Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Gimmeanswer Redirect


  • Please log in to reply
5 replies to this topic

#1 carpenoctem519

carpenoctem519

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 01 April 2012 - 04:15 PM

Unfortunately, have fallen victim to the Gimmeanswer redirect. Have tried a number of things to no avail. Could someone kindly give me a hand with this issue? Can post logs, etc. as needed.

Thanks in advance for your help!

David

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:43 AM

Posted 01 April 2012 - 08:49 PM

Hello and welcome..

Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.


Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.


>>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.


Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.



Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.



>>>>>>
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



Now reboot to Normal and run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 carpenoctem519

carpenoctem519
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 02 April 2012 - 11:22 PM

Thanks for this. I followed your instructions. I notice that IE is working much better. Tried opening a couple dozen links from a random Google search and no redirects. Interestingly, when I tried the same thing in Chrome I was getting redirected about 50% of the time.

Would appreciate any advice you can offer.

Here are the logs as requested:

SUPERAntiSpyware

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/02/2012 at 11:32 PM

Application Version : 5.0.1146

Core Rules Database Version : 8409
Trace Rules Database Version: 6221

Scan type : Complete Scan
Total Scan Time : 01:04:41

Operating System Information
Windows Vista Ultimate 64-bit, Service Pack 2 (Build 6.00.6002)
UAC Off - Administrator

Memory items scanned : 334
Memory threats detected : 0
Registry items scanned : 66871
Registry threats detected : 0
File items scanned : 94782
File threats detected : 200

Adware.Tracking Cookie
C:\Users\DAVID\AppData\Roaming\Microsoft\Windows\Cookies\1VTQBS6Z.txt [ /collective-media.net ]
C:\Users\DAVID\AppData\Roaming\Microsoft\Windows\Cookies\YH34785H.txt [ /kontera.com ]
C:\Users\DAVID\AppData\Roaming\Microsoft\Windows\Cookies\DG188XYO.txt [ /atdmt.com ]
C:\Users\DAVID\AppData\Roaming\Microsoft\Windows\Cookies\Y7IXPKCV.txt [ /doubleclick.net ]
C:\USERS\DAVID\Cookies\1VTQBS6Z.txt [ Cookie:DAVID@collective-media.net/ ]
C:\USERS\DAVID\Cookies\YH34785H.txt [ Cookie:DAVID@kontera.com/ ]
C:\USERS\DAVID\Cookies\DG188XYO.txt [ Cookie:DAVID@atdmt.com/ ]
C:\USERS\DAVID\Cookies\Y7IXPKCV.txt [ Cookie:DAVID@doubleclick.net/ ]
.atdmt.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediamatters.org [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getclicky.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.static.getclicky.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediamatters.org [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediamatters.org [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediamatters.org [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediamatters.org [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediamatters.org [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediamatters.org [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wstat.wibiya.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.gigcount.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.survey.g.doubleclick.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
network.realmedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.leeenterprises.112.2o7.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstnet.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
a.visualrevenue.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
click.get-answers-fast.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.saymedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.saymedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
sales.liveperson.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
sales.liveperson.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.prd1.netshelter.net [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.kat.ph [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\DAVID\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

