Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google and Yahoo redirect in multiple programs


  • Please log in to reply
6 replies to this topic

#1 1sty

1sty

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 17 July 2012 - 09:50 AM

I am getting redirect form links in Chrome and Firefox.
Norton antivirus, Malwarebytes, and other programs do not find any problems.
Running windows 7 professional


Running ASWMBR seemed to max out a core of my processor. I got a Norton performance update about it.
This happened while scanning google update and a Chrome
It also got hung up for a while on zip.exe
I had to exit and restart it when it was scanning google update for over 10 minutes


09:42:20.0901 2424 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
09:42:21.0166 2424 ============================================================
09:42:21.0166 2424 Current date / time: 2012/07/17 09:42:21.0166
09:42:21.0166 2424 SystemInfo:
09:42:21.0166 2424
09:42:21.0166 2424 OS Version: 6.1.7601 ServicePack: 1.0
09:42:21.0166 2424 Product type: Workstation
09:42:21.0166 2424 ComputerName: CRAIGGAMING-PC
09:42:21.0166 2424 UserName: Craig Gaming
09:42:21.0166 2424 Windows directory: C:\Windows
09:42:21.0166 2424 System windows directory: C:\Windows
09:42:21.0166 2424 Running under WOW64
09:42:21.0166 2424 Processor architecture: Intel x64
09:42:21.0166 2424 Number of processors: 4
09:42:21.0166 2424 Page size: 0x1000
09:42:21.0166 2424 Boot type: Normal boot
09:42:21.0166 2424 ============================================================
09:42:21.0447 2424 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:42:21.0462 2424 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:42:21.0462 2424 ============================================================
09:42:21.0462 2424 \Device\Harddisk0\DR0:
09:42:21.0462 2424 MBR partitions:
09:42:21.0462 2424 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:42:21.0462 2424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
09:42:21.0462 2424 \Device\Harddisk1\DR1:
09:42:21.0462 2424 MBR partitions:
09:42:21.0462 2424 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
09:42:21.0462 2424 ============================================================
09:42:21.0478 2424 C: <-> \Device\Harddisk0\DR0\Partition1
09:42:21.0494 2424 E: <-> \Device\Harddisk1\DR1\Partition0
09:42:21.0494 2424 ============================================================
09:42:21.0494 2424 Initialize success
09:42:21.0494 2424 ============================================================
09:42:26.0267 4296 ============================================================
09:42:26.0267 4296 Scan started
09:42:26.0267 4296 Mode: Manual; TDLFS;
09:42:26.0267 4296 ============================================================
09:42:26.0626 4296 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:42:26.0626 4296 1394ohci - ok
09:42:26.0626 4296 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:42:26.0642 4296 ACPI - ok
09:42:26.0642 4296 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:42:26.0642 4296 AcpiPmi - ok
09:42:26.0642 4296 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:42:26.0642 4296 AdobeARMservice - ok
09:42:26.0673 4296 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:42:26.0673 4296 AdobeFlashPlayerUpdateSvc - ok
09:42:26.0673 4296 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
09:42:26.0688 4296 adp94xx - ok
09:42:26.0688 4296 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
09:42:26.0688 4296 adpahci - ok
09:42:26.0704 4296 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
09:42:26.0704 4296 adpu320 - ok
09:42:26.0704 4296 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:42:26.0704 4296 AeLookupSvc - ok
09:42:26.0720 4296 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:42:26.0720 4296 AFD - ok
09:42:26.0720 4296 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:42:26.0720 4296 agp440 - ok
09:42:26.0720 4296 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:42:26.0735 4296 ALG - ok
09:42:26.0735 4296 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:42:26.0735 4296 aliide - ok
09:42:26.0735 4296 AMD External Events Utility (9c616ba191b80f5cd1a1b9553e107100) C:\Windows\system32\atiesrxx.exe
09:42:26.0735 4296 AMD External Events Utility - ok
09:42:26.0735 4296 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:42:26.0735 4296 amdide - ok
09:42:26.0735 4296 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
09:42:26.0751 4296 AmdK8 - ok
09:42:26.0969 4296 amdkmdag (5165e83751b8ff40e5e4925996fcc506) C:\Windows\system32\DRIVERS\atikmdag.sys
09:42:27.0032 4296 amdkmdag - ok
09:42:27.0047 4296 amdkmdap (86ab3cf484260c4318f3a6e8b035f422) C:\Windows\system32\DRIVERS\atikmpag.sys
09:42:27.0047 4296 amdkmdap - ok
09:42:27.0063 4296 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
09:42:27.0063 4296 AmdPPM - ok
09:42:27.0063 4296 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:42:27.0063 4296 amdsata - ok
09:42:27.0063 4296 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
09:42:27.0063 4296 amdsbs - ok
09:42:27.0063 4296 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:42:27.0063 4296 amdxata - ok
09:42:27.0078 4296 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:42:27.0078 4296 AppID - ok
09:42:27.0078 4296 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:42:27.0078 4296 AppIDSvc - ok
09:42:27.0078 4296 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:42:27.0078 4296 Appinfo - ok
09:42:27.0094 4296 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
09:42:27.0094 4296 AppMgmt - ok
09:42:27.0094 4296 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
09:42:27.0094 4296 arc - ok
09:42:27.0094 4296 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
09:42:27.0094 4296 arcsas - ok
09:42:27.0094 4296 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:42:27.0094 4296 AsyncMac - ok
09:42:27.0094 4296 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:42:27.0094 4296 atapi - ok
09:42:27.0141 4296 athur (36322190763845975e0d001e90687bf2) C:\Windows\system32\DRIVERS\athurx.sys
09:42:27.0156 4296 athur - ok
09:42:27.0172 4296 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
09:42:27.0172 4296 AtiHDAudioService - ok
09:42:27.0172 4296 atksgt (b4bde3f758a34658a37dfed3d9783cd8) C:\Windows\system32\DRIVERS\atksgt.sys
09:42:27.0172 4296 atksgt - ok
09:42:27.0188 4296 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:42:27.0203 4296 AudioEndpointBuilder - ok
09:42:27.0203 4296 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:42:27.0203 4296 AudioSrv - ok
09:42:27.0203 4296 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:42:27.0203 4296 AxInstSV - ok
09:42:27.0219 4296 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
09:42:27.0219 4296 b06bdrv - ok
09:42:27.0234 4296 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:42:27.0234 4296 b57nd60a - ok
09:42:27.0234 4296 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:42:27.0234 4296 BDESVC - ok
09:42:27.0234 4296 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:42:27.0234 4296 Beep - ok
09:42:27.0250 4296 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
09:42:27.0266 4296 BFE - ok
09:42:27.0297 4296 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\BASHDefs\20120711.002\BHDrvx64.sys
09:42:27.0297 4296 BHDrvx64 - ok
09:42:27.0328 4296 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
09:42:27.0328 4296 BITS - ok
09:42:27.0344 4296 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
09:42:27.0344 4296 blbdrive - ok
09:42:27.0344 4296 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:42:27.0344 4296 bowser - ok
