Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hacker email


  • Please log in to reply
26 replies to this topic

#1 john baptist

john baptist

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Galloway NJ
  • Local time:05:50 PM

Posted 15 June 2012 - 08:02 AM

I clicked on a hyperlink sent from a hacked email account send me to a bogus website...The account owner said she had been hacked...What could the link have done to my pc? What should I do to check if I am corrupted? Below is the link can you tell me what it did? Thank you John


EDIT Broke potentially harmful link.
hXXp://ipaintedit.com/wp-content/themes/twentyten/reospa.php?Parsnip+Turnip

Edited by boopme, 16 June 2012 - 06:45 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:50 PM

Posted 15 June 2012 - 11:37 AM

That is the link sent to you or we you were sent by clicking the received link?

Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 john baptist

john baptist
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Galloway NJ
  • Local time:05:50 PM

Posted 15 June 2012 - 11:54 AM

Yes That Link was sent to me and I clicked it

#4 john baptist

john baptist
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Galloway NJ
  • Local time:05:50 PM

Posted 15 June 2012 - 12:19 PM

I ran both programs

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.15.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: YOUR-52343A8659 [administrator]

6/15/2012 1:07:51 PM
mbam-log-2012-06-15 (13-07-51).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 226226
Time elapsed: 6 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:50 PM

Posted 15 June 2012 - 12:39 PM

Hi, Run one more quick scan.

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



I got nothing off the link malware wise.

Do you still have the email and can you scan that email with your AV or MBAM??
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 john baptist

john baptist
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Galloway NJ
  • Local time:05:50 PM

Posted 15 June 2012 - 01:13 PM

I tried to scan the email, but I dont think I have a program that will ?? Here is the log file.

