Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE Redirect Virus


  • Please log in to reply
3 replies to this topic

#1 amalgam

amalgam

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 30 July 2012 - 11:43 AM

Hello everyone,

New to the community.

I'm getting a redirect virus when using google or bing on Internet Explorer, but not when doing similar searches using FF. I'm running Windows 7.

So far I've been redirected to these IPs:

109.206.160.225
217.159.171.218

I use MS Security Essentials, and have downloaded and used Malwarebytes Anti-Malware, Spybot S&D, and HitmanPro, but the problem persists.

Thank you in advance.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:46 AM

Posted 30 July 2012 - 11:45 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 amalgam

amalgam
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 30 July 2012 - 04:01 PM

TDSSkiller
12:50:12.0259 3860 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
12:50:12.0494 3860 ============================================================
12:50:12.0494 3860 Current date / time: 2012/07/30 12:50:12.0494
12:50:12.0494 3860 SystemInfo:
12:50:12.0494 3860
12:50:12.0494 3860 OS Version: 6.1.7601 ServicePack: 1.0
12:50:12.0494 3860 Product type: Workstation
12:50:12.0494 3860 ComputerName: LEONARDO-LAPTOP
12:50:12.0494 3860 UserName: Leonardo
12:50:12.0494 3860 Windows directory: C:\Windows
12:50:12.0494 3860 System windows directory: C:\Windows
12:50:12.0494 3860 Running under WOW64
12:50:12.0494 3860 Processor architecture: Intel x64
12:50:12.0494 3860 Number of processors: 2
12:50:12.0494 3860 Page size: 0x1000
12:50:12.0494 3860 Boot type: Normal boot
12:50:12.0494 3860 ============================================================
12:50:13.0517 3860 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:50:13.0548 3860 ============================================================
12:50:13.0548 3860 \Device\Harddisk0\DR0:
12:50:13.0549 3860 MBR partitions:
12:50:13.0549 3860 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x38971800
12:50:13.0549 3860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x38972000, BlocksNum 0x1A12800
12:50:13.0549 3860 ============================================================
12:50:13.0598 3860 C: <-> \Device\Harddisk0\DR0\Partition0
12:50:13.0658 3860 D: <-> \Device\Harddisk0\DR0\Partition1
12:50:13.0658 3860 ============================================================
12:50:13.0658 3860 Initialize success
12:50:13.0658 3860 ============================================================
12:50:50.0067 3000 ============================================================
12:50:50.0067 3000 Scan started
12:50:50.0067 3000 Mode: Manual; TDLFS;
12:50:50.0067 3000 ============================================================
12:50:50.0454 3000 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:50:50.0458 3000 1394ohci - ok
12:50:50.0510 3000 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
12:50:50.0512 3000 Accelerometer - ok
12:50:50.0569 3000 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:50:50.0582 3000 ACPI - ok
12:50:50.0638 3000 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:50:50.0641 3000 AcpiPmi - ok
12:50:50.0732 3000 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:50:50.0765 3000 adp94xx - ok
12:50:50.0789 3000 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:50:50.0803 3000 adpahci - ok
12:50:50.0824 3000 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:50:50.0828 3000 adpu320 - ok
12:50:50.0862 3000 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:50:50.0864 3000 AeLookupSvc - ok
12:50:50.0982 3000 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe
12:50:50.0984 3000 AESTFilters - ok
12:50:51.0066 3000 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:50:51.0083 3000 AFD - ok
12:50:51.0149 3000 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:50:51.0151 3000 agp440 - ok
12:50:51.0187 3000 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:50:51.0190 3000 ALG - ok
12:50:51.0228 3000 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:50:51.0230 3000 aliide - ok
12:50:51.0252 3000 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:50:51.0255 3000 amdide - ok
12:50:51.0295 3000 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:50:51.0298 3000 AmdK8 - ok
12:50:51.0315 3000 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:50:51.0318 3000 AmdPPM - ok
12:50:51.0350 3000 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:50:51.0353 3000 amdsata - ok
12:50:51.0388 3000 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:50:51.0392 3000 amdsbs - ok
12:50:51.0407 3000 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:50:51.0410 3000 amdxata - ok
12:50:51.0472 3000 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:50:51.0474 3000 AppID - ok
12:50:51.0498 3000 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:50:51.0502 3000 AppIDSvc - ok