09:42:27.0344 4296 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
09:42:27.0344 4296 BrFiltLo - ok
09:42:27.0344 4296 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
09:42:27.0344 4296 BrFiltUp - ok
09:42:27.0359 4296 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
09:42:27.0359 4296 BridgeMP - ok
09:42:27.0359 4296 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:42:27.0359 4296 Browser - ok
09:42:27.0359 4296 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:42:27.0375 4296 Brserid - ok
09:42:27.0375 4296 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:42:27.0375 4296 BrSerWdm - ok
09:42:27.0375 4296 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:42:27.0375 4296 BrUsbMdm - ok
09:42:27.0375 4296 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:42:27.0375 4296 BrUsbSer - ok
09:42:27.0375 4296 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
09:42:27.0375 4296 BTHMODEM - ok
09:42:27.0375 4296 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:42:27.0375 4296 bthserv - ok
09:42:27.0390 4296 ccSet_NIS (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys
09:42:27.0390 4296 ccSet_NIS - ok
09:42:27.0390 4296 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:42:27.0390 4296 cdfs - ok
09:42:27.0406 4296 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
09:42:27.0406 4296 cdrom - ok
09:42:27.0406 4296 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:42:27.0406 4296 CertPropSvc - ok
09:42:27.0406 4296 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
09:42:27.0406 4296 circlass - ok
09:42:27.0422 4296 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:42:27.0422 4296 CLFS - ok
09:42:27.0422 4296 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:42:27.0422 4296 clr_optimization_v2.0.50727_32 - ok
09:42:27.0422 4296 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:42:27.0422 4296 clr_optimization_v2.0.50727_64 - ok
09:42:27.0437 4296 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:42:27.0437 4296 clr_optimization_v4.0.30319_32 - ok
09:42:27.0437 4296 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:42:27.0437 4296 clr_optimization_v4.0.30319_64 - ok
09:42:27.0437 4296 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
09:42:27.0437 4296 CmBatt - ok
09:42:27.0453 4296 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:42:27.0453 4296 cmdide - ok
09:42:27.0453 4296 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
09:42:27.0468 4296 CNG - ok
09:42:27.0468 4296 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
09:42:27.0468 4296 Compbatt - ok
09:42:27.0468 4296 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
09:42:27.0468 4296 CompositeBus - ok
09:42:27.0468 4296 COMSysApp - ok
09:42:27.0468 4296 cpuz135 (c08063f052308b6f5882482615387f30) C:\Windows\system32\drivers\cpuz135_x64.sys
09:42:27.0468 4296 cpuz135 - ok
09:42:27.0468 4296 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
09:42:27.0468 4296 crcdisk - ok
09:42:27.0484 4296 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
09:42:27.0484 4296 CryptSvc - ok
09:42:27.0500 4296 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
09:42:27.0500 4296 CSC - ok
09:42:27.0515 4296 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
09:42:27.0515 4296 CscService - ok
09:42:27.0531 4296 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:42:27.0531 4296 DcomLaunch - ok
09:42:27.0546 4296 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:42:27.0546 4296 defragsvc - ok
09:42:27.0546 4296 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:42:27.0546 4296 DfsC - ok
09:42:27.0562 4296 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:42:27.0562 4296 Dhcp - ok
09:42:27.0562 4296 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:42:27.0562 4296 discache - ok
09:42:27.0562 4296 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
09:42:27.0562 4296 Disk - ok
09:42:27.0562 4296 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
09:42:27.0562 4296 dmvsc - ok
09:42:27.0578 4296 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:42:27.0578 4296 Dnscache - ok
09:42:27.0578 4296 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:42:27.0578 4296 dot3svc - ok
09:42:27.0593 4296 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:42:27.0593 4296 DPS - ok
09:42:27.0593 4296 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:42:27.0593 4296 drmkaud - ok
09:42:27.0609 4296 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:42:27.0624 4296 DXGKrnl - ok
09:42:27.0624 4296 e1cexpress (6bafd9819d9fec2edbaebc8493c711a4) C:\Windows\system32\DRIVERS\e1c62x64.sys
09:42:27.0624 4296 e1cexpress - ok
09:42:27.0640 4296 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:42:27.0640 4296 EapHost - ok
09:42:27.0702 4296 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
09:42:27.0718 4296 ebdrv - ok
09:42:27.0734 4296 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
09:42:27.0734 4296 eeCtrl - ok
09:42:27.0749 4296 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:42:27.0765 4296 EFS - ok
09:42:27.0780 4296 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:42:27.0780 4296 ehRecvr - ok
09:42:27.0780 4296 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:42:27.0780 4296 ehSched - ok
09:42:27.0796 4296 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
09:42:27.0796 4296 elxstor - ok
09:42:27.0812 4296 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:42:27.0812 4296 EraserUtilRebootDrv - ok
09:42:27.0812 4296 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:42:27.0812 4296 ErrDev - ok
09:42:27.0827 4296 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:42:27.0827 4296 EventSystem - ok
09:42:27.0827 4296 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:42:27.0827 4296 exfat - ok
09:42:27.0843 4296 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:42:27.0843 4296 fastfat - ok
09:42:27.0858 4296 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:42:27.0858 4296 Fax - ok
09:42:27.0858 4296 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
09:42:27.0858 4296 fdc - ok
09:42:27.0858 4296 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:42:27.0858 4296 fdPHost - ok
09:42:27.0858 4296 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:42:27.0858 4296 FDResPub - ok
09:42:27.0874 4296 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:42:27.0874 4296 FileInfo - ok
09:42:27.0874 4296 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:42:27.0874 4296 Filetrace - ok
09:42:27.0874 4296 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
09:42:27.0874 4296 flpydisk - ok
09:42:27.0874 4296 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:42:27.0890 4296 FltMgr - ok
09:42:27.0905 4296 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:42:27.0921 4296 FontCache - ok
09:42:27.0921 4296 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:42:27.0921 4296 FontCache3.0.0.0 - ok
09:42:27.0921 4296 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:42:27.0921 4296 FsDepends - ok
09:42:27.0921 4296 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
09:42:27.0921 4296 Fs_Rec - ok
09:42:27.0936 4296 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:42:27.0936 4296 fvevol - ok
09:42:27.0936 4296 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
09:42:27.0936 4296 gagp30kx - ok
09:42:27.0952 4296 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:42:27.0968 4296 gpsvc - ok
09:42:27.0968 4296 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:42:27.0968 4296 hcw85cir - ok
09:42:27.0968 4296 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
09:42:27.0968 4296 HdAudAddService - ok