13:59:54.0109 3444 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
13:59:55.0125 3444 ============================================================
13:59:55.0125 3444 Current date / time: 2012/06/15 13:59:55.0125
13:59:55.0125 3444 SystemInfo:
13:59:55.0125 3444
13:59:55.0125 3444 OS Version: 5.1.2600 ServicePack: 3.0
13:59:55.0125 3444 Product type: Workstation
13:59:55.0125 3444 ComputerName: YOUR-52343A8659
13:59:55.0125 3444 UserName: Administrator
13:59:55.0125 3444 Windows directory: C:\WINDOWS
13:59:55.0125 3444 System windows directory: C:\WINDOWS
13:59:55.0125 3444 Processor architecture: Intel x86
13:59:55.0125 3444 Number of processors: 4
13:59:55.0125 3444 Page size: 0x1000
13:59:55.0125 3444 Boot type: Normal boot
13:59:55.0125 3444 ============================================================
13:59:55.0453 3444 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:59:55.0453 3444 Drive \Device\Harddisk1\DR3 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:59:56.0046 3444 ============================================================
13:59:56.0046 3444 \Device\Harddisk0\DR0:
13:59:56.0062 3444 MBR partitions:
13:59:56.0062 3444 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x944E1D, BlocksNum 0x1C87B8A3
13:59:56.0062 3444 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x944DDE
13:59:56.0062 3444 \Device\Harddisk1\DR3:
13:59:56.0062 3444 MBR partitions:
13:59:56.0062 3444 \Device\Harddisk1\DR3\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x4A856E82
13:59:56.0062 3444 ============================================================
13:59:56.0109 3444 C: <-> \Device\Harddisk0\DR0\Partition0
13:59:56.0109 3444 D: <-> \Device\Harddisk0\DR0\Partition1
13:59:56.0109 3444 K: <-> \Device\Harddisk1\DR3\Partition0
13:59:56.0125 3444 ============================================================
13:59:56.0125 3444 Initialize success
13:59:56.0125 3444 ============================================================
14:00:00.0187 3400 ============================================================
14:00:00.0187 3400 Scan started
14:00:00.0187 3400 Mode: Manual;
14:00:00.0187 3400 ============================================================
14:00:01.0078 3400 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
14:00:01.0078 3400 !SASCORE - ok
14:00:01.0234 3400 Abiosdsk - ok
14:00:01.0250 3400 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:00:01.0250 3400 abp480n5 - ok
14:00:01.0296 3400 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:00:01.0296 3400 ACPI - ok
14:00:01.0343 3400 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:00:01.0343 3400 ACPIEC - ok
14:00:01.0359 3400 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:00:01.0359 3400 adpu160m - ok
14:00:01.0375 3400 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:00:01.0390 3400 aec - ok
14:00:01.0406 3400 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:00:01.0406 3400 AFD - ok
14:00:01.0421 3400 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
14:00:01.0421 3400 agp440 - ok
14:00:01.0437 3400 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
14:00:01.0437 3400 agpCPQ - ok
14:00:01.0437 3400 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
14:00:01.0437 3400 Aha154x - ok
14:00:01.0437 3400 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:00:01.0437 3400 aic78u2 - ok
14:00:01.0453 3400 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:00:01.0453 3400 aic78xx - ok
14:00:01.0468 3400 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
14:00:01.0468 3400 Alerter - ok
14:00:01.0546 3400 AlertService (30029236e15551871930c44f98c84978) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
14:00:01.0546 3400 AlertService - ok
14:00:01.0562 3400 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
14:00:01.0562 3400 ALG - ok
14:00:01.0578 3400 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
14:00:01.0578 3400 AliIde - ok
14:00:01.0578 3400 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
14:00:01.0578 3400 alim1541 - ok
14:00:01.0578 3400 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
14:00:01.0578 3400 amdagp - ok
14:00:01.0593 3400 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
14:00:01.0593 3400 amsint - ok
14:00:01.0625 3400 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
14:00:01.0625 3400 AppMgmt - ok
14:00:01.0640 3400 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:00:01.0640 3400 Arp1394 - ok
14:00:01.0640 3400 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
14:00:01.0640 3400 asc - ok
14:00:01.0640 3400 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
14:00:01.0640 3400 asc3350p - ok
14:00:01.0656 3400 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
14:00:01.0656 3400 asc3550 - ok
14:00:01.0781 3400 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:00:01.0781 3400 aspnet_state - ok
14:00:01.0796 3400 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:00:01.0796 3400 AsyncMac - ok
14:00:01.0812 3400 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:00:01.0812 3400 atapi - ok
14:00:01.0812 3400 Atdisk - ok
14:00:01.0828 3400 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:00:01.0828 3400 Atmarpc - ok
14:00:01.0843 3400 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
14:00:01.0843 3400 AudioSrv - ok
14:00:01.0859 3400 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:00:01.0859 3400 audstub - ok
14:00:01.0875 3400 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:00:01.0875 3400 Beep - ok
14:00:02.0109 3400 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120531.001\BHDrvx86.sys
14:00:02.0125 3400 BHDrvx86 - ok
14:00:02.0171 3400 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
14:00:02.0171 3400 BITS - ok
14:00:02.0234 3400 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
14:00:02.0234 3400 Browser - ok
14:00:02.0296 3400 catchme - ok
14:00:02.0375 3400 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
14:00:02.0375 3400 cbidf - ok
14:00:02.0375 3400 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:00:02.0375 3400 cbidf2k - ok
14:00:02.0406 3400 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:00:02.0406 3400 CCDECODE - ok
14:00:02.0406 3400 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
14:00:02.0406 3400 cd20xrnt - ok
14:00:02.0421 3400 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:00:02.0421 3400 Cdaudio - ok
14:00:02.0421 3400 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:00:02.0437 3400 Cdfs - ok
14:00:02.0453 3400 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:00:02.0453 3400 Cdrom - ok
14:00:02.0453 3400 Changer - ok
14:00:02.0484 3400 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
14:00:02.0484 3400 CiSvc - ok
14:00:02.0484 3400 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
14:00:02.0484 3400 ClipSrv - ok