TDSSKiller

23:39:26.0419 1992 TDSS rootkit removing tool 2.7.24.0 Apr 2 2012 10:31:48
23:39:26.0965 1992 ============================================================
23:39:26.0965 1992 Current date / time: 2012/04/02 23:39:26.0965
23:39:26.0965 1992 SystemInfo:
23:39:26.0965 1992
23:39:26.0965 1992 OS Version: 6.0.6002 ServicePack: 2.0
23:39:26.0965 1992 Product type: Workstation
23:39:26.0965 1992 ComputerName: DAVID-PC
23:39:26.0965 1992 UserName: DAVID
23:39:26.0965 1992 Windows directory: C:\Windows
23:39:26.0965 1992 System windows directory: C:\Windows
23:39:26.0965 1992 Running under WOW64
23:39:26.0965 1992 Processor architecture: Intel x64
23:39:26.0965 1992 Number of processors: 2
23:39:26.0965 1992 Page size: 0x1000
23:39:26.0965 1992 Boot type: Safe boot with network
23:39:26.0965 1992 ============================================================
23:39:28.0213 1992 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:39:28.0213 1992 \Device\Harddisk0\DR0:
23:39:28.0213 1992 MBR used
23:39:28.0213 1992 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x240487C1
23:39:28.0213 1992 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x24048800, BlocksNum 0x13E3800
23:39:28.0291 1992 Initialize success
23:39:28.0291 1992 ============================================================
23:40:00.0053 1932 ============================================================
23:40:00.0053 1932 Scan started
23:40:00.0053 1932 Mode: Manual; TDLFS;
23:40:00.0053 1932 ============================================================
23:40:00.0505 1932 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
23:40:00.0521 1932 !SASCORE - ok
23:40:00.0646 1932 ACDaemon - ok
23:40:00.0802 1932 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
23:40:00.0802 1932 ACPI - ok
23:40:00.0973 1932 adp94xx (9137451d37ba1c325cd6c2def3d2d692) C:\Windows\system32\drivers\adp94xx.sys
23:40:00.0989 1932 adp94xx - ok
23:40:01.0160 1932 adpahci (01f80898df5cc7df19b3b11351846263) C:\Windows\system32\drivers\adpahci.sys
23:40:01.0160 1932 adpahci - ok
23:40:01.0722 1932 adpu160m (da001db13fff45dfe9109936e265b7cc) C:\Windows\system32\drivers\adpu160m.sys
23:40:01.0722 1932 adpu160m - ok
23:40:01.0862 1932 adpu320 (2b10c35c5b7c5c0c28f572e035319602) C:\Windows\system32\drivers\adpu320.sys
23:40:01.0862 1932 adpu320 - ok
23:40:02.0018 1932 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
23:40:02.0034 1932 AeLookupSvc - ok
23:40:02.0237 1932 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
23:40:02.0237 1932 AFD - ok
23:40:02.0408 1932 agp440 (5ccdd13bc602ae33cd8b62d33c29ab72) C:\Windows\system32\drivers\agp440.sys
23:40:02.0408 1932 agp440 - ok
23:40:02.0533 1932 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
23:40:02.0549 1932 aic78xx - ok
23:40:02.0674 1932 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
23:40:02.0674 1932 ALG - ok
23:40:02.0830 1932 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
23:40:02.0830 1932 aliide - ok
23:40:02.0954 1932 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
23:40:02.0954 1932 amdide - ok
23:40:03.0110 1932 AmdK8 (de55dc52f7ceb89a967572d6b491ada2) C:\Windows\system32\DRIVERS\amdk8.sys
23:40:03.0110 1932 AmdK8 - ok
23:40:03.0251 1932 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
23:40:03.0266 1932 Appinfo - ok
23:40:03.0422 1932 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:40:03.0438 1932 Apple Mobile Device - ok
23:40:03.0578 1932 AppMgmt (3da98c07b18a676180fe7eed924d1673) C:\Windows\System32\appmgmts.dll
23:40:03.0578 1932 AppMgmt - ok
23:40:03.0719 1932 arc (2e8623f2fed998a97129a3db919551c8) C:\Windows\system32\drivers\arc.sys
23:40:03.0719 1932 arc - ok
23:40:03.0859 1932 arcsas (741a003c041a3ec480a2e71af71e9654) C:\Windows\system32\drivers\arcsas.sys
23:40:03.0859 1932 arcsas - ok
23:40:04.0031 1932 ArcSec - ok
23:40:04.0156 1932 ASBroker (2eeda27c19259c2340324ef7180d086b) c:\Program Files (x86)\Bioscrypt\VeriSoft\Bin\ASWLNPkg.dll
23:40:04.0156 1932 ASBroker - ok
23:40:04.0171 1932 ASChannel (bb3c0521ecca4bb17ac55eb640df0fa5) c:\Program Files (x86)\Bioscrypt\VeriSoft\Bin\AsChnl.dll
23:40:04.0171 1932 ASChannel - ok
23:40:04.0343 1932 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
23:40:04.0343 1932 AsyncMac - ok
23:40:04.0499 1932 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
23:40:04.0499 1932 atapi - ok
23:40:04.0655 1932 ATSWPDRV (1558c167467dcce0949c34abb6c5bca1) C:\Windows\system32\DRIVERS\ATSwpDrv.sys
23:40:04.0655 1932 ATSWPDRV - ok
23:40:04.0811 1932 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
23:40:04.0842 1932 AudioEndpointBuilder - ok
23:40:04.0842 1932 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
23:40:04.0842 1932 AudioSrv - ok
23:40:05.0045 1932 BCM43XV (a2160c5d70f3517fc7356b689abd6fcd) C:\Windows\system32\DRIVERS\bcmwl664.sys
23:40:05.0045 1932 BCM43XV - ok
23:40:05.0185 1932 Beep - ok
23:40:05.0341 1932 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
23:40:05.0357 1932 BFE - ok
23:40:05.0731 1932 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
23:40:06.0043 1932 BHDrvx64 - ok
23:40:06.0199 1932 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\system32\qmgr.dll
23:40:06.0340 1932 BITS - ok
23:40:06.0449 1932 blbdrive - ok
23:40:06.0558 1932 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
23:40:06.0574 1932 Bonjour Service - ok
23:40:06.0683 1932 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
23:40:06.0683 1932 bowser - ok
23:40:06.0823 1932 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
23:40:06.0839 1932 BrFiltLo - ok
23:40:06.0948 1932 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
23:40:06.0948 1932 BrFiltUp - ok
23:40:07.0104 1932 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
23:40:07.0104 1932 Browser - ok
23:40:07.0260 1932 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
23:40:07.0276 1932 Brserid - ok
23:40:07.0400 1932 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
23:40:07.0416 1932 BrSerWdm - ok
23:40:07.0541 1932 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
23:40:07.0541 1932 BrUsbMdm - ok
23:40:07.0681 1932 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
23:40:07.0681 1932 BrUsbSer - ok
23:40:07.0853 1932 BthEnum (09f926a0d9c0bafd8417a4307d2ed13c) C:\Windows\system32\DRIVERS\BthEnum.sys
23:40:07.0853 1932 BthEnum - ok
23:40:08.0009 1932 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
23:40:08.0009 1932 BTHMODEM - ok
23:40:08.0149 1932 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
23:40:08.0149 1932 BthPan - ok
23:40:08.0321 1932 BTHPORT (e1466882252ff51edde48c3f7eda2591) C:\Windows\system32\Drivers\BTHport.sys
23:40:08.0336 1932 BTHPORT - ok
23:40:08.0477 1932 BthServ (22e65ffd640f16968f855f5b3528d366) C:\Windows\System32\bthserv.dll
23:40:08.0477 1932 BthServ - ok
23:40:08.0602 1932 BTHUSB (970192cded77a128e7e30722e5ee6b9c) C:\Windows\system32\Drivers\BTHUSB.sys
23:40:08.0602 1932 BTHUSB - ok
23:40:08.0789 1932 btwaudio (18924cc6f8d5d6f6f78c9edc668c717a) C:\Windows\system32\drivers\btwaudio.sys
23:40:08.0789 1932 btwaudio - ok