09:42:27.0983 4296 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:42:27.0983 4296 HDAudBus - ok
09:42:27.0983 4296 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
09:42:27.0983 4296 HidBatt - ok
09:42:27.0983 4296 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
09:42:27.0983 4296 HidBth - ok
09:42:27.0983 4296 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
09:42:27.0983 4296 HidIr - ok
09:42:27.0999 4296 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
09:42:27.0999 4296 hidserv - ok
09:42:27.0999 4296 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
09:42:27.0999 4296 HidUsb - ok
09:42:27.0999 4296 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:42:27.0999 4296 hkmsvc - ok
09:42:27.0999 4296 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:42:28.0014 4296 HomeGroupListener - ok
09:42:28.0014 4296 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:42:28.0014 4296 HomeGroupProvider - ok
09:42:28.0014 4296 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:42:28.0014 4296 HpSAMD - ok
09:42:28.0030 4296 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:42:28.0046 4296 HTTP - ok
09:42:28.0046 4296 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:42:28.0046 4296 hwpolicy - ok
09:42:28.0046 4296 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
09:42:28.0046 4296 i8042prt - ok
09:42:28.0061 4296 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:42:28.0061 4296 iaStorV - ok
09:42:28.0077 4296 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:42:28.0092 4296 idsvc - ok
09:42:28.0108 4296 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\IPSDefs\20120715.001\IDSvia64.sys
09:42:28.0108 4296 IDSVia64 - ok
09:42:28.0124 4296 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
09:42:28.0124 4296 iirsp - ok
09:42:28.0139 4296 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:42:28.0139 4296 IKEEXT - ok
09:42:28.0155 4296 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:42:28.0155 4296 intelide - ok
09:42:28.0155 4296 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
09:42:28.0155 4296 intelppm - ok
09:42:28.0155 4296 Intel® PROSet Monitoring Service (068ec06f3b6dd7b81b365d8fd2ce27e6) C:\Windows\system32\IProsetMonitor.exe
09:42:28.0155 4296 Intel® PROSet Monitoring Service - ok
09:42:28.0155 4296 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:42:28.0170 4296 IPBusEnum - ok
09:42:28.0170 4296 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:42:28.0170 4296 IpFilterDriver - ok
09:42:28.0186 4296 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
09:42:28.0186 4296 iphlpsvc - ok
09:42:28.0186 4296 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:42:28.0186 4296 IPMIDRV - ok
09:42:28.0186 4296 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:42:28.0186 4296 IPNAT - ok
09:42:28.0217 4296 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:42:28.0217 4296 IRENUM - ok
09:42:28.0233 4296 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:42:28.0233 4296 isapnp - ok
09:42:28.0248 4296 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:42:28.0248 4296 iScsiPrt - ok
09:42:28.0264 4296 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
09:42:28.0264 4296 kbdclass - ok
09:42:28.0264 4296 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
09:42:28.0264 4296 kbdhid - ok
09:42:28.0264 4296 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:42:28.0264 4296 KeyIso - ok
09:42:28.0280 4296 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
09:42:28.0280 4296 KSecDD - ok
09:42:28.0280 4296 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
09:42:28.0280 4296 KSecPkg - ok
09:42:28.0295 4296 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:42:28.0295 4296 ksthunk - ok
09:42:28.0295 4296 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:42:28.0295 4296 KtmRm - ok
09:42:28.0311 4296 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
09:42:28.0311 4296 LanmanServer - ok
09:42:28.0311 4296 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:42:28.0311 4296 LanmanWorkstation - ok
09:42:28.0326 4296 lirsgt (955982bf4421b77722196552b62e8dc2) C:\Windows\system32\DRIVERS\lirsgt.sys
09:42:28.0326 4296 lirsgt - ok
09:42:28.0326 4296 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:42:28.0326 4296 lltdio - ok
09:42:28.0326 4296 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:42:28.0326 4296 lltdsvc - ok
09:42:28.0342 4296 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:42:28.0342 4296 lmhosts - ok
09:42:28.0342 4296 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
09:42:28.0342 4296 LSI_FC - ok
09:42:28.0342 4296 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
09:42:28.0342 4296 LSI_SAS - ok
09:42:28.0342 4296 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
09:42:28.0342 4296 LSI_SAS2 - ok
09:42:28.0358 4296 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
09:42:28.0358 4296 LSI_SCSI - ok
09:42:28.0358 4296 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:42:28.0358 4296 luafv - ok
09:42:28.0373 4296 McComponentHostService (22a7776c5d8eb5930edf9c8dd0884259) C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
09:42:28.0373 4296 McComponentHostService - ok
09:42:28.0373 4296 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:42:28.0373 4296 Mcx2Svc - ok
09:42:28.0373 4296 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
09:42:28.0373 4296 megasas - ok
09:42:28.0389 4296 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
09:42:28.0389 4296 MegaSR - ok
09:42:28.0389 4296 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
09:42:28.0389 4296 MEIx64 - ok
09:42:28.0389 4296 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:42:28.0389 4296 MMCSS - ok
09:42:28.0389 4296 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:42:28.0389 4296 Modem - ok
09:42:28.0404 4296 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:42:28.0404 4296 monitor - ok
09:42:28.0404 4296 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:42:28.0404 4296 mouclass - ok
09:42:28.0404 4296 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:42:28.0404 4296 mouhid - ok
09:42:28.0404 4296 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:42:28.0404 4296 mountmgr - ok
09:42:28.0420 4296 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:42:28.0420 4296 MozillaMaintenance - ok
09:42:28.0420 4296 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:42:28.0420 4296 mpio - ok
09:42:28.0420 4296 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:42:28.0420 4296 mpsdrv - ok
09:42:28.0436 4296 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
09:42:28.0451 4296 MpsSvc - ok
09:42:28.0451 4296 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:42:28.0451 4296 MRxDAV - ok
09:42:28.0451 4296 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:42:28.0451 4296 mrxsmb - ok
09:42:28.0467 4296 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:42:28.0467 4296 mrxsmb10 - ok
09:42:28.0467 4296 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:42:28.0467 4296 mrxsmb20 - ok
09:42:28.0482 4296 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:42:28.0482 4296 msahci - ok
09:42:28.0482 4296 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:42:28.0482 4296 msdsm - ok
09:42:28.0482 4296 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:42:28.0482 4296 MSDTC - ok
09:42:28.0482 4296 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:42:28.0498 4296 Msfs - ok
09:42:28.0498 4296 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:42:28.0498 4296 mshidkmdf - ok
09:42:28.0498 4296 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:42:28.0498 4296 msisadrv - ok