12:50:51.0535 3000 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:50:51.0538 3000 Appinfo - ok
12:50:51.0585 3000 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:50:51.0588 3000 arc - ok
12:50:51.0606 3000 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:50:51.0609 3000 arcsas - ok
12:50:51.0653 3000 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:50:51.0656 3000 AsyncMac - ok
12:50:51.0714 3000 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:50:51.0716 3000 atapi - ok
12:50:51.0774 3000 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:50:51.0823 3000 AudioEndpointBuilder - ok
12:50:51.0832 3000 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:50:51.0837 3000 AudioSrv - ok
12:50:51.0935 3000 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:50:51.0938 3000 AxInstSV - ok
12:50:52.0029 3000 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:50:52.0058 3000 b06bdrv - ok
12:50:52.0087 3000 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:50:52.0102 3000 b57nd60a - ok
12:50:52.0157 3000 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:50:52.0160 3000 BDESVC - ok
12:50:52.0175 3000 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:50:52.0178 3000 Beep - ok
12:50:52.0265 3000 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
12:50:52.0295 3000 BFE - ok
12:50:52.0344 3000 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
12:50:52.0385 3000 BITS - ok
12:50:52.0438 3000 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:50:52.0441 3000 blbdrive - ok
12:50:52.0457 3000 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:50:52.0460 3000 bowser - ok
12:50:52.0479 3000 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:50:52.0481 3000 BrFiltLo - ok
12:50:52.0491 3000 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:50:52.0494 3000 BrFiltUp - ok
12:50:52.0553 3000 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:50:52.0557 3000 Browser - ok
12:50:52.0585 3000 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:50:52.0596 3000 Brserid - ok
12:50:52.0611 3000 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:50:52.0613 3000 BrSerWdm - ok
12:50:52.0627 3000 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:50:52.0629 3000 BrUsbMdm - ok
12:50:52.0641 3000 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:50:52.0643 3000 BrUsbSer - ok
12:50:52.0707 3000 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
12:50:52.0709 3000 BthEnum - ok
12:50:52.0723 3000 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:50:52.0726 3000 BTHMODEM - ok
12:50:52.0755 3000 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
12:50:52.0758 3000 BthPan - ok
12:50:52.0794 3000 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
12:50:52.0811 3000 BTHPORT - ok
12:50:52.0874 3000 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:50:52.0878 3000 bthserv - ok
12:50:52.0922 3000 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
12:50:52.0925 3000 BTHUSB - ok
12:50:52.0941 3000 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:50:52.0944 3000 cdfs - ok
12:50:53.0001 3000 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:50:53.0006 3000 cdrom - ok
12:50:53.0075 3000 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:50:53.0077 3000 CertPropSvc - ok
12:50:53.0126 3000 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:50:53.0128 3000 circlass - ok
12:50:53.0149 3000 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:50:53.0165 3000 CLFS - ok
12:50:53.0255 3000 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:50:53.0259 3000 clr_optimization_v2.0.50727_32 - ok
12:50:53.0328 3000 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:50:53.0331 3000 clr_optimization_v2.0.50727_64 - ok
12:50:53.0416 3000 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:50:53.0419 3000 clr_optimization_v4.0.30319_32 - ok
12:50:53.0456 3000 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:50:53.0484 3000 clr_optimization_v4.0.30319_64 - ok
12:50:53.0523 3000 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:50:53.0526 3000 CmBatt - ok
12:50:53.0563 3000 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:50:53.0565 3000 cmdide - ok
12:50:53.0612 3000 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
12:50:53.0625 3000 CNG - ok
12:50:53.0786 3000 Com4QLBEx (f9a79c5b27037821112c50a9c8fb367a) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
12:50:53.0800 3000 Com4QLBEx - ok
12:50:53.0851 3000 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:50:53.0854 3000 Compbatt - ok
12:50:53.0894 3000 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:50:53.0896 3000 CompositeBus - ok
12:50:53.0916 3000 COMSysApp - ok
12:50:53.0947 3000 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:50:53.0949 3000 crcdisk - ok
12:50:53.0986 3000 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
