Users\John2
14:02:08.451 File: C:\Users\John2\AppData\Roaming\Adobe\Flash Player\NativeCache\036AFE043A03EAFF3F55582DF5BBB80F\43542cfd\adobecp-200489-1.dll **INFECTED** Win32:Malware-gen
14:02:09.636 File: C:\Users\John2\AppData\Roaming\Adobe\Flash Player\NativeCache\036AFE043A03EAFF3F55582DF5BBB80F\4f7aacee\adobecp-200489-1.dll **INFECTED** Win32:Malware-gen
14:02:12.382 File: C:\Users\John2\AppData\Roaming\Adobe\Flash Player\NativeCache\7624407C79FD148BD154961B5C878D06\7bee0efa\adobecp-200489-1.dll **INFECTED** Win32:Malware-gen
14:09:50.429 AVAST engine scan C:\ProgramData
14:18:30.580 Scan finished successfully
14:28:38.434 Disk 0 MBR has been saved successfully to "C:\Users\John2\Desktop\Docs\Utilities\MBR.dat"
14:28:38.434 The log file has been saved successfully to "C:\Users\John2\Desktop\Docs\Utilities\aswMBR.txt"


I will try and run GMER again and post if I can get it to run. It has blue screened twice on me.

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:14 AM

Posted 01 April 2012 - 10:21 PM

12:31:17.0604 6104 \Device\Harddisk0\DR0 - detected TDSS File System (1)Download

Have you run TDSSkiller previously? Did it detect rootkit in your initial scans?


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users