09:42:28.0498 4296 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:42:28.0498 4296 MSiSCSI - ok
09:42:28.0498 4296 msiserver - ok
09:42:28.0498 4296 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:42:28.0498 4296 MSKSSRV - ok
09:42:28.0514 4296 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:42:28.0514 4296 MSPCLOCK - ok
09:42:28.0514 4296 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:42:28.0514 4296 MSPQM - ok
09:42:28.0514 4296 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:42:28.0514 4296 MsRPC - ok
09:42:28.0529 4296 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
09:42:28.0529 4296 mssmbios - ok
09:42:28.0529 4296 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:42:28.0529 4296 MSTEE - ok
09:42:28.0529 4296 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
09:42:28.0529 4296 MTConfig - ok
09:42:28.0529 4296 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:42:28.0529 4296 Mup - ok
09:42:28.0545 4296 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:42:28.0545 4296 napagent - ok
09:42:28.0560 4296 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:42:28.0560 4296 NativeWifiP - ok
09:42:28.0560 4296 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\VirusDefs\20120716.018\ENG64.SYS
09:42:28.0560 4296 NAVENG - ok
09:42:28.0607 4296 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.1.2\Definitions\VirusDefs\20120716.018\EX64.SYS
09:42:28.0623 4296 NAVEX15 - ok
09:42:28.0654 4296 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
09:42:28.0670 4296 NDIS - ok
09:42:28.0670 4296 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:42:28.0670 4296 NdisCap - ok
09:42:28.0670 4296 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:42:28.0670 4296 NdisTapi - ok
09:42:28.0670 4296 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:42:28.0670 4296 Ndisuio - ok
09:42:28.0685 4296 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:42:28.0685 4296 NdisWan - ok
09:42:28.0685 4296 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:42:28.0685 4296 NDProxy - ok
09:42:28.0685 4296 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:42:28.0685 4296 NetBIOS - ok
09:42:28.0685 4296 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:42:28.0701 4296 NetBT - ok
09:42:28.0701 4296 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:42:28.0701 4296 Netlogon - ok
09:42:28.0701 4296 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:42:28.0716 4296 Netman - ok
09:42:28.0716 4296 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:42:28.0716 4296 netprofm - ok
09:42:28.0732 4296 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:42:28.0732 4296 NetTcpPortSharing - ok
09:42:28.0732 4296 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
09:42:28.0732 4296 nfrd960 - ok
09:42:28.0748 4296 NIS (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
09:42:28.0748 4296 NIS - ok
09:42:28.0748 4296 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:42:28.0748 4296 NlaSvc - ok
09:42:28.0748 4296 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:42:28.0763 4296 Npfs - ok
09:42:28.0763 4296 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:42:28.0763 4296 nsi - ok
09:42:28.0763 4296 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:42:28.0763 4296 nsiproxy - ok
09:42:28.0794 4296 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:42:28.0810 4296 Ntfs - ok
09:42:28.0826 4296 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:42:28.0826 4296 Null - ok
09:42:28.0826 4296 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:42:28.0826 4296 nvraid - ok
09:42:28.0841 4296 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:42:28.0841 4296 nvstor - ok
09:42:28.0841 4296 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:42:28.0841 4296 nv_agp - ok
09:42:28.0857 4296 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:42:28.0857 4296 odserv - ok
09:42:28.0857 4296 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:42:28.0857 4296 ohci1394 - ok
09:42:28.0872 4296 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:42:28.0872 4296 ose - ok
09:42:28.0872 4296 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:42:28.0888 4296 p2pimsvc - ok
09:42:28.0888 4296 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:42:28.0888 4296 p2psvc - ok
09:42:28.0904 4296 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
09:42:28.0904 4296 Parport - ok
09:42:28.0904 4296 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
09:42:28.0904 4296 partmgr - ok
09:42:28.0904 4296 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:42:28.0904 4296 PcaSvc - ok
09:42:28.0919 4296 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:42:28.0919 4296 pci - ok
09:42:28.0919 4296 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:42:28.0919 4296 pciide - ok
09:42:28.0919 4296 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
09:42:28.0919 4296 pcmcia - ok
09:42:28.0935 4296 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:42:28.0935 4296 pcw - ok
09:42:28.0950 4296 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:42:28.0950 4296 PEAUTH - ok
09:42:28.0982 4296 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
09:42:28.0982 4296 PeerDistSvc - ok
09:42:28.0997 4296 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:42:28.0997 4296 PerfHost - ok
09:42:29.0044 4296 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:42:29.0060 4296 pla - ok
09:42:29.0075 4296 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:42:29.0075 4296 PlugPlay - ok
09:42:29.0075 4296 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:42:29.0075 4296 PNRPAutoReg - ok
09:42:29.0091 4296 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:42:29.0091 4296 PNRPsvc - ok
09:42:29.0091 4296 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:42:29.0106 4296 PolicyAgent - ok
09:42:29.0106 4296 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:42:29.0106 4296 Power - ok
09:42:29.0106 4296 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:42:29.0106 4296 PptpMiniport - ok
09:42:29.0122 4296 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
09:42:29.0122 4296 Processor - ok
09:42:29.0122 4296 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
09:42:29.0122 4296 ProfSvc - ok
09:42:29.0122 4296 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:42:29.0122 4296 ProtectedStorage - ok
09:42:29.0138 4296 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:42:29.0138 4296 Psched - ok
09:42:29.0169 4296 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
09:42:29.0169 4296 ql2300 - ok
09:42:29.0200 4296 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
09:42:29.0200 4296 ql40xx - ok
09:42:29.0200 4296 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:42:29.0200 4296 QWAVE - ok
09:42:29.0216 4296 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:42:29.0216 4296 QWAVEdrv - ok
09:42:29.0216 4296 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:42:29.0216 4296 RasAcd - ok
09:42:29.0216 4296 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:42:29.0216 4296 RasAgileVpn - ok
09:42:29.0216 4296 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:42:29.0216 4296 RasAuto - ok
09:42:29.0231 4296 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:42:29.0231 4296 Rasl2tp - ok
09:42:29.0231 4296 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:42:29.0231 4296 RasMan - ok
09:42:29.0247 4296 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:42:29.0247 4296 RasPppoe - ok
09:42:29.0247 4296 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:42:29.0247 4296 RasSstp - ok