12:50:53.0991 3000 CryptSvc - ok
12:50:54.0048 3000 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:50:54.0065 3000 DcomLaunch - ok
12:50:54.0109 3000 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:50:54.0120 3000 defragsvc - ok
12:50:54.0155 3000 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:50:54.0158 3000 DfsC - ok
12:50:54.0226 3000 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:50:54.0242 3000 Dhcp - ok
12:50:54.0252 3000 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:50:54.0254 3000 discache - ok
12:50:54.0318 3000 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:50:54.0321 3000 Disk - ok
12:50:54.0353 3000 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:50:54.0357 3000 Dnscache - ok
12:50:54.0399 3000 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:50:54.0408 3000 dot3svc - ok
12:50:54.0471 3000 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
12:50:54.0475 3000 dot4 - ok
12:50:54.0529 3000 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
12:50:54.0531 3000 Dot4Print - ok
12:50:54.0549 3000 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys
12:50:54.0551 3000 Dot4Scan - ok
12:50:54.0580 3000 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
12:50:54.0582 3000 dot4usb - ok
12:50:54.0601 3000 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:50:54.0605 3000 DPS - ok
12:50:54.0663 3000 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:50:54.0665 3000 drmkaud - ok
12:50:54.0731 3000 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:50:54.0779 3000 DXGKrnl - ok
12:50:54.0818 3000 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:50:54.0821 3000 EapHost - ok
12:50:54.0975 3000 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:50:55.0071 3000 ebdrv - ok
12:50:55.0192 3000 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:50:55.0195 3000 EFS - ok
12:50:55.0282 3000 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:50:55.0330 3000 ehRecvr - ok
12:50:55.0369 3000 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:50:55.0372 3000 ehSched - ok
12:50:55.0455 3000 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:50:55.0483 3000 elxstor - ok
12:50:55.0540 3000 enecir (524c79054636d2e5751169005006460b) C:\Windows\system32\DRIVERS\enecir.sys
12:50:55.0543 3000 enecir - ok
12:50:55.0579 3000 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:50:55.0582 3000 ErrDev - ok
12:50:55.0664 3000 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:50:55.0680 3000 EventSystem - ok
12:50:55.0702 3000 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:50:55.0706 3000 exfat - ok
12:50:55.0732 3000 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:50:55.0737 3000 fastfat - ok
12:50:55.0818 3000 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:50:55.0851 3000 Fax - ok
12:50:55.0868 3000 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:50:55.0870 3000 fdc - ok
12:50:55.0886 3000 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:50:55.0888 3000 fdPHost - ok
12:50:55.0901 3000 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:50:55.0904 3000 FDResPub - ok
12:50:55.0916 3000 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:50:55.0919 3000 FileInfo - ok
12:50:55.0933 3000 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:50:55.0935 3000 Filetrace - ok
12:50:55.0946 3000 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:50:55.0948 3000 flpydisk - ok
12:50:55.0991 3000 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:50:56.0009 3000 FltMgr - ok
12:50:56.0072 3000 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:50:56.0102 3000 FontCache - ok
12:50:56.0197 3000 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:50:56.0200 3000 FontCache3.0.0.0 - ok
12:50:56.0231 3000 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:50:56.0234 3000 FsDepends - ok
12:50:56.0255 3000 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:50:56.0255 3000 Fs_Rec - ok
12:50:56.0332 3000 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:50:56.0336 3000 fvevol - ok
12:50:56.0388 3000 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:50:56.0391 3000 gagp30kx - ok
12:50:56.0538 3000 getPlusHelper (0879dc7444a201df84e69c5dd5083d61) C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll
12:50:56.0542 3000 getPlusHelper - ok
12:50:56.0598 3000 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:50:56.0641 3000 gpsvc - ok
12:50:56.0655 3000 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:50:56.0657 3000 hcw85cir - ok
12:50:56.0716 3000 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:50:56.0719 3000 HDAudBus - ok
12:50:56.0732 3000 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:50:56.0734 3000 HidBatt - ok
12:50:56.0752 3000 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:50:56.0755 3000 HidBth - ok
12:50:56.0811 3000 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:50:56.0813 3000 HidIr - ok