23:40:08.0945 1932 btwavdt (9b874cd1e8cbeb9c158f4869e63c105b) C:\Windows\system32\drivers\btwavdt.sys
23:40:08.0945 1932 btwavdt - ok
23:40:09.0101 1932 btwrchid (c96ae548e918853a63e605f944ef1011) C:\Windows\system32\DRIVERS\btwrchid.sys
23:40:09.0116 1932 btwrchid - ok
23:40:09.0148 1932 catchme - ok
23:40:09.0366 1932 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0601020.00A\ccSetx64.sys
23:40:09.0366 1932 ccSet_N360 - ok
23:40:09.0522 1932 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
23:40:09.0522 1932 cdfs - ok
23:40:09.0662 1932 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
23:40:09.0662 1932 cdrom - ok
23:40:09.0803 1932 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
23:40:09.0818 1932 CertPropSvc - ok
23:40:09.0943 1932 circlass (f28f00596824058bc61d5edf434c9b82) C:\Windows\system32\drivers\circlass.sys
23:40:09.0943 1932 circlass - ok
23:40:10.0006 1932 CLCapSvc (dbafc6734c054feef9087754bd80f847) C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
23:40:10.0037 1932 CLCapSvc - ok
23:40:10.0162 1932 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
23:40:10.0162 1932 CLFS - ok
23:40:10.0286 1932 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:40:10.0302 1932 clr_optimization_v2.0.50727_32 - ok
23:40:10.0411 1932 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:40:10.0427 1932 clr_optimization_v2.0.50727_64 - ok
23:40:10.0583 1932 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:40:10.0661 1932 clr_optimization_v4.0.30319_32 - ok
23:40:11.0176 1932 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:40:11.0207 1932 clr_optimization_v4.0.30319_64 - ok
23:40:11.0285 1932 CLSched (e67f8f036fd882e4ab62501c0d45b536) C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLSched.exe
23:40:11.0285 1932 CLSched - ok
23:40:11.0441 1932 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
23:40:11.0441 1932 CmBatt - ok
23:40:11.0566 1932 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
23:40:11.0566 1932 cmdide - ok
23:40:11.0706 1932 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
23:40:11.0706 1932 Compbatt - ok
23:40:11.0800 1932 COMSysApp - ok
23:40:11.0846 1932 crcdisk (b1192dcd5b9cf46beed0e2a9e5bcf59a) C:\Windows\system32\drivers\crcdisk.sys
23:40:11.0846 1932 crcdisk - ok
23:40:11.0971 1932 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
23:40:11.0971 1932 CryptSvc - ok
23:40:12.0112 1932 CSC (f60f50c8ed3fcbe358430b95fe27d09c) C:\Windows\system32\drivers\csc.sys
23:40:12.0112 1932 CSC - ok
23:40:12.0252 1932 CscService (1b5f256d31836ed2ba60b3a6c800200c) C:\Windows\System32\cscsvc.dll
23:40:12.0268 1932 CscService - ok
23:40:12.0439 1932 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
23:40:12.0455 1932 ctxusbm - ok
23:40:12.0595 1932 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
23:40:12.0611 1932 DcomLaunch - ok
23:40:12.0782 1932 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
23:40:12.0782 1932 DfsC - ok
23:40:12.0954 1932 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
23:40:13.0016 1932 DFSR - ok
23:40:13.0188 1932 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
23:40:13.0188 1932 Dhcp - ok
23:40:13.0344 1932 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
23:40:13.0344 1932 disk - ok
23:40:13.0453 1932 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
23:40:13.0469 1932 Dnscache - ok
23:40:13.0578 1932 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
23:40:13.0578 1932 dot3svc - ok
23:40:13.0703 1932 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
23:40:13.0703 1932 DPS - ok
23:40:13.0843 1932 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
23:40:13.0843 1932 drmkaud - ok
23:40:13.0999 1932 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
23:40:14.0015 1932 DXGKrnl - ok
23:40:14.0186 1932 E1G60 (d57fe09b575545738a73a0c193d0616a) C:\Windows\system32\DRIVERS\E1G6032E.sys
23:40:14.0186 1932 E1G60 - ok
23:40:14.0342 1932 eabfiltr (1fc3a78d77d10f278a0e35e2fe6e0cae) C:\Windows\system32\DRIVERS\eabfiltr64.sys
23:40:14.0342 1932 eabfiltr - ok
23:40:14.0467 1932 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
23:40:14.0467 1932 EapHost - ok
23:40:14.0654 1932 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
23:40:14.0654 1932 Ecache - ok
23:40:14.0795 1932 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
23:40:14.0795 1932 eeCtrl - ok
23:40:14.0888 1932 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
23:40:14.0904 1932 ehRecvr - ok
23:40:14.0935 1932 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
23:40:14.0935 1932 ehSched - ok
23:40:15.0044 1932 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
23:40:15.0044 1932 ehstart - ok
23:40:15.0185 1932 elxstor (3d6298aff3fe06c0616ce5d090a3eeaa) C:\Windows\system32\drivers\elxstor.sys
23:40:15.0185 1932 elxstor - ok
23:40:15.0325 1932 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
23:40:15.0325 1932 EMDMgmt - ok
23:40:15.0466 1932 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:40:15.0466 1932 EraserUtilRebootDrv - ok
23:40:15.0590 1932 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
23:40:15.0590 1932 EventSystem - ok
23:40:15.0731 1932 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
23:40:15.0746 1932 exfat - ok
23:40:15.0887 1932 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
23:40:15.0887 1932 fastfat - ok
23:40:16.0012 1932 Fax (989a776a2ff32a148fcf15c44058b129) C:\Windows\system32\fxssvc.exe
23:40:16.0012 1932 Fax - ok
23:40:16.0168 1932 fdc (61b6dbd1ad1143f008364d4e9a96b224) C:\Windows\system32\DRIVERS\fdc.sys
23:40:16.0168 1932 fdc - ok
23:40:16.0277 1932 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
23:40:16.0277 1932 fdPHost - ok
23:40:16.0386 1932 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
23:40:16.0386 1932 FDResPub - ok
23:40:16.0542 1932 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
23:40:16.0542 1932 FileInfo - ok
23:40:16.0698 1932 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
23:40:16.0698 1932 Filetrace - ok
23:40:16.0792 1932 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:40:16.0807 1932 FLEXnet Licensing Service - ok
23:40:16.0948 1932 flpydisk (12c3d1b4d0ce49e1ce343ba2f22f15e0) C:\Windows\system32\DRIVERS\flpydisk.sys
23:40:16.0948 1932 flpydisk - ok
23:40:17.0104 1932 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
23:40:17.0104 1932 FltMgr - ok
23:40:17.0275 1932 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
23:40:17.0306 1932 FontCache - ok
23:40:17.0447 1932 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:40:17.0462 1932 FontCache3.0.0.0 - ok
23:40:17.0587 1932 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
23:40:17.0587 1932 Fs_Rec - ok
23:40:17.0728 1932 fvevol (849e38db7d829962d0233a0a252b60c3) C:\Windows\system32\DRIVERS\fvevol.sys
23:40:17.0728 1932 fvevol - ok
23:40:17.0868 1932 gagp30kx (b54520cc7b4b55134d7527b1cd3fc1f2) C:\Windows\system32\drivers\gagp30kx.sys
23:40:17.0868 1932 gagp30kx - ok
23:40:18.0008 1932 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:40:18.0008 1932 GEARAspiWDM - ok
23:40:18.0149 1932 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
23:40:18.0149 1932 gpsvc - ok