09:42:29.0247 4296 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:42:29.0262 4296 rdbss - ok
09:42:29.0262 4296 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
09:42:29.0262 4296 rdpbus - ok
09:42:29.0262 4296 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:42:29.0262 4296 RDPCDD - ok
09:42:29.0262 4296 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
09:42:29.0262 4296 RDPDR - ok
09:42:29.0262 4296 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:42:29.0262 4296 RDPENCDD - ok
09:42:29.0278 4296 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:42:29.0278 4296 RDPREFMP - ok
09:42:29.0278 4296 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
09:42:29.0278 4296 RDPWD - ok
09:42:29.0278 4296 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:42:29.0294 4296 rdyboost - ok
09:42:29.0294 4296 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:42:29.0294 4296 RemoteAccess - ok
09:42:29.0294 4296 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:42:29.0294 4296 RemoteRegistry - ok
09:42:29.0294 4296 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:42:29.0309 4296 RpcEptMapper - ok
09:42:29.0309 4296 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:42:29.0309 4296 RpcLocator - ok
09:42:29.0309 4296 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:42:29.0325 4296 RpcSs - ok
09:42:29.0325 4296 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:42:29.0325 4296 rspndr - ok
09:42:29.0325 4296 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
09:42:29.0325 4296 s3cap - ok
09:42:29.0325 4296 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:42:29.0325 4296 SamSs - ok
09:42:29.0325 4296 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:42:29.0325 4296 sbp2port - ok
09:42:29.0340 4296 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:42:29.0340 4296 SCardSvr - ok
09:42:29.0340 4296 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:42:29.0340 4296 scfilter - ok
09:42:29.0372 4296 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:42:29.0372 4296 Schedule - ok
09:42:29.0372 4296 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:42:29.0372 4296 SCPolicySvc - ok
09:42:29.0387 4296 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:42:29.0387 4296 SDRSVC - ok
09:42:29.0387 4296 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:42:29.0387 4296 secdrv - ok
09:42:29.0387 4296 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:42:29.0387 4296 seclogon - ok
09:42:29.0387 4296 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
09:42:29.0387 4296 SENS - ok
09:42:29.0403 4296 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:42:29.0403 4296 SensrSvc - ok
09:42:29.0403 4296 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
09:42:29.0403 4296 Serenum - ok
09:42:29.0403 4296 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
09:42:29.0403 4296 Serial - ok
09:42:29.0403 4296 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
09:42:29.0403 4296 sermouse - ok
09:42:29.0418 4296 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:42:29.0418 4296 SessionEnv - ok
09:42:29.0418 4296 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
09:42:29.0418 4296 sffdisk - ok
09:42:29.0418 4296 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:42:29.0418 4296 sffp_mmc - ok
09:42:29.0418 4296 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
09:42:29.0418 4296 sffp_sd - ok
09:42:29.0418 4296 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
09:42:29.0418 4296 sfloppy - ok
09:42:29.0434 4296 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
09:42:29.0434 4296 SharedAccess - ok
09:42:29.0450 4296 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:42:29.0450 4296 ShellHWDetection - ok
09:42:29.0450 4296 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
09:42:29.0450 4296 SiSRaid2 - ok
09:42:29.0450 4296 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
09:42:29.0450 4296 SiSRaid4 - ok
09:42:29.0450 4296 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:42:29.0450 4296 Smb - ok
09:42:29.0465 4296 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:42:29.0465 4296 SNMPTRAP - ok
09:42:29.0465 4296 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:42:29.0465 4296 spldr - ok
09:42:29.0481 4296 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:42:29.0481 4296 Spooler - ok
09:42:29.0559 4296 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:42:29.0574 4296 sppsvc - ok
09:42:29.0590 4296 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:42:29.0606 4296 sppuinotify - ok
09:42:29.0621 4296 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\NISx64\1307010.005\SRTSP64.SYS
09:42:29.0621 4296 SRTSP - ok
09:42:29.0621 4296 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\NISx64\1307010.005\SRTSPX64.SYS
09:42:29.0621 4296 SRTSPX - ok
09:42:29.0637 4296 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:42:29.0637 4296 srv - ok
09:42:29.0652 4296 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:42:29.0652 4296 srv2 - ok
09:42:29.0652 4296 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:42:29.0652 4296 srvnet - ok
09:42:29.0668 4296 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:42:29.0668 4296 SSDPSRV - ok
09:42:29.0668 4296 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:42:29.0668 4296 SstpSvc - ok
09:42:29.0668 4296 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
09:42:29.0668 4296 stexstor - ok
09:42:29.0668 4296 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
09:42:29.0684 4296 StillCam - ok
09:42:29.0684 4296 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:42:29.0699 4296 stisvc - ok
09:42:29.0699 4296 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
09:42:29.0699 4296 storflt - ok
09:42:29.0699 4296 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
09:42:29.0699 4296 StorSvc - ok
09:42:29.0699 4296 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
09:42:29.0699 4296 storvsc - ok
09:42:29.0699 4296 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
09:42:29.0699 4296 swenum - ok
09:42:29.0715 4296 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:42:29.0715 4296 swprv - ok
09:42:29.0730 4296 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS
09:42:29.0730 4296 SymDS - ok
09:42:29.0762 4296 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS
09:42:29.0762 4296 SymEFA - ok
09:42:29.0777 4296 SymEvent (894579207e39c465737e850a252ce4f2) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
09:42:29.0777 4296 SymEvent - ok
09:42:29.0777 4296 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS
09:42:29.0777 4296 SymIRON - ok
09:42:29.0793 4296 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS
09:42:29.0793 4296 SymNetS - ok
09:42:29.0840 4296 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:42:29.0840 4296 SysMain - ok
09:42:29.0871 4296 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:42:29.0871 4296 TabletInputService - ok
09:42:29.0871 4296 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:42:29.0871 4296 TapiSrv - ok
09:42:29.0871 4296 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:42:29.0886 4296 TBS - ok
09:42:29.0918 4296 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
09:42:29.0933 4296 Tcpip - ok
09:42:29.0996 4296 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
09:42:29.0996 4296 TCPIP6 - ok
09:42:30.0011 4296 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:42:30.0027 4296 tcpipreg - ok
09:42:30.0027 4296 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:42:30.0027 4296 TDPIPE - ok
09:42:30.0027 4296 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:42:30.0027 4296 TDTCP - ok