14:00:02.0609 3400 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:00:02.0609 3400 clr_optimization_v2.0.50727_32 - ok
14:00:02.0640 3400 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:00:02.0640 3400 CmBatt - ok
14:00:02.0671 3400 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
14:00:02.0671 3400 CmdIde - ok
14:00:02.0671 3400 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:00:02.0671 3400 Compbatt - ok
14:00:02.0718 3400 CompFilter (216f2c5cd4b5858d9a80a09a5479562b) C:\WINDOWS\system32\DRIVERS\lvbusflt.sys
14:00:02.0718 3400 CompFilter - ok
14:00:02.0718 3400 COMSysApp - ok
14:00:02.0718 3400 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14:00:02.0718 3400 Cpqarray - ok
14:00:02.0734 3400 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
14:00:02.0734 3400 CryptSvc - ok
14:00:02.0750 3400 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
14:00:02.0750 3400 dac2w2k - ok
14:00:02.0750 3400 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14:00:02.0750 3400 dac960nt - ok
14:00:02.0796 3400 DcCam (6f9ea0f7edd83a67b52482df721a5fa4) C:\WINDOWS\system32\DRIVERS\DcCam.sys
14:00:02.0796 3400 DcCam - ok
14:00:02.0812 3400 DcFpoint (cbb5f72a33fa4013acd8e9a2382e898b) C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
14:00:02.0812 3400 DcFpoint - ok
14:00:02.0828 3400 DCFS2K (8214bfcbcf2ed5751b1db9288dae88ca) C:\WINDOWS\system32\drivers\dcfs2k.sys
14:00:02.0828 3400 DCFS2K - ok
14:00:02.0859 3400 DcLps (b4b9ed249a335aba7afd7dd71917be69) C:\WINDOWS\system32\DRIVERS\DcLps.sys
14:00:02.0859 3400 DcLps - ok
14:00:02.0906 3400 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
14:00:02.0906 3400 DcomLaunch - ok
14:00:02.0937 3400 DcPTP (4ec04b31ac8870e9cb1c5379c54ee49d) C:\WINDOWS\system32\DRIVERS\DcPTP.sys
14:00:02.0937 3400 DcPTP - ok
14:00:02.0953 3400 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
14:00:02.0953 3400 Dhcp - ok
14:00:02.0984 3400 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:00:02.0984 3400 Disk - ok
14:00:02.0984 3400 dmadmin - ok
14:00:03.0046 3400 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
14:00:03.0046 3400 dmboot - ok
14:00:03.0062 3400 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
14:00:03.0062 3400 dmio - ok
14:00:03.0078 3400 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:00:03.0078 3400 dmload - ok
14:00:03.0093 3400 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
14:00:03.0093 3400 dmserver - ok
14:00:03.0109 3400 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:00:03.0109 3400 DMusic - ok
14:00:03.0140 3400 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
14:00:03.0140 3400 Dnscache - ok
14:00:03.0156 3400 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
14:00:03.0156 3400 Dot3svc - ok
14:00:03.0156 3400 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:00:03.0156 3400 dpti2o - ok
14:00:03.0187 3400 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:00:03.0187 3400 drmkaud - ok
14:00:03.0218 3400 e1express (12774e08ae0b9b418e55e7338ad8b0dc) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
14:00:03.0218 3400 e1express - ok
14:00:03.0234 3400 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
14:00:03.0234 3400 EapHost - ok
14:00:03.0375 3400 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
14:00:03.0375 3400 eeCtrl - ok
14:00:03.0437 3400 ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe
14:00:03.0453 3400 ehRecvr - ok
14:00:03.0468 3400 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe
14:00:03.0468 3400 ehSched - ok
14:00:03.0500 3400 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:00:03.0500 3400 EraserUtilRebootDrv - ok
14:00:03.0515 3400 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
14:00:03.0515 3400 ERSvc - ok
14:00:03.0546 3400 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
14:00:03.0546 3400 Eventlog - ok
14:00:03.0578 3400 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
14:00:03.0578 3400 EventSystem - ok
14:00:03.0671 3400 Exportit (8fd3ad7d6fc1ab129763b5c410c0f866) C:\WINDOWS\system32\DRIVERS\exportit.sys
14:00:03.0671 3400 Exportit - ok
14:00:03.0703 3400 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:00:03.0703 3400 Fastfat - ok
14:00:03.0750 3400 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:00:03.0750 3400 FastUserSwitchingCompatibility - ok
14:00:03.0781 3400 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:00:03.0781 3400 Fdc - ok
14:00:03.0796 3400 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
14:00:03.0796 3400 Fips - ok
14:00:03.0812 3400 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:00:03.0812 3400 Flpydisk - ok
14:00:03.0828 3400 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:00:03.0828 3400 FltMgr - ok
14:00:03.0937 3400 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:00:03.0937 3400 FontCache3.0.0.0 - ok
14:00:03.0953 3400 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:00:03.0953 3400 Fs_Rec - ok
14:00:03.0968 3400 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:00:03.0968 3400 Ftdisk - ok
14:00:04.0015 3400 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
14:00:04.0015 3400 GEARAspiWDM - ok
14:00:04.0046 3400 getPlusHelper - ok
14:00:04.0093 3400 GoProto (3800262165ce4a2b9d1ed09e2bce3e9c) C:\WINDOWS\system32\DRIVERS\goprot51.sys
14:00:04.0093 3400 GoProto - ok
14:00:04.0109 3400 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:00:04.0109 3400 Gpc - ok
14:00:04.0125 3400 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:00:04.0125 3400 HDAudBus - ok
14:00:04.0234 3400 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:00:04.0234 3400 helpsvc - ok
14:00:04.0250 3400 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
14:00:04.0265 3400 HidServ - ok
14:00:04.0265 3400 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:00:04.0265 3400 HidUsb - ok
14:00:04.0296 3400 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
14:00:04.0296 3400 hkmsvc - ok
14:00:04.0328 3400 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
14:00:04.0328 3400 hpn - ok
14:00:04.0375 3400 HSFHWBS2 (f3e718604c5a8a28003280d861d96c19) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
14:00:04.0375 3400 HSFHWBS2 - ok
14:00:04.0437 3400 HSF_DPV (4290713b7c3289ef87ee5ca474b21221) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
14:00:04.0437 3400 HSF_DPV - ok
14:00:04.0484 3400 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:00:04.0484 3400 HTTP - ok
14:00:04.0500 3400 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
14:00:04.0500 3400 HTTPFilter - ok
14:00:04.0531 3400 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
14:00:04.0531 3400 i2omgmt - ok
14:00:04.0531 3400 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
14:00:04.0531 3400 i2omp - ok
14:00:04.0546 3400 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:00:04.0546 3400 i8042prt - ok