23:40:18.0320 1932 GSService (6284f18abd00fb134802d1098d27a95f) C:\Windows\SysWOW64\GSService.exe
23:40:18.0367 1932 GSService - ok
23:40:18.0508 1932 HBtnKey (60654343233616d5b1b6d1d87d83cd8c) C:\Windows\system32\DRIVERS\cpqbttn64.sys
23:40:18.0508 1932 HBtnKey - ok
23:40:18.0664 1932 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
23:40:18.0679 1932 HdAudAddService - ok
23:40:18.0835 1932 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:40:18.0851 1932 HDAudBus - ok
23:40:19.0038 1932 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
23:40:19.0038 1932 HidBth - ok
23:40:19.0163 1932 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
23:40:19.0163 1932 HidIr - ok
23:40:19.0288 1932 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\System32\hidserv.dll
23:40:19.0288 1932 hidserv - ok
23:40:19.0397 1932 HidUsb (d02c82cb3a20f391c8aeff94e8e0baa1) C:\Windows\system32\drivers\hidusb.sys
23:40:19.0397 1932 HidUsb - ok
23:40:19.0506 1932 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
23:40:19.0506 1932 hkmsvc - ok
23:40:19.0615 1932 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
23:40:19.0615 1932 HP Health Check Service - ok
23:40:19.0771 1932 HpCISSs (8edc820115df1e04763b2923676ea5b2) C:\Windows\system32\drivers\hpcisss.sys
23:40:19.0771 1932 HpCISSs - ok
23:40:19.0865 1932 hpqwmiex (04c1dcbb226c6ae647b794833ce3ceb6) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
23:40:19.0865 1932 hpqwmiex - ok
23:40:20.0036 1932 HSFHWAZL (57ba73b5b321291e5114cb21350e1ea0) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
23:40:20.0036 1932 HSFHWAZL - ok
23:40:20.0208 1932 HSF_DPV (e6cd7f641916484b0141d191a390d866) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
23:40:20.0255 1932 HSF_DPV - ok
23:40:20.0489 1932 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
23:40:20.0504 1932 HTTP - ok
23:40:20.0645 1932 i2omp (f2901763845570ecac48e6a50ec50812) C:\Windows\system32\drivers\i2omp.sys
23:40:20.0645 1932 i2omp - ok
23:40:20.0785 1932 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
23:40:20.0785 1932 i8042prt - ok
23:40:20.0863 1932 IAANTMON (582f2d900a3ac34c98fbdc2c0abef6b9) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
23:40:20.0879 1932 IAANTMON - ok
23:40:21.0019 1932 iaStor (2ee127d5407da3957ee54711c9aed6ec) C:\Windows\system32\DRIVERS\iaStor.sys
23:40:21.0019 1932 iaStor - ok
23:40:21.0144 1932 iaStorV (72c3ee7ea3cd75a772e62ae0e5df8b8c) C:\Windows\system32\drivers\iastorv.sys
23:40:21.0160 1932 iaStorV - ok
23:40:21.0238 1932 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
23:40:21.0238 1932 IDriverT - ok
23:40:21.0362 1932 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:40:21.0378 1932 idsvc - ok
23:40:21.0628 1932 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\IPSDefs\20120401.001\IDSvia64.sys
23:40:21.0643 1932 IDSVia64 - ok
23:40:21.0768 1932 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
23:40:21.0784 1932 iirsp - ok
23:40:21.0908 1932 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
23:40:21.0924 1932 IKEEXT - ok
23:40:22.0096 1932 IntcAzAudAddService (0ebb3e69dff70faf80c4bc83adcb9d5f) C:\Windows\system32\drivers\RTKVHD64.sys
23:40:22.0127 1932 IntcAzAudAddService - ok
23:40:22.0298 1932 intelide (36a266c673812878996f72b200203fbb) C:\Windows\system32\drivers\intelide.sys
23:40:22.0314 1932 intelide - ok
23:40:22.0439 1932 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
23:40:22.0439 1932 intelppm - ok
23:40:22.0579 1932 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
23:40:22.0579 1932 IPBusEnum - ok
23:40:22.0720 1932 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:40:22.0720 1932 IpFilterDriver - ok
23:40:22.0844 1932 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
23:40:22.0844 1932 iphlpsvc - ok
23:40:22.0954 1932 IpInIp - ok
23:40:23.0063 1932 IPMIDRV (eacdbbe429c6d170bdeee0effcbc317b) C:\Windows\system32\drivers\ipmidrv.sys
23:40:23.0063 1932 IPMIDRV - ok
23:40:23.0219 1932 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
23:40:23.0219 1932 IPNAT - ok
23:40:23.0312 1932 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
23:40:23.0328 1932 iPod Service - ok
23:40:23.0531 1932 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
23:40:23.0531 1932 IRENUM - ok
23:40:23.0671 1932 isapnp (d3bb520b31f28c1a065cd058e762ee73) C:\Windows\system32\drivers\isapnp.sys
23:40:23.0687 1932 isapnp - ok
23:40:23.0858 1932 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
23:40:23.0858 1932 iScsiPrt - ok
23:40:23.0983 1932 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
23:40:23.0983 1932 iteatapi - ok
23:40:24.0108 1932 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
23:40:24.0108 1932 iteraid - ok
23:40:24.0233 1932 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
23:40:24.0233 1932 kbdclass - ok
23:40:24.0358 1932 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
23:40:24.0358 1932 kbdhid - ok
23:40:24.0420 1932 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
23:40:24.0420 1932 KeyIso - ok
23:40:24.0498 1932 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
23:40:24.0514 1932 KSecDD - ok
23:40:24.0670 1932 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
23:40:24.0670 1932 ksthunk - ok
23:40:24.0748 1932 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
23:40:24.0748 1932 KtmRm - ok
23:40:24.0872 1932 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\System32\srvsvc.dll
23:40:24.0872 1932 LanmanServer - ok
23:40:24.0997 1932 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
23:40:25.0044 1932 LanmanWorkstation - ok
23:40:25.0106 1932 LightScribeService (559c9b7800fac92fc515cd0003d7c631) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
23:40:25.0106 1932 LightScribeService - ok
23:40:25.0231 1932 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
23:40:25.0231 1932 lltdio - ok
23:40:25.0294 1932 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
23:40:25.0294 1932 lltdsvc - ok
23:40:25.0418 1932 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
23:40:25.0418 1932 lmhosts - ok
23:40:25.0512 1932 LSI_FC (1572f8d999c0ab4376afdce058a78df9) C:\Windows\system32\drivers\lsi_fc.sys
23:40:25.0512 1932 LSI_FC - ok
23:40:25.0637 1932 LSI_SAS (64470979c3e3c9ff60edfb5230c56e0e) C:\Windows\system32\drivers\lsi_sas.sys
23:40:25.0637 1932 LSI_SAS - ok
23:40:25.0715 1932 LSI_SCSI (4ced7d3b54bfc5bbae75c4a73c7f7428) C:\Windows\system32\drivers\lsi_scsi.sys
23:40:25.0715 1932 LSI_SCSI - ok
23:40:25.0871 1932 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
23:40:25.0871 1932 luafv - ok
23:40:26.0042 1932 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
23:40:26.0042 1932 mcdbus - ok
23:40:26.0167 1932 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
23:40:26.0167 1932 Mcx2Svc - ok
23:40:26.0261 1932 megasas (2f631c2939d5f2e8958935ee701d70d7) C:\Windows\system32\drivers\megasas.sys
23:40:26.0261 1932 megasas - ok
23:40:26.0370 1932 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
23:40:26.0370 1932 MMCSS - ok
23:40:26.0432 1932 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
23:40:26.0432 1932 Modem - ok