09:42:30.0027 4296 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:42:30.0027 4296 tdx - ok
09:42:30.0027 4296 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
09:42:30.0027 4296 TermDD - ok
09:42:30.0042 4296 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:42:30.0058 4296 TermService - ok
09:42:30.0058 4296 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:42:30.0058 4296 Themes - ok
09:42:30.0058 4296 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:42:30.0058 4296 THREADORDER - ok
09:42:30.0058 4296 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:42:30.0074 4296 TrkWks - ok
09:42:30.0074 4296 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:42:30.0074 4296 TrustedInstaller - ok
09:42:30.0074 4296 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:42:30.0074 4296 tssecsrv - ok
09:42:30.0074 4296 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:42:30.0074 4296 TsUsbFlt - ok
09:42:30.0089 4296 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
09:42:30.0089 4296 TsUsbGD - ok
09:42:30.0089 4296 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:42:30.0089 4296 tunnel - ok
09:42:30.0089 4296 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
09:42:30.0089 4296 uagp35 - ok
09:42:30.0105 4296 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:42:30.0105 4296 udfs - ok
09:42:30.0105 4296 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:42:30.0105 4296 UI0Detect - ok
09:42:30.0105 4296 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:42:30.0105 4296 uliagpkx - ok
09:42:30.0105 4296 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
09:42:30.0120 4296 umbus - ok
09:42:30.0120 4296 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
09:42:30.0120 4296 UmPass - ok
09:42:30.0120 4296 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
09:42:30.0120 4296 UmRdpService - ok
09:42:30.0136 4296 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:42:30.0136 4296 upnphost - ok
09:42:30.0136 4296 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:42:30.0136 4296 usbccgp - ok
09:42:30.0136 4296 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:42:30.0152 4296 usbcir - ok
09:42:30.0152 4296 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
09:42:30.0152 4296 usbehci - ok
09:42:30.0152 4296 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
09:42:30.0152 4296 usbhub - ok
09:42:30.0167 4296 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
09:42:30.0167 4296 usbohci - ok
09:42:30.0167 4296 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
09:42:30.0167 4296 usbprint - ok
09:42:30.0167 4296 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:42:30.0167 4296 USBSTOR - ok
09:42:30.0167 4296 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
09:42:30.0167 4296 usbuhci - ok
09:42:30.0167 4296 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:42:30.0167 4296 UxSms - ok
09:42:30.0183 4296 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:42:30.0183 4296 VaultSvc - ok
09:42:30.0183 4296 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:42:30.0183 4296 vdrvroot - ok
09:42:30.0198 4296 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:42:30.0198 4296 vds - ok
09:42:30.0198 4296 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:42:30.0198 4296 vga - ok
09:42:30.0214 4296 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:42:30.0214 4296 VgaSave - ok
09:42:30.0214 4296 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:42:30.0214 4296 vhdmp - ok
09:42:30.0214 4296 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:42:30.0214 4296 viaide - ok
09:42:30.0230 4296 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
09:42:30.0230 4296 vmbus - ok
09:42:30.0230 4296 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
09:42:30.0230 4296 VMBusHID - ok
09:42:30.0230 4296 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:42:30.0230 4296 volmgr - ok
09:42:30.0245 4296 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:42:30.0245 4296 volmgrx - ok
09:42:30.0245 4296 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:42:30.0245 4296 volsnap - ok
09:42:30.0261 4296 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
09:42:30.0261 4296 vsmraid - ok
09:42:30.0292 4296 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
09:42:30.0308 4296 VSS - ok
09:42:30.0323 4296 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
09:42:30.0323 4296 vwifibus - ok
09:42:30.0323 4296 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:42:30.0323 4296 vwififlt - ok
09:42:30.0323 4296 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
09:42:30.0339 4296 vwifimp - ok
09:42:30.0339 4296 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:42:30.0339 4296 W32Time - ok
09:42:30.0339 4296 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
09:42:30.0354 4296 WacomPen - ok
09:42:30.0354 4296 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:42:30.0354 4296 WANARP - ok
09:42:30.0354 4296 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:42:30.0354 4296 Wanarpv6 - ok
09:42:30.0386 4296 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
09:42:30.0386 4296 WatAdminSvc - ok
09:42:30.0417 4296 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
09:42:30.0432 4296 wbengine - ok
09:42:30.0448 4296 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:42:30.0448 4296 WbioSrvc - ok
09:42:30.0464 4296 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
09:42:30.0464 4296 wcncsvc - ok
09:42:30.0464 4296 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:42:30.0479 4296 WcsPlugInService - ok
09:42:30.0479 4296 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
09:42:30.0479 4296 Wd - ok
09:42:30.0495 4296 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:42:30.0495 4296 Wdf01000 - ok
09:42:30.0495 4296 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:42:30.0495 4296 WdiServiceHost - ok
09:42:30.0495 4296 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:42:30.0495 4296 WdiSystemHost - ok
09:42:30.0510 4296 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
09:42:30.0510 4296 WebClient - ok
09:42:30.0526 4296 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:42:30.0526 4296 Wecsvc - ok
09:42:30.0526 4296 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:42:30.0526 4296 wercplsupport - ok
09:42:30.0526 4296 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:42:30.0526 4296 WerSvc - ok
09:42:30.0542 4296 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:42:30.0542 4296 WfpLwf - ok
09:42:30.0542 4296 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:42:30.0542 4296 WIMMount - ok
09:42:30.0542 4296 WinDefend - ok
09:42:30.0542 4296 WinHttpAutoProxySvc - ok
09:42:30.0557 4296 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:42:30.0557 4296 Winmgmt - ok
09:42:30.0604 4296 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
09:42:30.0604 4296 WinRM - ok
09:42:30.0651 4296 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:42:30.0651 4296 Wlansvc - ok
09:42:30.0651 4296 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
09:42:30.0651 4296 WmiAcpi - ok
09:42:30.0666 4296 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:42:30.0666 4296 wmiApSrv - ok
09:42:30.0666 4296 WMPNetworkSvc - ok
09:42:30.0666 4296 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:42:30.0666 4296 WPCSvc - ok
09:42:30.0682 4296 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
09:42:30.0682 4296 WPDBusEnum - ok
09:42:30.0682 4296 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:42:30.0682 4296 ws2ifsl - ok
09:42:30.0682 4296 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
09:42:30.0682 4296 wscsvc - ok