14:00:04.0687 3400 IAANTMON (b122be74e283a2bc7febc180bfd2efd5) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
14:00:04.0687 3400 IAANTMON - ok
14:00:04.0718 3400 IAMTXP (b705032db7053e255d331ac8a639a1d3) C:\WINDOWS\system32\DRIVERS\IAMTXP.sys
14:00:04.0718 3400 IAMTXP - ok
14:00:04.0750 3400 iaStor (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\DRIVERS\IASTOR.SYS
14:00:04.0750 3400 iaStor - ok
14:00:04.0906 3400 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:00:04.0906 3400 idsvc - ok
14:00:05.0156 3400 IDSxpx86 (c924bf6d42b3d9292268ff1998596bd1) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120613.007\IDSxpx86.sys
14:00:05.0156 3400 IDSxpx86 - ok
14:00:05.0281 3400 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:00:05.0281 3400 Imapi - ok
14:00:05.0312 3400 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
14:00:05.0312 3400 ImapiService - ok
14:00:05.0375 3400 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
14:00:05.0375 3400 ini910u - ok
14:00:05.0375 3400 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
14:00:05.0375 3400 IntelIde - ok
14:00:05.0406 3400 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:00:05.0406 3400 intelppm - ok
14:00:05.0421 3400 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:00:05.0421 3400 Ip6Fw - ok
14:00:05.0421 3400 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:00:05.0437 3400 IpFilterDriver - ok
14:00:05.0437 3400 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:00:05.0437 3400 IpInIp - ok
14:00:05.0453 3400 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:00:05.0453 3400 IpNat - ok
14:00:05.0468 3400 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:00:05.0468 3400 IPSec - ok
14:00:05.0484 3400 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:00:05.0484 3400 IRENUM - ok
14:00:05.0500 3400 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:00:05.0500 3400 isapnp - ok
14:00:05.0687 3400 ISSM (7e9335d8ffe00c0af3ffbd736139376e) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
14:00:05.0687 3400 ISSM - ok
14:00:05.0781 3400 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
14:00:05.0781 3400 JavaQuickStarterService - ok
14:00:05.0796 3400 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:00:05.0796 3400 Kbdclass - ok
14:00:05.0796 3400 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:00:05.0796 3400 kbdhid - ok
14:00:05.0828 3400 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:00:05.0828 3400 kmixer - ok
14:00:05.0875 3400 KodakCCS (7f65e6ca00fab75b13daba8ca49479b9) C:\WINDOWS\system32\drivers\KodakCCS.exe
14:00:05.0875 3400 KodakCCS - ok
14:00:05.0906 3400 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:00:05.0906 3400 KSecDD - ok
14:00:05.0937 3400 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
14:00:05.0937 3400 lanmanserver - ok
14:00:05.0968 3400 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
14:00:05.0968 3400 lanmanworkstation - ok
14:00:05.0968 3400 Lbd - ok
14:00:05.0984 3400 lbrtfdc - ok
14:00:06.0000 3400 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
14:00:06.0000 3400 LmHosts - ok
14:00:06.0031 3400 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
14:00:06.0031 3400 LVPr2Mon - ok
14:00:06.0125 3400 LVPrcSrv (2333057542c91ae8228bdccc2e5f2632) C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
14:00:06.0125 3400 LVPrcSrv - ok
14:00:06.0156 3400 LVRS (a1857fbb9b4930eeb2fd92386c45c529) C:\WINDOWS\system32\DRIVERS\lvrs.sys
14:00:06.0156 3400 LVRS - ok
14:00:06.0328 3400 LVUVC (3703406af0726badd24c5e552493e5b1) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
14:00:06.0359 3400 LVUVC - ok
14:00:06.0562 3400 M1 Server (ef4864ad4d7137db43c99df26a483a20) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
14:00:06.0562 3400 M1 Server - ok
14:00:06.0796 3400 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
14:00:06.0796 3400 MarvinBus - ok
14:00:06.0875 3400 MCLServiceATL (8ec6c20b2c1570f0410de2fbfd58b934) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
14:00:06.0875 3400 MCLServiceATL - ok
14:00:06.0906 3400 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe
14:00:06.0906 3400 McrdSvc - ok
14:00:06.0937 3400 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
14:00:06.0937 3400 mdmxsdk - ok
14:00:06.0953 3400 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
14:00:06.0953 3400 Messenger - ok
14:00:06.0984 3400 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll
14:00:06.0984 3400 MHN - ok
14:00:07.0000 3400 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
14:00:07.0000 3400 MHNDRV - ok
14:00:07.0015 3400 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:00:07.0015 3400 mnmdd - ok
14:00:07.0031 3400 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
14:00:07.0031 3400 mnmsrvc - ok
14:00:07.0062 3400 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
14:00:07.0062 3400 Modem - ok
14:00:07.0078 3400 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys
14:00:07.0093 3400 motmodem - ok
14:00:07.0093 3400 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:00:07.0093 3400 Mouclass - ok
14:00:07.0109 3400 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:00:07.0109 3400 mouhid - ok
14:00:07.0171 3400 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:00:07.0171 3400 MountMgr - ok
14:00:07.0187 3400 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
14:00:07.0187 3400 mraid35x - ok
14:00:07.0218 3400 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:00:07.0218 3400 MRxDAV - ok
14:00:07.0281 3400 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:00:07.0281 3400 MRxSmb - ok
14:00:07.0328 3400 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
14:00:07.0328 3400 MSDTC - ok
14:00:07.0328 3400 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:00:07.0343 3400 Msfs - ok
14:00:07.0343 3400 MSIServer - ok
14:00:07.0359 3400 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:00:07.0359 3400 MSKSSRV - ok
14:00:07.0375 3400 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:00:07.0375 3400 MSPCLOCK - ok
14:00:07.0390 3400 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:00:07.0390 3400 MSPQM - ok
14:00:07.0406 3400 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:00:07.0406 3400 mssmbios - ok
14:00:07.0421 3400 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
14:00:07.0421 3400 MSTEE - ok
14:00:07.0437 3400 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:00:07.0437 3400 Mup - ok
14:00:07.0578 3400 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
14:00:07.0578 3400 N360 - ok
14:00:07.0609 3400 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:00:07.0625 3400 NABTSFEC - ok
14:00:07.0640 3400 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
14:00:07.0656 3400 napagent - ok