23:40:26.0542 1932 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
23:40:26.0542 1932 monitor - ok
23:40:26.0666 1932 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
23:40:26.0666 1932 mouclass - ok
23:40:26.0838 1932 mouhid (8b723ed4d5dbbc47a5f54af0515bc245) C:\Windows\system32\drivers\mouhid.sys
23:40:26.0838 1932 mouhid - ok
23:40:27.0010 1932 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
23:40:27.0010 1932 MountMgr - ok
23:40:27.0166 1932 mpio (ed48eac719ee28db773359eb1b06e2b5) C:\Windows\system32\drivers\mpio.sys
23:40:27.0166 1932 mpio - ok
23:40:27.0306 1932 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
23:40:27.0322 1932 mpsdrv - ok
23:40:27.0446 1932 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
23:40:27.0446 1932 MpsSvc - ok
23:40:27.0571 1932 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
23:40:27.0571 1932 Mraid35x - ok
23:40:27.0727 1932 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
23:40:27.0727 1932 MRxDAV - ok
23:40:27.0836 1932 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:40:27.0836 1932 mrxsmb - ok
23:40:27.0961 1932 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:40:27.0977 1932 mrxsmb10 - ok
23:40:28.0102 1932 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:40:28.0102 1932 mrxsmb20 - ok
23:40:28.0226 1932 msahci (eeadf970795148bfbb1db3abcc89c16b) C:\Windows\system32\drivers\msahci.sys
23:40:28.0226 1932 msahci - ok
23:40:28.0351 1932 msdsm (96d7c0a1b98434c6e4ff0c2e26a0e20a) C:\Windows\system32\drivers\msdsm.sys
23:40:28.0367 1932 msdsm - ok
23:40:28.0476 1932 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
23:40:28.0476 1932 MSDTC - ok
23:40:28.0632 1932 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
23:40:28.0632 1932 Msfs - ok
23:40:28.0788 1932 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
23:40:28.0788 1932 msisadrv - ok
23:40:28.0882 1932 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
23:40:28.0882 1932 MSiSCSI - ok
23:40:28.0913 1932 msiserver - ok
23:40:29.0006 1932 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
23:40:29.0006 1932 MSKSSRV - ok
23:40:29.0147 1932 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
23:40:29.0147 1932 MSPCLOCK - ok
23:40:29.0287 1932 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
23:40:29.0287 1932 MSPQM - ok
23:40:29.0428 1932 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
23:40:29.0428 1932 MsRPC - ok
23:40:29.0568 1932 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
23:40:29.0568 1932 mssmbios - ok
23:40:29.0708 1932 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
23:40:29.0708 1932 MSTEE - ok
23:40:29.0849 1932 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
23:40:29.0849 1932 Mup - ok
23:40:30.0098 1932 N360 (7a02f128a454bb22e300f3f80bc1bd22) C:\Program Files (x86)\Norton 360\Engine\6.1.2.10\ccSvcHst.exe
23:40:30.0098 1932 N360 - ok
23:40:30.0223 1932 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
23:40:30.0239 1932 napagent - ok
23:40:30.0410 1932 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
23:40:30.0410 1932 NativeWifiP - ok
23:40:30.0598 1932 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20120402.002\ENG64.SYS
23:40:30.0598 1932 NAVENG - ok
23:40:30.0691 1932 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20120402.002\EX64.SYS
23:40:30.0738 1932 NAVEX15 - ok
23:40:30.0941 1932 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
23:40:30.0956 1932 NDIS - ok
23:40:31.0081 1932 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
23:40:31.0097 1932 NdisTapi - ok
23:40:31.0237 1932 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
23:40:31.0237 1932 Ndisuio - ok
23:40:31.0378 1932 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
23:40:31.0378 1932 NdisWan - ok
23:40:31.0518 1932 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
23:40:31.0518 1932 NDProxy - ok
23:40:31.0658 1932 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
23:40:31.0658 1932 NetBIOS - ok
23:40:31.0799 1932 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
23:40:31.0814 1932 netbt - ok
23:40:31.0924 1932 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
23:40:31.0924 1932 Netlogon - ok
23:40:32.0033 1932 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
23:40:32.0048 1932 Netman - ok
23:40:32.0158 1932 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
23:40:32.0173 1932 netprofm - ok
23:40:32.0267 1932 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:40:32.0267 1932 NetTcpPortSharing - ok
23:40:32.0454 1932 NETw4v64 (7de3713d990d6a60ca1a6af8c410a098) C:\Windows\system32\DRIVERS\NETw4v64.sys
23:40:32.0516 1932 NETw4v64 - ok
23:40:32.0672 1932 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
23:40:32.0672 1932 nfrd960 - ok
23:40:32.0797 1932 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
23:40:32.0813 1932 NlaSvc - ok
23:40:32.0938 1932 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
23:40:32.0938 1932 Npfs - ok
23:40:33.0031 1932 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
23:40:33.0031 1932 nsi - ok
23:40:33.0172 1932 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
23:40:33.0172 1932 nsiproxy - ok
23:40:33.0343 1932 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
23:40:33.0374 1932 Ntfs - ok
23:40:33.0546 1932 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
23:40:33.0546 1932 Null - ok
23:40:33.0718 1932 NVENETFD (9733f305fa84aaf84e7fb09c0b345adb) C:\Windows\system32\DRIVERS\nvm60x64.sys
23:40:33.0733 1932 NVENETFD - ok
23:40:34.0123 1932 nvlddmkm (fd39b98ff1bb8ed3848781497e9d02e0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:40:34.0373 1932 nvlddmkm - ok
23:40:34.0591 1932 nvraid (840eeb44dc49317a6161961f7682cd99) C:\Windows\system32\drivers\nvraid.sys
23:40:34.0591 1932 nvraid - ok
23:40:34.0716 1932 nvstor (94c5334040a5d500897f4c5fd12aeede) C:\Windows\system32\drivers\nvstor.sys
23:40:34.0716 1932 nvstor - ok
23:40:34.0763 1932 nv_agp (aa1b6c86a4763502e20b65c025f39bad) C:\Windows\system32\drivers\nv_agp.sys
23:40:34.0778 1932 nv_agp - ok
23:40:34.0778 1932 NwlnkFlt - ok
23:40:34.0794 1932 NwlnkFwd - ok
23:40:34.0888 1932 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
23:40:34.0888 1932 ohci1394 - ok
23:40:35.0028 1932 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
23:40:35.0044 1932 p2pimsvc - ok
23:40:35.0059 1932 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
23:40:35.0059 1932 p2psvc - ok
23:40:35.0231 1932 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
23:40:35.0231 1932 Parport - ok
23:40:35.0371 1932 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
23:40:35.0387 1932 partmgr - ok
23:40:35.0434 1932 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
23:40:35.0449 1932 PcaSvc - ok
23:40:35.0512 1932 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
23:40:35.0512 1932 pci - ok
23:40:35.0558 1932 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\DRIVERS\pciide.sys
23:40:35.0558 1932 pciide - ok
23:40:35.0590 1932 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
23:40:35.0590 1932 pcmcia - ok
23:40:35.0636 1932 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