12:50:56.0844 3000 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
12:50:56.0847 3000 hidserv - ok
12:50:56.0893 3000 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
12:50:56.0896 3000 HidUsb - ok
12:50:56.0937 3000 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:50:56.0940 3000 hkmsvc - ok
12:50:56.0982 3000 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:50:56.0993 3000 HomeGroupListener - ok
12:50:57.0034 3000 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:50:57.0040 3000 HomeGroupProvider - ok
12:50:57.0146 3000 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
12:50:57.0149 3000 HP Health Check Service - ok
12:50:57.0211 3000 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
12:50:57.0215 3000 hpdskflt - ok
12:50:57.0235 3000 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
12:50:57.0237 3000 HpqKbFiltr - ok
12:50:57.0312 3000 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
12:50:57.0324 3000 hpqwmiex - ok
12:50:57.0390 3000 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:50:57.0393 3000 HpSAMD - ok
12:50:57.0423 3000 hpsrv (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\Windows\system32\Hpservice.exe
12:50:57.0432 3000 hpsrv - ok
12:50:57.0525 3000 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:50:57.0572 3000 HTTP - ok
12:50:57.0606 3000 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:50:57.0606 3000 hwpolicy - ok
12:50:57.0624 3000 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:50:57.0627 3000 i8042prt - ok
12:50:57.0724 3000 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
12:50:57.0740 3000 IAANTMON - ok
12:50:57.0812 3000 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
12:50:57.0814 3000 iaStor - ok
12:50:57.0875 3000 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:50:57.0891 3000 iaStorV - ok
12:50:57.0971 3000 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:50:57.0974 3000 IDriverT - ok
12:50:58.0115 3000 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:50:58.0172 3000 idsvc - ok
12:50:58.0539 3000 igfx (3c3f27002abc69c5afe29cbe6cf7addf) C:\Windows\system32\DRIVERS\igdkmd64.sys
12:50:58.0606 3000 igfx - ok
12:50:58.0769 3000 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:50:58.0771 3000 iirsp - ok
12:50:58.0844 3000 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:50:58.0884 3000 IKEEXT - ok
12:50:58.0907 3000 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
12:50:58.0908 3000 IntcHdmiAddService - ok
12:50:58.0942 3000 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:50:58.0944 3000 intelide - ok
12:50:58.0981 3000 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:50:58.0983 3000 intelppm - ok
12:50:59.0021 3000 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:50:59.0024 3000 IPBusEnum - ok
12:50:59.0059 3000 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:50:59.0062 3000 IpFilterDriver - ok
12:50:59.0097 3000 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
12:50:59.0115 3000 iphlpsvc - ok
12:50:59.0130 3000 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:50:59.0133 3000 IPMIDRV - ok
12:50:59.0153 3000 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:50:59.0156 3000 IPNAT - ok
12:50:59.0203 3000 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:50:59.0205 3000 IRENUM - ok
12:50:59.0226 3000 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:50:59.0228 3000 isapnp - ok
12:50:59.0262 3000 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:50:59.0275 3000 iScsiPrt - ok
12:50:59.0318 3000 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
12:50:59.0320 3000 kbdclass - ok
12:50:59.0331 3000 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:50:59.0333 3000 kbdhid - ok
12:50:59.0368 3000 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:50:59.0369 3000 KeyIso - ok
12:50:59.0407 3000 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
12:50:59.0408 3000 KSecDD - ok
12:50:59.0430 3000 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
12:50:59.0431 3000 KSecPkg - ok
12:50:59.0449 3000 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:50:59.0452 3000 ksthunk - ok
12:50:59.0506 3000 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:50:59.0521 3000 KtmRm - ok
12:50:59.0568 3000 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
12:50:59.0584 3000 LanmanServer - ok
12:50:59.0626 3000 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:50:59.0631 3000 LanmanWorkstation - ok
12:50:59.0733 3000 LightScribeService (abf90fc5a127f481219b873c1b8dfc1c) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:50:59.0735 3000 LightScribeService - ok
12:50:59.0784 3000 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:50:59.0787 3000 lltdio - ok
12:50:59.0813 3000 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:50:59.0829 3000 lltdsvc - ok