14:00:08.0375 3400 NAVENG (f11033730b38260b6892e837c457fb4b) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120614.032\NAVENG.SYS
14:00:08.0375 3400 NAVENG - ok
14:00:08.0453 3400 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120614.032\NAVEX15.SYS
14:00:08.0468 3400 NAVEX15 - ok
14:00:08.0625 3400 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:00:08.0625 3400 NDIS - ok
14:00:08.0656 3400 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:00:08.0656 3400 NdisIP - ok
14:00:08.0687 3400 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:00:08.0687 3400 NdisTapi - ok
14:00:08.0734 3400 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:00:08.0734 3400 Ndisuio - ok
14:00:08.0734 3400 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:00:08.0734 3400 NdisWan - ok
14:00:08.0765 3400 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:00:08.0765 3400 NDProxy - ok
14:00:08.0781 3400 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:00:08.0781 3400 NetBIOS - ok
14:00:08.0812 3400 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:00:08.0812 3400 NetBT - ok
14:00:08.0843 3400 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
14:00:08.0843 3400 NetDDE - ok
14:00:08.0843 3400 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
14:00:08.0843 3400 NetDDEdsdm - ok
14:00:08.0859 3400 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:00:08.0859 3400 Netlogon - ok
14:00:08.0890 3400 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
14:00:08.0890 3400 Netman - ok
14:00:09.0000 3400 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:00:09.0000 3400 NetTcpPortSharing - ok
14:00:09.0015 3400 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:00:09.0015 3400 NIC1394 - ok
14:00:09.0046 3400 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
14:00:09.0046 3400 Nla - ok
14:00:09.0203 3400 Norton PC Checkup Application Launcher - ok
14:00:09.0265 3400 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:00:09.0265 3400 Npfs - ok
14:00:09.0312 3400 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:00:09.0328 3400 Ntfs - ok
14:00:09.0359 3400 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:00:09.0359 3400 NtLmSsp - ok
14:00:09.0421 3400 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
14:00:09.0421 3400 NtmsSvc - ok
14:00:09.0437 3400 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:00:09.0437 3400 Null - ok
14:00:09.0765 3400 nv (406ddab2b05d94d4818e97ff050d1bc6) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:00:09.0812 3400 nv - ok
14:00:09.0937 3400 NVSvc (b3adef87ee4eca88380d730b92bdb231) C:\WINDOWS\system32\nvsvc32.exe
14:00:09.0937 3400 NVSvc - ok
14:00:09.0984 3400 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:00:09.0984 3400 NwlnkFlt - ok
14:00:10.0000 3400 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:00:10.0000 3400 NwlnkFwd - ok
14:00:10.0093 3400 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:00:10.0093 3400 odserv - ok
14:00:10.0125 3400 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:00:10.0125 3400 ohci1394 - ok
14:00:10.0171 3400 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:00:10.0171 3400 ose - ok
14:00:10.0187 3400 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
14:00:10.0187 3400 Parport - ok
14:00:10.0187 3400 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:00:10.0187 3400 PartMgr - ok
14:00:10.0203 3400 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
14:00:10.0203 3400 ParVdm - ok
14:00:10.0343 3400 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files\Norton PC Checkup\Engine\2.0.4.131\ccSvcHst.exe
14:00:10.0343 3400 PCCUJobMgr - ok
14:00:10.0343 3400 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
14:00:10.0343 3400 PCI - ok
14:00:10.0343 3400 PCIDump - ok
14:00:10.0375 3400 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:00:10.0375 3400 PCIIde - ok
14:00:10.0390 3400 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys
14:00:10.0390 3400 PCLEPCI - ok
14:00:10.0406 3400 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
14:00:10.0406 3400 Pcmcia - ok
14:00:10.0421 3400 PDCOMP - ok
14:00:10.0421 3400 PDFRAME - ok
14:00:10.0421 3400 PDRELI - ok
14:00:10.0421 3400 PDRFRAME - ok
14:00:10.0421 3400 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
14:00:10.0421 3400 perc2 - ok
14:00:10.0421 3400 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
14:00:10.0437 3400 perc2hib - ok
14:00:10.0484 3400 PinnacleMarvinUsb (33f059df48cfa585d0292017546f3bfb) C:\WINDOWS\system32\DRIVERS\MarvinUsb.sys
14:00:10.0484 3400 PinnacleMarvinUsb - ok
14:00:10.0515 3400 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
14:00:10.0515 3400 PlugPlay - ok
14:00:10.0531 3400 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:00:10.0531 3400 PolicyAgent - ok
14:00:10.0546 3400 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:00:10.0546 3400 PptpMiniport - ok
14:00:10.0609 3400 PrismXL (f3c8d6e59a36d4dd5729782015e685a8) C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
14:00:10.0609 3400 PrismXL - ok
14:00:10.0625 3400 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:00:10.0625 3400 ProtectedStorage - ok
14:00:10.0640 3400 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:00:10.0656 3400 PSched - ok
14:00:10.0671 3400 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\WINDOWS\system32\DRIVERS\psi_mf.sys
14:00:10.0671 3400 PSI - ok
14:00:10.0687 3400 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:00:10.0687 3400 Ptilink - ok
14:00:10.0734 3400 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:00:10.0734 3400 PxHelp20 - ok
14:00:10.0734 3400 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
14:00:10.0734 3400 ql1080 - ok
14:00:10.0734 3400 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
14:00:10.0734 3400 Ql10wnt - ok
14:00:10.0734 3400 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
14:00:10.0734 3400 ql12160 - ok
14:00:10.0734 3400 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
14:00:10.0750 3400 ql1240 - ok
14:00:10.0750 3400 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
14:00:10.0750 3400 ql1280 - ok
14:00:10.0765 3400 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:00:10.0765 3400 RasAcd - ok
14:00:10.0781 3400 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
14:00:10.0781 3400 RasAuto - ok
14:00:10.0796 3400 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:00:10.0796 3400 Rasl2tp - ok
14:00:10.0828 3400 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
14:00:10.0843 3400 RasMan - ok
14:00:10.0859 3400 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:00:10.0859 3400 RasPppoe - ok
14:00:10.0875 3400 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:00:10.0875 3400 Raspti - ok
14:00:10.0906 3400 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:00:10.0906 3400 Rdbss - ok