23:40:35.0652 1932 PEAUTH - ok
23:40:35.0761 1932 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
23:40:35.0777 1932 PerfHost - ok
23:40:35.0886 1932 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
23:40:35.0933 1932 pla - ok
23:40:36.0089 1932 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
23:40:36.0104 1932 PlugPlay - ok
23:40:36.0198 1932 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
23:40:36.0214 1932 PNRPAutoReg - ok
23:40:36.0229 1932 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
23:40:36.0245 1932 PNRPsvc - ok
23:40:36.0416 1932 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
23:40:36.0416 1932 PolicyAgent - ok
23:40:36.0510 1932 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
23:40:36.0510 1932 PptpMiniport - ok
23:40:36.0541 1932 Processor (6bc78e5f12cbb74e7930aaaa4a0db387) C:\Windows\system32\drivers\processr.sys
23:40:36.0541 1932 Processor - ok
23:40:36.0666 1932 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
23:40:36.0666 1932 ProfSvc - ok
23:40:36.0728 1932 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
23:40:36.0728 1932 ProtectedStorage - ok
23:40:36.0806 1932 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
23:40:36.0806 1932 PSched - ok
23:40:36.0916 1932 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
23:40:36.0916 1932 PxHlpa64 - ok
23:40:37.0072 1932 ql2300 (4a29d25704917161bad9b4659a248dfd) C:\Windows\system32\drivers\ql2300.sys
23:40:37.0087 1932 ql2300 - ok
23:40:37.0259 1932 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
23:40:37.0259 1932 ql40xx - ok
23:40:37.0368 1932 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
23:40:37.0384 1932 QWAVE - ok
23:40:37.0477 1932 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
23:40:37.0477 1932 QWAVEdrv - ok
23:40:37.0618 1932 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
23:40:37.0618 1932 RasAcd - ok
23:40:37.0664 1932 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
23:40:37.0664 1932 RasAuto - ok
23:40:37.0742 1932 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:40:37.0742 1932 Rasl2tp - ok
23:40:37.0836 1932 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
23:40:37.0836 1932 RasMan - ok
23:40:37.0914 1932 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
23:40:37.0914 1932 RasPppoe - ok
23:40:38.0054 1932 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
23:40:38.0054 1932 RasSstp - ok
23:40:38.0101 1932 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
23:40:38.0117 1932 rdbss - ok
23:40:38.0273 1932 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:40:38.0273 1932 RDPCDD - ok
23:40:38.0335 1932 rdpdr (ae23e79b13feb62939e2ca1189e71735) C:\Windows\system32\DRIVERS\rdpdr.sys
23:40:38.0335 1932 rdpdr - ok
23:40:38.0476 1932 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
23:40:38.0476 1932 RDPENCDD - ok
23:40:38.0538 1932 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys
23:40:38.0538 1932 RDPWD - ok
23:40:38.0663 1932 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
23:40:38.0663 1932 RemoteAccess - ok
23:40:38.0725 1932 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
23:40:38.0725 1932 RemoteRegistry - ok
23:40:38.0803 1932 RFCOMM (cd71e053d7260e4102d99a28f9196070) C:\Windows\system32\DRIVERS\rfcomm.sys
23:40:38.0803 1932 RFCOMM - ok
23:40:38.0944 1932 rimmptsk (b4f3bc53d885854b2ff3b78c32471151) C:\Windows\system32\DRIVERS\rimmpx64.sys
23:40:38.0944 1932 rimmptsk - ok
23:40:38.0959 1932 rimsptsk (82356915157ab59064a24993ae5be8aa) C:\Windows\system32\DRIVERS\rimspx64.sys
23:40:38.0959 1932 rimsptsk - ok
23:40:39.0131 1932 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
23:40:39.0131 1932 RimUsb - ok
23:40:39.0178 1932 rismxdp (7140aa6cbf2a96df74bccf79e225b9b0) C:\Windows\system32\DRIVERS\rixdpx64.sys
23:40:39.0178 1932 rismxdp - ok
23:40:39.0287 1932 RoxMediaDB9 (08fb7d968805001c7adcbb14b0651fa2) C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
23:40:39.0302 1932 RoxMediaDB9 - ok
23:40:39.0490 1932 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
23:40:39.0490 1932 RpcLocator - ok
23:40:39.0614 1932 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
23:40:39.0614 1932 RpcSs - ok
23:40:39.0692 1932 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
23:40:39.0692 1932 rspndr - ok
23:40:39.0848 1932 RTL8169 (d5be3b7b527af1cd06a7d985cee57e55) C:\Windows\system32\DRIVERS\Rtlh64.sys
23:40:39.0848 1932 RTL8169 - ok
23:40:39.0973 1932 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
23:40:39.0973 1932 SamSs - ok
23:40:40.0036 1932 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
23:40:40.0036 1932 SASDIFSV - ok
23:40:40.0051 1932 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
23:40:40.0051 1932 SASKUTIL - ok
23:40:40.0176 1932 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
23:40:40.0176 1932 sbp2port - ok
23:40:40.0285 1932 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
23:40:40.0285 1932 SCardSvr - ok
23:40:40.0348 1932 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
23:40:40.0363 1932 Schedule - ok
23:40:40.0535 1932 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
23:40:40.0550 1932 SCPolicySvc - ok
23:40:40.0675 1932 sdbus (be100bc2be2513314c717bb2c4cfff10) C:\Windows\system32\DRIVERS\sdbus.sys
23:40:40.0675 1932 sdbus - ok
23:40:40.0784 1932 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
23:40:40.0784 1932 SDRSVC - ok
23:40:40.0831 1932 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:40:40.0831 1932 secdrv - ok
23:40:40.0925 1932 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
23:40:40.0925 1932 seclogon - ok
23:40:40.0987 1932 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\system32\sens.dll
23:40:40.0987 1932 SENS - ok
23:40:41.0018 1932 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
23:40:41.0018 1932 Serenum - ok
23:40:41.0143 1932 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
23:40:41.0143 1932 Serial - ok
23:40:41.0284 1932 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
23:40:41.0284 1932 sermouse - ok
23:40:41.0346 1932 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
23:40:41.0346 1932 SessionEnv - ok
23:40:41.0393 1932 sffdisk (3a19c899bcf0ea24cfec2038e6a489db) C:\Windows\system32\DRIVERS\sffdisk.sys
23:40:41.0393 1932 sffdisk - ok
23:40:41.0518 1932 sffp_mmc (446e7cca3325c7e0ae0fde7f73cdd9c2) C:\Windows\system32\drivers\sffp_mmc.sys
23:40:41.0518 1932 sffp_mmc - ok
23:40:41.0658 1932 sffp_sd (fdca63a2eee528585eb66ceac183ec22) C:\Windows\system32\DRIVERS\sffp_sd.sys
23:40:41.0658 1932 sffp_sd - ok
23:40:41.0705 1932 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
23:40:41.0705 1932 sfloppy - ok
23:40:41.0814 1932 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
23:40:41.0814 1932 SharedAccess - ok
23:40:41.0970 1932 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
23:40:41.0986 1932 ShellHWDetection - ok
23:40:42.0048 1932 SiSRaid2 (08dda16573fa44f8b13afe74597ad2e5) C:\Windows\system32\drivers\sisraid2.sys
23:40:42.0048 1932 SiSRaid2 - ok
23:40:42.0173 1932 SiSRaid4 (c52259e9daaf3890d572d87ffee0979e) C:\Windows\system32\drivers\sisraid4.sys