09:42:30.0682 4296 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
09:42:30.0682 4296 WSDPrintDevice - ok
09:42:30.0682 4296 WSearch - ok
09:42:30.0744 4296 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
09:42:30.0760 4296 wuauserv - ok
09:42:30.0776 4296 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:42:30.0776 4296 WudfPf - ok
09:42:30.0791 4296 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:42:30.0791 4296 WUDFRd - ok
09:42:30.0791 4296 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
09:42:30.0791 4296 wudfsvc - ok
09:42:30.0791 4296 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:42:30.0807 4296 WwanSvc - ok
09:42:30.0807 4296 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:42:30.0885 4296 \Device\Harddisk0\DR0 - ok
09:42:30.0885 4296 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
09:42:31.0119 4296 \Device\Harddisk1\DR1 - ok
09:42:31.0119 4296 Boot (0x1200) (3e3f94ea971105c14fc5f0e22d31eabb) \Device\Harddisk0\DR0\Partition0
09:42:31.0119 4296 \Device\Harddisk0\DR0\Partition0 - ok
09:42:31.0134 4296 Boot (0x1200) (fd77d72315c9143ceb7aa23fa37d8e86) \Device\Harddisk0\DR0\Partition1
09:42:31.0134 4296 \Device\Harddisk0\DR0\Partition1 - ok
09:42:31.0134 4296 Boot (0x1200) (0d142a435c52bf7068da0d6e3c105871) \Device\Harddisk1\DR1\Partition0
09:42:31.0134 4296 \Device\Harddisk1\DR1\Partition0 - ok
09:42:31.0134 4296 ============================================================
09:42:31.0134 4296 Scan finished
09:42:31.0134 4296 ============================================================
09:42:31.0150 4728 Detected object count: 0
09:42:31.0150 4728 Actual detected object count: 0


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-17 08:34:33
-----------------------------
08:34:33.423 OS Version: Windows x64 6.1.7601 Service Pack 1
08:34:33.423 Number of processors: 4 586 0x2A07
08:34:33.423 ComputerName: CRAIGGAMING-PC UserName: Craig Gaming
08:34:33.688 Initialize success
08:35:13.659 AVAST engine defs: 12071700
08:36:01.890 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
08:36:01.906 Disk 0 Vendor: M4-CT128M4SSD2 0309 Size: 122104MB BusType: 11
08:36:01.906 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP4T0L0-6
08:36:01.906 Disk 1 Vendor: MAXTOR_STM3320620AS 3.AAE Size: 305245MB BusType: 11
08:36:01.906 Disk 0 MBR read successfully
08:36:01.906 Disk 0 MBR scan
08:36:01.921 Disk 0 Windows 7 default MBR code
08:36:01.921 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
08:36:01.921 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 122002 MB offset 206848
08:36:01.937 Disk 0 scanning C:\Windows\system32\drivers
08:36:03.731 Service scanning
08:36:08.021 Modules scanning
08:36:08.021 Disk 0 trace - called modules:
08:36:08.021 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
08:36:08.036 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007225060]
08:36:08.036 3 CLASSPNP.SYS[fffff88001b9443f] -> nt!IofCallDriver -> [0xfffffa8006fd3520]
08:36:08.036 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa8006fcd680]
08:36:08.239 AVAST engine scan C:\
08:44:14.989 Scan finished successfully
08:48:52.170 Disk 0 MBR has been saved successfully to "C:\Users\Craig Gaming\Documents\MBR.dat"
08:48:52.172 The log file has been saved successfully to "C:\Users\Craig Gaming\Documents\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-17 10:02:52
-----------------------------
10:02:52.662 OS Version: Windows x64 6.1.7601 Service Pack 1
10:02:52.662 Number of processors: 4 586 0x2A07
10:02:52.662 ComputerName: CRAIGGAMING-PC UserName: Craig Gaming
10:02:53.099 Initialize success
10:02:55.698 AVAST engine defs: 12071700
10:03:00.657 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
10:03:00.658 Disk 0 Vendor: M4-CT128M4SSD2 0309 Size: 122104MB BusType: 11
10:03:00.659 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP4T0L0-6
10:03:00.659 Disk 1 Vendor: MAXTOR_STM3320620AS 3.AAE Size: 305245MB BusType: 11
10:03:00.680 Disk 0 MBR read successfully
10:03:00.681 Disk 0 MBR scan
10:03:00.682 Disk 0 Windows 7 default MBR code
10:03:00.708 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
10:03:00.715 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 122002 MB offset 206848
10:03:00.788 Disk 0 scanning C:\Windows\system32\drivers
10:03:32.404 Service scanning
10:03:36.647 Modules scanning
10:03:36.655 Disk 0 trace - called modules:
10:03:36.660 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
10:03:36.661 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007225060]
10:03:36.663 3 CLASSPNP.SYS[fffff88001b9443f] -> nt!IofCallDriver -> [0xfffffa8006fd3520]
10:03:36.665 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa8006fcd680]
10:03:37.069 AVAST engine scan C:\Windows
10:04:07.425 AVAST engine scan C:\Windows\system32
10:13:48.522 AVAST engine scan C:\Windows\system32\drivers
10:14:56.278 AVAST engine scan C:\Users\Craig Gaming
10:21:41.489 AVAST engine scan C:\ProgramData
10:21:54.197 Scan finished successfully
10:22:33.272 Disk 0 MBR has been saved successfully to "C:\Users\Craig Gaming\Documents\MBR.dat"
10:22:33.274 The log file has been saved successfully to "C:\Users\Craig Gaming\Documents\aswMBR.txt"

ESET Infected Files:
C:\Users\Craig Gaming\Downloads\SweetHome3D-3.5-windows-oc.exe Win32/OpenCandy application cleaned by deleting - quarantined

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:03:48 PM

Posted 17 July 2012 - 10:30 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 1sty

1sty
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 02 August 2012 - 10:40 PM

Norton chimed in with this when I began running security check:
Category: Resolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action,Path - Filename
2012-08-02 23:35:53,High,jar_cache3354926494311743156.tmp (Trojan.Maljava!gen23) detected by Auto-Protect,Quarantined,Resolved - No Action Required,c:\users\craig gaming\appdata\local\temp\jar_cache3354926494311743156.tmp



Results of screen317's Security Check version 0.99.43
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
JavaFX 2.1.1
Java™ 7 Update 5
Adobe Reader X (10.1.3)
Mozilla Firefox (14.0.1)
Google Chrome 20.0.1132.47
Google Chrome 20.0.1132.57
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 11% Defragment your hard drive soon!
````````````````````End of Log``````````````````````



Farbar Service Scanner Version: 26-07-2012
Ran by Craig Gaming (administrator) on 02-08-2012 at 23:38:39
Running from "C:\Users\Craig Gaming\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****







MiniToolBox by Farbar Version: 23-07-2012
Ran by Craig Gaming (administrator) on 02-08-2012 at 23:40:18
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

TP-LINK 150Mbps Wireless Lite N Adapter = Wireless Network Connection (Connected)
Intel® 82579V Gigabit Network Connection = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : CraigGaming-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.nh.comcast.net.

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : FE-D1-11-0A-C5-7E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.nh.comcast.net.
Description . . . . . . . . . . . : TP-LINK 150Mbps Wireless Lite N Adapter
Physical Address. . . . . . . . . : F8-D1-11-0A-C5-7E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6c2d:4c71:8cb8:e8b7%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, August 02, 2012 8:46:09 PM
Lease Expires . . . . . . . . . . : Friday, August 03, 2012 8:46:09 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 335073553
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-CB-6D-F8-54-04-A6-4A-98-B8
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.nh.comcast.net.
Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
Physical Address. . . . . . . . . : 54-04-A6-4A-98-B8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.nh.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.nh.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:18c9:33c8:3f57:fe9a(Preferred)
Link-local IPv6 Address . . . . . : fe80::18c9:33c8:3f57:fe9a%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:4006:801::1007
173.194.43.3
173.194.43.7
173.194.43.0
173.194.43.2
173.194.43.1
173.194.43.5
173.194.43.8
173.194.43.14
173.194.43.4
173.194.43.9
173.194.43.6


Pinging google.com [74.125.226.226] with 32 bytes of data:
Reply from 74.125.226.226: bytes=32 time=41ms TTL=53
Reply from 74.125.226.226: bytes=32 time=38ms TTL=53

Ping statistics for 74.125.226.226:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 38ms, Maximum = 41ms, Average = 39ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=109ms TTL=48
Reply from 72.30.38.140: bytes=32 time=190ms TTL=48

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 109ms, Maximum = 190ms, Average = 149ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...fe d1 11 0a c5 7e ......Microsoft Virtual WiFi Miniport Adapter
13...f8 d1 11 0a c5 7e ......TP-LINK 150Mbps Wireless Lite N Adapter
11...54 04 a6 4a 98 b8 ......Intel® 82579V Gigabit Network Connection
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 281
192.168.1.101 255.255.255.255 On-link 192.168.1.101 281
192.168.1.255 255.255.255.255 On-link 192.168.1.101 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:9d38:953c:18c9:33c8:3f57:fe9a/128
On-link
13 281 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::18c9:33c8:3f57:fe9a/128
On-link
13 281 fe80::6c2d:4c71:8cb8:e8b7/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/02/2012 08:47:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2012 11:02:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2012 08:32:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2012 05:22:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2012 00:20:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2012 10:47:46 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2012 10:49:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2012 07:33:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2012 05:54:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2012 05:05:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/02/2012 08:47:05 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/02/2012 08:46:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (08/01/2012 11:01:30 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/01/2012 11:00:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (08/01/2012 08:31:34 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/01/2012 08:30:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (08/01/2012 05:21:38 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/01/2012 05:20:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126

Error: (08/01/2012 00:19:31 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/01/2012 00:18:32 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Reader X (10.1.3) (Version: 10.1.3)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.1)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70611.1329)
BitTorrent (Version: 7.6.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0611.1251.21046)
Catalyst Control Center Graphics Previews Common (Version: 2012.0611.1251.21046)
Catalyst Control Center InstallProxy (Version: 2012.0611.1251.21046)
Catalyst Control Center Localization All (Version: 2012.0611.1251.21046)
ccc-utility64 (Version: 2012.0611.1251.21046)
CCC Help Chinese Standard (Version: 2012.0611.1250.21046)
CCC Help Chinese Traditional (Version: 2012.0611.1250.21046)
CCC Help Czech (Version: 2012.0611.1250.21046)
CCC Help Danish (Version: 2012.0611.1250.21046)
CCC Help Dutch (Version: 2012.0611.1250.21046)
CCC Help English (Version: 2012.0611.1250.21046)
CCC Help Finnish (Version: 2012.0611.1250.21046)
CCC Help French (Version: 2012.0611.1250.21046)
CCC Help German (Version: 2012.0611.1250.21046)
CCC Help Greek (Version: 2012.0611.1250.21046)
CCC Help Hungarian (Version: 2012.0611.1250.21046)
CCC Help Italian (Version: 2012.0611.1250.21046)
CCC Help Japanese (Version: 2012.0611.1250.21046)
CCC Help Korean (Version: 2012.0611.1250.21046)
CCC Help Norwegian (Version: 2012.0611.1250.21046)
CCC Help Polish (Version: 2012.0611.1250.21046)
CCC Help Portuguese (Version: 2012.0611.1250.21046)
CCC Help Russian (Version: 2012.0611.1250.21046)
CCC Help Spanish (Version: 2012.0611.1250.21046)
CCC Help Swedish (Version: 2012.0611.1250.21046)
CCC Help Thai (Version: 2012.0611.1250.21046)
CCC Help Turkish (Version: 2012.0611.1250.21046)
CCleaner (Version: 3.20)
CPUID HWMonitor 1.19
Dropbox (Version: 1.4.7)
ESET Online Scanner v3
GameStop App (Version: 4.00)
Google Chrome (Version: 20.0.1132.57)
HP Photosmart Plus B210 series Basic Device Software (Version: 22.50.231.0)
HP Photosmart Plus B210 series Help (Version: 140.0.54.54)
Intel® Network Connections 15.6.25.0 (Version: 15.6.25.0)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 4 (64-bit) (Version: 7.0.40)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
McAfee Security Scan Plus (Version: 3.0.207.4)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
Norton Internet Security (Version: 19.7.1.5)
PerformanceTest v7.0 (64-bit) (Version: 7.0)
The Witcher 2 (Version: 1.00.0000)
The Witcher 2 Premium Edition Extras
The Witcher 2: Bonus Content
TP-LINK Wireless Client Utility (Version: 7.0)
TPDesign4 (Version: 3.2.0.661)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.0 (Version: 2.0.0)
WModem Driver Installer (Version: 2.0.6.9)

========================= Devices: ================================

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 8167.13 MB
Available physical RAM: 6007.27 MB
Total Pagefile: 16332.44 MB
Available Pagefile: 14051.5 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.75 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:119.14 GB) (Free:33.44 GB) NTFS
2 Drive d: (PortraitCD) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS
3 Drive e: (STORAGE) (Fixed) (Total:298.09 GB) (Free:101.23 GB) NTFS

========================= Users: ========================================

User accounts for \\CRAIGGAMING-PC

Administrator Craig Gaming Guest


**** End of log ****






Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.03.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Craig Gaming :: CRAIGGAMING-PC [administrator]

8/2/2012 11:46:58 PM
mbam-log-2012-08-02 (23-46-58).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 193455
Time elapsed: 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Edited by 1sty, 02 August 2012 - 10:47 PM.


#4 1sty

1sty
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 10 August 2012 - 08:24 PM

no love?

#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:03:48 PM

Posted 10 August 2012 - 09:54 PM

I don't see anything malicious.

Which browser is getting redirected?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 1sty

1sty
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 12 August 2012 - 09:51 AM

Chrome and Firefox.
those are the only ones I use

#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:03:48 PM

Posted 12 August 2012 - 10:57 AM

Please check if IE is getting redirected as well.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users