14:00:10.0921 3400 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:00:10.0937 3400 RDPCDD - ok
14:00:10.0953 3400 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:00:10.0953 3400 rdpdr - ok
14:00:11.0000 3400 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
14:00:11.0000 3400 RDPWD - ok
14:00:11.0031 3400 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
14:00:11.0031 3400 RDSessMgr - ok
14:00:11.0046 3400 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:00:11.0046 3400 redbook - ok
14:00:11.0281 3400 Remote UI Service (029be8e287c6840f9b8483538cdb776b) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
14:00:11.0281 3400 Remote UI Service - ok
14:00:11.0312 3400 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
14:00:11.0312 3400 RemoteAccess - ok
14:00:11.0343 3400 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
14:00:11.0343 3400 RemoteRegistry - ok
14:00:11.0359 3400 RivaTuner32 (c0c8909be3ecc9df8089112bf9be954e) C:\Program Files\RivaTuner v2.24\RivaTuner32.sys
14:00:11.0359 3400 RivaTuner32 - ok
14:00:11.0375 3400 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
14:00:11.0375 3400 RpcLocator - ok
14:00:11.0421 3400 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
14:00:11.0421 3400 RpcSs - ok
14:00:11.0484 3400 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
14:00:11.0500 3400 RSVP - ok
14:00:11.0515 3400 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:00:11.0515 3400 SamSs - ok
14:00:11.0593 3400 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:00:11.0593 3400 SASDIFSV - ok
14:00:11.0625 3400 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
14:00:11.0625 3400 SASENUM - ok
14:00:11.0656 3400 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
14:00:11.0656 3400 SASKUTIL - ok
14:00:11.0703 3400 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
14:00:11.0703 3400 SCardSvr - ok
14:00:11.0718 3400 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
14:00:11.0718 3400 Schedule - ok
14:00:11.0750 3400 ScsiAccess (ed9c5cf6cc611ec8ac4a77c3f58f0601) C:\WINDOWS\system32\ScsiAccess.EXE
14:00:11.0750 3400 ScsiAccess - ok
14:00:11.0828 3400 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
14:00:11.0828 3400 sdbus - ok
14:00:11.0843 3400 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:00:11.0843 3400 Secdrv - ok
14:00:11.0859 3400 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
14:00:11.0859 3400 seclogon - ok
14:00:11.0968 3400 Secunia PSI Agent (2d0599dd0124764fc939c59985c860de) C:\Program Files\Secunia\PSI\PSIA.exe
14:00:11.0984 3400 Secunia PSI Agent - ok
14:00:12.0015 3400 Secunia Update Agent (20b9e1adbc58958b480933e4da005dfb) C:\Program Files\Secunia\PSI\sua.exe
14:00:12.0031 3400 Secunia Update Agent - ok
14:00:12.0171 3400 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
14:00:12.0171 3400 SENS - ok
14:00:12.0218 3400 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:00:12.0218 3400 Serenum - ok
14:00:12.0234 3400 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
14:00:12.0234 3400 Serial - ok
14:00:12.0250 3400 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:00:12.0250 3400 Sfloppy - ok
14:00:12.0265 3400 sfng32 (5fe18fff6fbcf218290042009eab023d) C:\WINDOWS\system32\drivers\sfng32.sys
14:00:12.0265 3400 sfng32 - ok
14:00:12.0312 3400 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
14:00:12.0312 3400 SharedAccess - ok
14:00:12.0359 3400 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:00:12.0359 3400 ShellHWDetection - ok
14:00:12.0359 3400 Simbad - ok
14:00:12.0406 3400 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
14:00:12.0406 3400 sisagp - ok
14:00:12.0421 3400 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:00:12.0421 3400 SLIP - ok
14:00:12.0421 3400 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
14:00:12.0421 3400 Sparrow - ok
14:00:12.0437 3400 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:00:12.0437 3400 splitter - ok
14:00:12.0468 3400 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
14:00:12.0468 3400 Spooler - ok
14:00:12.0468 3400 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
14:00:12.0484 3400 sr - ok
14:00:12.0500 3400 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
14:00:12.0500 3400 srservice - ok
14:00:12.0593 3400 SRTSP (83726cf02eced69138948083e06b6eac) C:\WINDOWS\System32\Drivers\N360\0502010.003\SRTSP.SYS
14:00:12.0593 3400 SRTSP - ok
14:00:12.0609 3400 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\WINDOWS\system32\drivers\N360\0502010.003\SRTSPX.SYS
14:00:12.0609 3400 SRTSPX - ok
14:00:12.0656 3400 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:00:12.0656 3400 Srv - ok
14:00:12.0656 3400 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
14:00:12.0656 3400 SSDPSRV - ok
14:00:12.0750 3400 STHDA (6ad7569cc5e40b94932ec56097c5dccd) C:\WINDOWS\system32\drivers\sthda.sys
14:00:12.0750 3400 STHDA - ok
14:00:12.0781 3400 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
14:00:12.0796 3400 stisvc - ok
14:00:12.0859 3400 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:00:12.0859 3400 streamip - ok
14:00:12.0890 3400 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:00:12.0890 3400 swenum - ok
14:00:12.0906 3400 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:00:12.0906 3400 swmidi - ok
14:00:12.0906 3400 SwPrv - ok
14:00:12.0937 3400 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
14:00:12.0937 3400 symc810 - ok
14:00:12.0937 3400 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
14:00:12.0937 3400 symc8xx - ok
14:00:13.0015 3400 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\WINDOWS\system32\drivers\N360\0502010.003\SYMDS.SYS
14:00:13.0015 3400 SymDS - ok
14:00:13.0062 3400 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\WINDOWS\system32\drivers\N360\0502010.003\SYMEFA.SYS
14:00:13.0062 3400 SymEFA - ok
14:00:13.0093 3400 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
14:00:13.0093 3400 SymEvent - ok
14:00:13.0093 3400 SYMFW - ok
14:00:13.0109 3400 SYMIDS - ok
14:00:13.0125 3400 SymIM (94a2459242a6dd0daf3baa99e96784ff) C:\WINDOWS\system32\DRIVERS\SymIM.sys
14:00:13.0125 3400 SymIM - ok
14:00:13.0125 3400 SymIMMP (94a2459242a6dd0daf3baa99e96784ff) C:\WINDOWS\system32\DRIVERS\SymIM.sys
14:00:13.0125 3400 SymIMMP - ok
14:00:13.0171 3400 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\WINDOWS\system32\drivers\N360\0502010.003\Ironx86.SYS
14:00:13.0171 3400 SymIRON - ok
14:00:13.0171 3400 SYMNDIS - ok
14:00:13.0218 3400 SYMTDI (336cace58f0359d5cbb1ae6b8a2fb205) C:\WINDOWS\System32\Drivers\N360\0502010.003\SYMTDI.SYS
14:00:13.0218 3400 SYMTDI - ok
14:00:13.0250 3400 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
14:00:13.0250 3400 sym_hi - ok
14:00:13.0265 3400 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