23:40:42.0188 1932 SiSRaid4 - ok
23:40:42.0266 1932 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
23:40:42.0266 1932 SkypeUpdate - ok
23:40:42.0422 1932 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
23:40:42.0485 1932 slsvc - ok
23:40:42.0625 1932 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
23:40:42.0641 1932 SLUINotify - ok
23:40:42.0734 1932 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
23:40:42.0734 1932 Smb - ok
23:40:42.0906 1932 smserial (d9cb7e1e6812a39e0526d959a93f7299) C:\Windows\system32\DRIVERS\smserial.sys
23:40:42.0937 1932 smserial - ok
23:40:43.0187 1932 SMServer (5c52aa843e7fc9b798860dd75b04cee4) C:\Windows\SysWOW64\snmvtsvc.exe
23:40:43.0202 1932 SMServer - ok
23:40:43.0374 1932 SndTAudio (9b66190a755282e4a40ed4c93e0d54aa) C:\Windows\system32\drivers\SndTAudio.sys
23:40:43.0374 1932 SndTAudio - ok
23:40:43.0421 1932 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
23:40:43.0421 1932 SNMPTRAP - ok
23:40:43.0483 1932 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
23:40:43.0483 1932 spldr - ok
23:40:43.0577 1932 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
23:40:43.0577 1932 Spooler - ok
23:40:43.0702 1932 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\System32\Drivers\N360x64\0601020.00A\SRTSP64.SYS
23:40:43.0717 1932 SRTSP - ok
23:40:43.0904 1932 SRTSPX (7b02f64dc80c0ec7300af302ed5d1cb3) C:\Windows\system32\drivers\N360x64\0601020.00A\SRTSPX64.SYS
23:40:43.0904 1932 SRTSPX - ok
23:40:43.0982 1932 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
23:40:43.0998 1932 srv - ok
23:40:44.0107 1932 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
23:40:44.0107 1932 srv2 - ok
23:40:44.0232 1932 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
23:40:44.0232 1932 srvnet - ok
23:40:44.0341 1932 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
23:40:44.0341 1932 SSDPSRV - ok
23:40:44.0435 1932 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
23:40:44.0435 1932 SstpSvc - ok
23:40:44.0513 1932 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
23:40:44.0528 1932 stisvc - ok
23:40:44.0606 1932 stllssvr (a9a23c8af361f7a93fd632e91a8c346f) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
23:40:44.0606 1932 stllssvr - ok
23:40:44.0747 1932 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
23:40:44.0747 1932 swenum - ok
23:40:44.0872 1932 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
23:40:44.0887 1932 swprv - ok
23:40:44.0981 1932 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
23:40:44.0981 1932 Symc8xx - ok
23:40:45.0199 1932 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0601020.00A\SYMDS64.SYS
23:40:45.0199 1932 SymDS - ok
23:40:45.0449 1932 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0601020.00A\SYMEFA64.SYS
23:40:45.0464 1932 SymEFA - ok
23:40:45.0605 1932 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
23:40:45.0605 1932 SymEvent - ok
23:40:45.0792 1932 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0601020.00A\Ironx64.SYS
23:40:45.0792 1932 SymIRON - ok
23:40:45.0854 1932 SYMTDIv (a25fee245c78804601d83431386a0bee) C:\Windows\System32\Drivers\N360x64\0601020.00A\SYMTDIV.SYS
23:40:45.0854 1932 SYMTDIv - ok
23:40:45.0964 1932 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
23:40:45.0979 1932 Sym_hi - ok
23:40:46.0104 1932 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
23:40:46.0104 1932 Sym_u3 - ok
23:40:46.0260 1932 SynTP (738f2fbbaa79106113e7c83a79c56507) C:\Windows\system32\DRIVERS\SynTP.sys
23:40:46.0260 1932 SynTP - ok
23:40:46.0385 1932 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
23:40:46.0400 1932 SysMain - ok
23:40:46.0510 1932 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
23:40:46.0525 1932 TabletInputService - ok
23:40:46.0572 1932 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
23:40:46.0588 1932 TapiSrv - ok
23:40:46.0697 1932 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
23:40:46.0697 1932 TBS - ok
23:40:46.0822 1932 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
23:40:46.0853 1932 Tcpip - ok
23:40:47.0040 1932 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
23:40:47.0056 1932 Tcpip6 - ok
23:40:47.0243 1932 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
23:40:47.0243 1932 tcpipreg - ok
23:40:47.0305 1932 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
23:40:47.0305 1932 TDPIPE - ok
23:40:47.0368 1932 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
23:40:47.0368 1932 TDTCP - ok
23:40:47.0508 1932 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
23:40:47.0508 1932 tdx - ok
23:40:47.0570 1932 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
23:40:47.0570 1932 TermDD - ok
23:40:47.0664 1932 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
23:40:47.0680 1932 TermService - ok
23:40:47.0789 1932 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
23:40:47.0804 1932 Themes - ok
23:40:47.0867 1932 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
23:40:47.0867 1932 THREADORDER - ok
23:40:47.0992 1932 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
23:40:47.0992 1932 TrkWks - ok
23:40:48.0038 1932 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
23:40:48.0038 1932 TrustedInstaller - ok
23:40:48.0163 1932 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:40:48.0163 1932 tssecsrv - ok
23:40:48.0226 1932 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
23:40:48.0226 1932 tunmp - ok
23:40:48.0288 1932 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
23:40:48.0288 1932 tunnel - ok
23:40:48.0319 1932 uagp35 (e4722dfbd6232acf17543ef2c2dce8d2) C:\Windows\system32\drivers\uagp35.sys
23:40:48.0319 1932 uagp35 - ok
23:40:48.0475 1932 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
23:40:48.0475 1932 udfs - ok
23:40:48.0538 1932 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
23:40:48.0538 1932 UI0Detect - ok
23:40:48.0584 1932 uliagpkx (5663d7696abbe71f8c9d915c5374118a) C:\Windows\system32\drivers\uliagpkx.sys
23:40:48.0584 1932 uliagpkx - ok
23:40:48.0709 1932 uliahci (6030b68e86a30d1b315b51c4d7778b16) C:\Windows\system32\drivers\uliahci.sys
23:40:48.0709 1932 uliahci - ok
23:40:48.0865 1932 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
23:40:48.0865 1932 UlSata - ok
23:40:49.0021 1932 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
23:40:49.0021 1932 ulsata2 - ok
23:40:49.0162 1932 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
23:40:49.0162 1932 umbus - ok
23:40:49.0349 1932 UMPass (01abe05c401e70795b43a8933b44831e) C:\Windows\system32\DRIVERS\umpass.sys
23:40:49.0349 1932 UMPass - ok
23:40:49.0411 1932 UmRdpService (dc5e34f189b827199b9cc8481c648269) C:\Windows\System32\umrdp.dll
23:40:49.0411 1932 UmRdpService - ok
23:40:49.0474 1932 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
23:40:49.0474 1932 upnphost - ok
23:40:49.0645 1932 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
23:40:49.0645 1932 USBAAPL64 - ok
23:40:49.0801 1932 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
23:40:49.0801 1932 usbccgp - ok