12:50:59.0843 3000 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:50:59.0846 3000 lmhosts - ok
12:50:59.0898 3000 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:50:59.0901 3000 LSI_FC - ok
12:50:59.0939 3000 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:50:59.0942 3000 LSI_SAS - ok
12:50:59.0956 3000 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:50:59.0958 3000 LSI_SAS2 - ok
12:50:59.0975 3000 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:50:59.0978 3000 LSI_SCSI - ok
12:51:00.0000 3000 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:51:00.0003 3000 luafv - ok
12:51:00.0043 3000 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:51:00.0047 3000 Mcx2Svc - ok
12:51:00.0076 3000 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:51:00.0078 3000 megasas - ok
12:51:00.0108 3000 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:51:00.0122 3000 MegaSR - ok
12:51:00.0171 3000 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:51:00.0174 3000 MMCSS - ok
12:51:00.0194 3000 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:51:00.0197 3000 Modem - ok
12:51:00.0265 3000 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:51:00.0266 3000 monitor - ok
12:51:00.0330 3000 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
12:51:00.0332 3000 mouclass - ok
12:51:00.0411 3000 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:51:00.0414 3000 mouhid - ok
12:51:00.0455 3000 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:51:00.0458 3000 mountmgr - ok
12:51:00.0570 3000 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:51:00.0571 3000 MozillaMaintenance - ok
12:51:00.0680 3000 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
12:51:00.0682 3000 MpFilter - ok
12:51:00.0716 3000 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:51:00.0720 3000 mpio - ok
12:51:00.0749 3000 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:51:00.0761 3000 mpsdrv - ok
12:51:00.0831 3000 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
12:51:00.0875 3000 MpsSvc - ok
12:51:00.0923 3000 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:51:00.0927 3000 MRxDAV - ok
12:51:00.0969 3000 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:51:00.0972 3000 mrxsmb - ok
12:51:01.0011 3000 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:51:01.0026 3000 mrxsmb10 - ok
12:51:01.0044 3000 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:51:01.0048 3000 mrxsmb20 - ok
12:51:01.0057 3000 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:51:01.0057 3000 msahci - ok
12:51:01.0090 3000 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:51:01.0094 3000 msdsm - ok
12:51:01.0139 3000 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:51:01.0144 3000 MSDTC - ok
12:51:01.0210 3000 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:51:01.0212 3000 Msfs - ok
12:51:01.0257 3000 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:51:01.0259 3000 mshidkmdf - ok
12:51:01.0273 3000 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:51:01.0276 3000 msisadrv - ok
12:51:01.0317 3000 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:51:01.0321 3000 MSiSCSI - ok
12:51:01.0326 3000 msiserver - ok
12:51:01.0372 3000 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:51:01.0375 3000 MSKSSRV - ok
12:51:01.0465 3000 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:51:01.0465 3000 MsMpSvc - ok
12:51:01.0480 3000 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:51:01.0482 3000 MSPCLOCK - ok
12:51:01.0500 3000 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:51:01.0502 3000 MSPQM - ok
12:51:01.0550 3000 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:51:01.0564 3000 MsRPC - ok
12:51:01.0598 3000 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:51:01.0600 3000 mssmbios - ok
12:51:01.0652 3000 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:51:01.0654 3000 MSTEE - ok
12:51:01.0671 3000 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:51:01.0674 3000 MTConfig - ok
12:51:01.0746 3000 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:51:01.0749 3000 Mup - ok
12:51:01.0780 3000 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:51:01.0798 3000 napagent - ok
12:51:01.0868 3000 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:51:01.0882 3000 NativeWifiP - ok
12:51:01.0960 3000 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:51:02.0021 3000 NDIS - ok
12:51:02.0038 3000 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:51:02.0040 3000 NdisCap - ok
12:51:02.0111 3000 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:51:02.0113 3000 NdisTapi - ok
12:51:02.0171 3000 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:51:02.0174 3000 Ndisuio - ok
12:51:02.0207 3000 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:51:02.0210 3000 NdisWan - ok
12:51:02.0240 3000 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:51:02.0242 3000 NDProxy - ok