14:00:13.0265 3400 sym_u3 - ok
14:00:13.0296 3400 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:00:13.0296 3400 sysaudio - ok
14:00:13.0328 3400 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
14:00:13.0328 3400 SysmonLog - ok
14:00:13.0390 3400 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
14:00:13.0390 3400 TapiSrv - ok
14:00:13.0437 3400 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:00:13.0437 3400 Tcpip - ok
14:00:13.0468 3400 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:00:13.0468 3400 TDPIPE - ok
14:00:13.0484 3400 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:00:13.0484 3400 TDTCP - ok
14:00:13.0500 3400 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:00:13.0500 3400 TermDD - ok
14:00:13.0546 3400 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
14:00:13.0546 3400 TermService - ok
14:00:13.0593 3400 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:00:13.0593 3400 Themes - ok
14:00:13.0625 3400 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
14:00:13.0625 3400 TlntSvr - ok
14:00:13.0656 3400 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
14:00:13.0656 3400 TosIde - ok
14:00:13.0703 3400 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
14:00:13.0703 3400 TrkWks - ok
14:00:13.0921 3400 TSHWMDTCP (05d7a8529eda7aebbf13fc3cf998ca48) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys
14:00:13.0921 3400 TSHWMDTCP - ok
14:00:13.0953 3400 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:00:13.0953 3400 Udfs - ok
14:00:13.0953 3400 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
14:00:13.0953 3400 ultra - ok
14:00:13.0984 3400 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:00:14.0000 3400 Update - ok
14:00:14.0031 3400 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
14:00:14.0031 3400 upnphost - ok
14:00:14.0031 3400 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
14:00:14.0031 3400 UPS - ok
14:00:14.0093 3400 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
14:00:14.0093 3400 usbaudio - ok
14:00:14.0109 3400 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:00:14.0109 3400 usbccgp - ok
14:00:14.0156 3400 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:00:14.0156 3400 usbehci - ok
14:00:14.0203 3400 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:00:14.0203 3400 usbhub - ok
14:00:14.0218 3400 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:00:14.0218 3400 usbprint - ok
14:00:14.0234 3400 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:00:14.0234 3400 usbscan - ok
14:00:14.0250 3400 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:00:14.0250 3400 usbstor - ok
14:00:14.0265 3400 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:00:14.0265 3400 usbuhci - ok
14:00:14.0281 3400 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
14:00:14.0281 3400 usbvideo - ok
14:00:14.0296 3400 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:00:14.0296 3400 VgaSave - ok
14:00:14.0328 3400 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
14:00:14.0328 3400 viaagp - ok
14:00:14.0343 3400 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
14:00:14.0343 3400 ViaIde - ok
14:00:14.0359 3400 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
14:00:14.0359 3400 VolSnap - ok
14:00:14.0390 3400 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
14:00:14.0390 3400 VSS - ok
14:00:14.0421 3400 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
14:00:14.0421 3400 W32Time - ok
14:00:14.0453 3400 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:00:14.0453 3400 Wanarp - ok
14:00:14.0500 3400 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
14:00:14.0500 3400 Wdf01000 - ok
14:00:14.0500 3400 WDICA - ok
14:00:14.0515 3400 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:00:14.0515 3400 wdmaud - ok
14:00:14.0531 3400 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
14:00:14.0531 3400 WebClient - ok
14:00:14.0593 3400 winachsf (cb2dc26de2c815fc2309566f92d22ed4) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
14:00:14.0593 3400 winachsf - ok
14:00:14.0687 3400 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
14:00:14.0687 3400 winmgmt - ok
14:00:14.0734 3400 winusb (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.SYS
14:00:14.0734 3400 winusb - ok
14:00:14.0750 3400 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
14:00:14.0765 3400 WmdmPmSN - ok
14:00:14.0812 3400 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
14:00:14.0828 3400 Wmi - ok
14:00:14.0843 3400 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:00:14.0843 3400 WmiApSrv - ok
14:00:15.0015 3400 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\wmpnetwk.exe
14:00:15.0015 3400 WMPNetworkSvc - ok
14:00:15.0093 3400 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:00:15.0093 3400 WpdUsb - ok
14:00:15.0156 3400 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
14:00:15.0156 3400 wscsvc - ok
14:00:15.0187 3400 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:00:15.0187 3400 WSTCODEC - ok
14:00:15.0203 3400 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
14:00:15.0218 3400 wuauserv - ok
14:00:15.0234 3400 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:00:15.0234 3400 WudfPf - ok
14:00:15.0265 3400 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:00:15.0265 3400 WudfRd - ok
14:00:15.0281 3400 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
14:00:15.0281 3400 WudfSvc - ok
14:00:15.0328 3400 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
14:00:15.0328 3400 WZCSVC - ok
14:00:15.0359 3400 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
14:00:15.0359 3400 xmlprov - ok
14:00:15.0578 3400 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
14:00:15.0578 3400 YahooAUService - ok
14:00:15.0703 3400 MBR (0x1B8) (b20939cd98b7710036274839082ae757) \Device\Harddisk0\DR0
14:00:15.0718 3400 \Device\Harddisk0\DR0 - ok
14:00:16.0187 3400 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR3
14:00:16.0203 3400 \Device\Harddisk1\DR3 - ok
14:00:16.0203 3400 Boot (0x1200) (045db5fff3c63fbd97bc5649c4889c97) \Device\Harddisk0\DR0\Partition0
14:00:16.0203 3400 \Device\Harddisk0\DR0\Partition0 - ok
14:00:16.0218 3400 Boot (0x1200) (bc7abcdd2de38b8e547d5aaa047fa7ff) \Device\Harddisk0\DR0\Partition1
14:00:16.0218 3400 \Device\Harddisk0\DR0\Partition1 - ok
14:00:16.0218 3400 Boot (0x1200) (7672872967f8390a7a5a9dc860623404) \Device\Harddisk1\DR3\Partition0
14:00:16.0218 3400 \Device\Harddisk1\DR3\Partition0 - ok
14:00:16.0218 3400 ============================================================
14:00:16.0218 3400 Scan finished
14:00:16.0218 3400 ============================================================
14:00:16.0218 2668 Detected object count: 0
14:00:16.0218 2668 Actual detected object count: 0
14:00:42.0359 3004 Deinitialize success