23:40:49.0942 1932 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
23:40:49.0942 1932 usbcir - ok
23:40:50.0129 1932 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
23:40:50.0129 1932 usbehci - ok
23:40:50.0176 1932 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
23:40:50.0191 1932 usbhub - ok
23:40:50.0300 1932 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\DRIVERS\usbohci.sys
23:40:50.0300 1932 usbohci - ok
23:40:50.0456 1932 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
23:40:50.0456 1932 usbprint - ok
23:40:50.0519 1932 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:40:50.0519 1932 USBSTOR - ok
23:40:50.0644 1932 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
23:40:50.0644 1932 usbuhci - ok
23:40:50.0784 1932 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
23:40:50.0784 1932 usbvideo - ok
23:40:50.0878 1932 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
23:40:50.0893 1932 UxSms - ok
23:40:50.0940 1932 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
23:40:50.0956 1932 vds - ok
23:40:51.0096 1932 vga (2998dc48905e9b4821ad8fd75b3e070c) C:\Windows\system32\DRIVERS\vgapnp.sys
23:40:51.0096 1932 vga - ok
23:40:51.0268 1932 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
23:40:51.0268 1932 VgaSave - ok
23:40:51.0314 1932 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
23:40:51.0330 1932 viaide - ok
23:40:51.0470 1932 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
23:40:51.0470 1932 volmgr - ok
23:40:51.0533 1932 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
23:40:51.0533 1932 volmgrx - ok
23:40:51.0673 1932 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
23:40:51.0689 1932 volsnap - ok
23:40:51.0860 1932 vsmraid (410ae2c141142c58bc617fc2c677f8b0) C:\Windows\system32\drivers\vsmraid.sys
23:40:51.0860 1932 vsmraid - ok
23:40:52.0001 1932 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
23:40:52.0032 1932 VSS - ok
23:40:52.0172 1932 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
23:40:52.0172 1932 W32Time - ok
23:40:52.0266 1932 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
23:40:52.0266 1932 WacomPen - ok
23:40:52.0438 1932 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
23:40:52.0438 1932 Wanarp - ok
23:40:52.0438 1932 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
23:40:52.0438 1932 Wanarpv6 - ok
23:40:52.0516 1932 wbengine (48eee289df9e4989128b2283f3eeacc6) C:\Windows\system32\wbengine.exe
23:40:52.0547 1932 wbengine - ok
23:40:52.0578 1932 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
23:40:52.0594 1932 wcncsvc - ok
23:40:52.0640 1932 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
23:40:52.0640 1932 WcsPlugInService - ok
23:40:52.0781 1932 Wd (59b501b0a04c9672142b7ffa2bdbf663) C:\Windows\system32\drivers\wd.sys
23:40:52.0781 1932 Wd - ok
23:40:52.0952 1932 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
23:40:52.0968 1932 Wdf01000 - ok
23:40:53.0108 1932 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
23:40:53.0108 1932 WdiServiceHost - ok
23:40:53.0108 1932 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
23:40:53.0108 1932 WdiSystemHost - ok
23:40:53.0218 1932 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
23:40:53.0218 1932 WebClient - ok
23:40:53.0342 1932 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
23:40:53.0342 1932 Wecsvc - ok
23:40:53.0405 1932 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
23:40:53.0405 1932 wercplsupport - ok
23:40:53.0530 1932 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
23:40:53.0530 1932 WerSvc - ok
23:40:53.0639 1932 winachsf (b5c348b265178fb9ee55addb3929485d) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
23:40:53.0639 1932 winachsf - ok
23:40:53.0686 1932 WinDefend - ok
23:40:53.0701 1932 WinHttpAutoProxySvc - ok
23:40:53.0857 1932 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
23:40:53.0873 1932 Winmgmt - ok
23:40:54.0013 1932 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
23:40:54.0107 1932 WinRM - ok
23:40:54.0294 1932 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
23:40:54.0294 1932 Wlansvc - ok
23:40:54.0434 1932 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:40:54.0434 1932 WmiAcpi - ok
23:40:54.0590 1932 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
23:40:54.0606 1932 wmiApSrv - ok
23:40:54.0637 1932 WMPNetworkSvc - ok
23:40:54.0762 1932 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
23:40:54.0762 1932 WPCSvc - ok
23:40:54.0887 1932 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
23:40:54.0887 1932 WPDBusEnum - ok
23:40:55.0074 1932 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:40:55.0090 1932 WPFFontCache_v0400 - ok
23:40:55.0214 1932 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
23:40:55.0214 1932 ws2ifsl - ok
23:40:55.0324 1932 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\system32\wscsvc.dll
23:40:55.0324 1932 wscsvc - ok
23:40:55.0339 1932 WSearch - ok
23:40:55.0448 1932 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
23:40:55.0511 1932 wuauserv - ok
23:40:55.0698 1932 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:40:55.0698 1932 WUDFRd - ok
23:40:55.0760 1932 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
23:40:55.0760 1932 wudfsvc - ok
23:40:55.0823 1932 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
23:40:55.0932 1932 \Device\Harddisk0\DR0 - ok
23:40:55.0932 1932 Boot (0x1200) (424812ab8e24933c9c616641305c238d) \Device\Harddisk0\DR0\Partition0
23:40:55.0932 1932 \Device\Harddisk0\DR0\Partition0 - ok
23:40:55.0932 1932 Boot (0x1200) (8f2a1ba960f8b48c967c9cf89a86b6ce) \Device\Harddisk0\DR0\Partition1
23:40:55.0948 1932 \Device\Harddisk0\DR0\Partition1 - ok
23:40:55.0948 1932 ============================================================
23:40:55.0948 1932 Scan finished
23:40:55.0948 1932 ============================================================
23:40:55.0948 1424 Detected object count: 0
23:40:55.0948 1424 Actual detected object count: 0

MBAM

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.04.01.04

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.19190
DAVID :: DAVID-PC [administrator]

Protection: Enabled

4/2/2012 11:50:03 PM
mbam-log-2012-04-02 (23-50-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 196447
Time elapsed: 6 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:43 AM

Posted 03 April 2012 - 11:56 AM

Let's try 2 more things as needed.

First...
Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).


If needed..
In Chrome it may be the Add ons/Plugins. try disabling them one at a time and see which one was at fault.

OR Disable All Extensions ,see if that worked,then you need to go back to one by one to see which ps the culprit.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 carpenoctem519

carpenoctem519
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 06 April 2012 - 06:38 PM

That did it. Thanks very much for all your help!

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:43 AM

Posted 06 April 2012 - 07:20 PM

It was the add on,correct?

You're welcome!!

Now you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users