12:51:02.0254 3000 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:51:02.0257 3000 NetBIOS - ok
12:51:02.0278 3000 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:51:02.0288 3000 NetBT - ok
12:51:02.0322 3000 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:51:02.0323 3000 Netlogon - ok
12:51:02.0398 3000 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:51:02.0414 3000 Netman - ok
12:51:02.0448 3000 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:51:02.0460 3000 netprofm - ok
12:51:02.0569 3000 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:51:02.0572 3000 NetTcpPortSharing - ok
12:51:02.0914 3000 NETw5s64 (39ede676d17f37af4573c2b33ec28aca) C:\Windows\system32\DRIVERS\NETw5s64.sys
12:51:02.0956 3000 NETw5s64 - ok
12:51:03.0294 3000 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
12:51:03.0393 3000 netw5v64 - ok
12:51:03.0556 3000 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:51:03.0558 3000 nfrd960 - ok
12:51:03.0580 3000 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:51:03.0583 3000 NisDrv - ok
12:51:03.0697 3000 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
12:51:03.0710 3000 NisSrv - ok
12:51:03.0777 3000 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:51:03.0791 3000 NlaSvc - ok
12:51:03.0807 3000 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:51:03.0810 3000 Npfs - ok
12:51:03.0847 3000 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:51:03.0850 3000 nsi - ok
12:51:03.0865 3000 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:51:03.0865 3000 nsiproxy - ok
12:51:03.0959 3000 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:51:04.0032 3000 Ntfs - ok
12:51:04.0146 3000 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:51:04.0148 3000 Null - ok
12:51:04.0185 3000 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:51:04.0189 3000 nvraid - ok
12:51:04.0212 3000 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:51:04.0215 3000 nvstor - ok
12:51:04.0257 3000 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:51:04.0260 3000 nv_agp - ok
12:51:04.0273 3000 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:51:04.0277 3000 ohci1394 - ok
12:51:04.0371 3000 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:51:04.0374 3000 ose - ok
12:51:04.0423 3000 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:51:04.0439 3000 p2pimsvc - ok
12:51:04.0469 3000 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:51:04.0482 3000 p2psvc - ok
12:51:04.0518 3000 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:51:04.0521 3000 Parport - ok
12:51:04.0559 3000 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
12:51:04.0559 3000 partmgr - ok
12:51:04.0581 3000 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:51:04.0585 3000 PcaSvc - ok
12:51:04.0606 3000 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:51:04.0609 3000 pci - ok
12:51:04.0634 3000 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:51:04.0637 3000 pciide - ok
12:51:04.0675 3000 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:51:04.0686 3000 pcmcia - ok
12:51:04.0701 3000 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:51:04.0703 3000 pcw - ok
12:51:04.0739 3000 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:51:04.0756 3000 PEAUTH - ok
12:51:04.0840 3000 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:51:04.0843 3000 PerfHost - ok
12:51:04.0994 3000 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:51:05.0031 3000 pla - ok
12:51:05.0105 3000 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:51:05.0120 3000 PlugPlay - ok
12:51:05.0151 3000 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:51:05.0154 3000 PNRPAutoReg - ok
12:51:05.0182 3000 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:51:05.0185 3000 PNRPsvc - ok
12:51:05.0247 3000 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:51:05.0265 3000 PolicyAgent - ok
12:51:05.0311 3000 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:51:05.0317 3000 Power - ok
12:51:05.0401 3000 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:51:05.0404 3000 PptpMiniport - ok
12:51:05.0444 3000 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:51:05.0446 3000 Processor - ok
12:51:05.0512 3000 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
12:51:05.0523 3000 ProfSvc - ok
12:51:05.0564 3000 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:51:05.0566 3000 ProtectedStorage - ok
12:51:05.0602 3000 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:51:05.0605 3000 Psched - ok
12:51:05.0633 3000 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\Windows\system32\Drivers\PxHlpa64.sys
12:51:05.0633 3000 PxHlpa64 - ok
12:51:05.0720 3000 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:51:05.0788 3000 ql2300 - ok
12:51:05.0910 3000 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:51:05.0913 3000 ql40xx - ok