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:50 PM

Posted 15 June 2012 - 07:37 PM

This looks could. Appears you did not get an infection.

Delete the email off your system.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 john baptist

john baptist
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Galloway NJ
  • Local time:05:50 PM

Posted 16 June 2012 - 10:44 AM

Now I am getting trojan warnings never had them before

Edited by john baptist, 16 June 2012 - 06:31 PM.


#9 john baptist

john baptist
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Galloway NJ
  • Local time:05:50 PM

Posted 16 June 2012 - 03:58 PM

Clicked on a hacked email link now I have Trojans being found by superantispyware I am concerned about identity theft

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:50 PM

Posted 16 June 2012 - 06:42 PM

Hello from where and which trojans?

I wanted to do this next antway

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:50 PM

Posted 16 June 2012 - 06:43 PM

Show the SAS log ... I also moved this into the other Topic,

Edited by boopme, 16 June 2012 - 06:46 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 john baptist

john baptist
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Galloway NJ
  • Local time:05:50 PM

Posted 16 June 2012 - 07:18 PM

I am starting to run program now
Trojan.Agent/Gen-Decay
C:\PROGRAM FILES\ADOBE\READER 10.0\READER\READER_SL.EXE
C:\WINDOWS\INSTALLER\$PATCHCACHE$\MANAGED\68AB67CA7DA73301B744AA0100000010\10.1.0\READER_SL.EXE
C:\WINDOWS\Prefetch\READER_SL.EXE-3329220B.pf

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:50 PM

Posted 16 June 2012 - 07:32 PM

Jihn after posting that log,, I feel Adobe is now corrupt. Uninsatall Adobe Reader thru Control Panel,Add/Remove Programs.. Reboot , Install Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 john baptist

john baptist
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Galloway NJ
  • Local time:05:50 PM

Posted 16 June 2012 - 08:06 PM

I am watching the program online scanner finishing up it says it found win32opencandy app as soon as it completes i will take out adobe

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:50 PM

Posted 16 June 2012 - 08:19 PM

Note: If you recognize any of the detections as legitimate programs, it's possible they are "false positives" and you can ignore them or get a second opinion if you're not sure.

Your log shows detections related to OpenCandy.

OpenCandy is an advertising application distributed by the OpenCandy Software Network which displays ads in other programs. The use of advertisement is a way to promote software packages and recover development costs. OpenCandy is not installed on a computer, does not collect personally identifiable information and in most cases allows the user to choose whether or not to install advertised software recommended by the vendor. Although no personal information is collected, the software does collect anonymous statistics about events and other data during installation. See What information does OpenCandy collect?

This is what OpenCandy has to say about their product.

OpenCandy provides a plug-in that developers include in their software to earn money by showing recommendations for other software in their installers. Developers use this money to keep their software free and invest in further software development. The installer uses the OpenCandy plug-in to present a software recommendation...during installation. You have complete control to accept the software recommendation by selecting either the “Install” or “Do not install” options on the software recommendation screen.

What is OpenCandy?

The OpenCanday network has partnered with various popular and trusted software developers who bundle their product as part of the program's software installation package. A list of such developers can be found here. Some vendors will clearly advise the use of OpenCandy before downloading their software, while others may provide confusing or no information at all. An example would be SIW (System Information for Windows) which clearly indicates on their website the use of OpenCandy.

What is OpenCandy?
OpenCandy is similar to Google AdSense, except it displays advertisements in installation program instead of websites. These advertisements promote another software packages. The advertisements are selected by providers of software being installed. When user installing a software (SIW) chooses to install promoted package, revenue is generated and shared between OpenCandy and software providers (SIW developers).

SIW Home Edition is bundled with OpenCandy

OpenCandy is not a virus or malware. However, since it is responsible for displaying advertisements, it may be detected (and sometimes removed) by various anti-virus and other security scanning tools as Adware, a classification that broadly defines the term as any software package which automatically displays advertisements in any form in order to generate revenue. For example, the Microsoft Malware Protection Center (MMPC) detects the program as Adware:Win32/OpenCandy, a low level threat and so does McAfee.

In response to this detection, OpenCandy has provided the following information:Of course OpenCandy is in business to make money so they are going to defend their product and portray it in a positive light. For another opinion, you may want to read: OpenCandy: A New Kind of Adware/Spyware.

IMO, removal of OpenCandy detections is an optional choice. I have provided the information so you can make an informed decision as whether to remove it or not.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users