12:51:05.0950 3000 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:51:05.0966 3000 QWAVE - ok
12:51:05.0985 3000 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:51:05.0988 3000 QWAVEdrv - ok
12:51:06.0003 3000 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:51:06.0006 3000 RasAcd - ok
12:51:06.0062 3000 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:51:06.0064 3000 RasAgileVpn - ok
12:51:06.0080 3000 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:51:06.0084 3000 RasAuto - ok
12:51:06.0122 3000 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:51:06.0125 3000 Rasl2tp - ok
12:51:06.0155 3000 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:51:06.0171 3000 RasMan - ok
12:51:06.0188 3000 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:51:06.0190 3000 RasPppoe - ok
12:51:06.0208 3000 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:51:06.0211 3000 RasSstp - ok
12:51:06.0262 3000 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:51:06.0279 3000 rdbss - ok
12:51:06.0293 3000 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:51:06.0295 3000 rdpbus - ok
12:51:06.0307 3000 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:51:06.0308 3000 RDPCDD - ok
12:51:06.0355 3000 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:51:06.0356 3000 RDPENCDD - ok
12:51:06.0369 3000 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:51:06.0370 3000 RDPREFMP - ok
12:51:06.0409 3000 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
12:51:06.0410 3000 RDPWD - ok
12:51:06.0444 3000 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:51:06.0448 3000 rdyboost - ok
12:51:06.0543 3000 Recovery Service for Windows (bc0a4d47472b042537f4e57b950415fa) C:\Program Files (x86)\SMINST\BLService.exe
12:51:06.0546 3000 Recovery Service for Windows - ok
12:51:06.0585 3000 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:51:06.0589 3000 RemoteAccess - ok
12:51:06.0629 3000 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:51:06.0634 3000 RemoteRegistry - ok
12:51:06.0693 3000 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
12:51:06.0698 3000 RFCOMM - ok
12:51:06.0777 3000 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
12:51:06.0791 3000 RichVideo - ok
12:51:06.0846 3000 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:51:06.0859 3000 RpcEptMapper - ok
12:51:06.0878 3000 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:51:06.0880 3000 RpcLocator - ok
12:51:06.0928 3000 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:51:06.0933 3000 RpcSs - ok
12:51:06.0995 3000 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:51:06.0998 3000 rspndr - ok
12:51:07.0078 3000 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
12:51:07.0094 3000 RTL8167 - ok
12:51:07.0137 3000 RTL8169 (dfadcae64aebe2c67da9cd2ae74ccde5) C:\Windows\system32\DRIVERS\Rtlh64.sys
12:51:07.0138 3000 RTL8169 - ok
12:51:07.0150 3000 RTSTOR (4ad8464fece8ebe276d4a7d75e418452) C:\Windows\system32\drivers\RTSTOR64.SYS
12:51:07.0151 3000 RTSTOR - ok
12:51:07.0181 3000 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:51:07.0183 3000 SamSs - ok
12:51:07.0219 3000 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:51:07.0222 3000 sbp2port - ok
12:51:07.0391 3000 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
12:51:07.0465 3000 SBSDWSCService - ok
12:51:07.0497 3000 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:51:07.0502 3000 SCardSvr - ok
12:51:07.0561 3000 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:51:07.0563 3000 scfilter - ok
12:51:07.0632 3000 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:51:07.0658 3000 Schedule - ok
12:51:07.0696 3000 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:51:07.0697 3000 SCPolicySvc - ok
12:51:07.0723 3000 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:51:07.0728 3000 SDRSVC - ok
12:51:07.0792 3000 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:51:07.0795 3000 secdrv - ok
12:51:07.0825 3000 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:51:07.0829 3000 seclogon - ok
12:51:07.0849 3000 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
12:51:07.0853 3000 SENS - ok
12:51:07.0894 3000 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:51:07.0899 3000 SensrSvc - ok
12:51:07.0913 3000 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:51:07.0915 3000 Serenum - ok
12:51:07.0962 3000 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:51:07.0966 3000 Serial - ok
12:51:07.0998 3000 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:51:08.0001 3000 sermouse - ok
12:51:08.0038 3000 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:51:08.0043 3000 SessionEnv - ok
12:51:08.0057 3000 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:51:08.0059 3000 sffdisk - ok
12:51:08.0072 3000 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:51:08.0074 3000 sffp_mmc - ok
12:51:08.0086 3000 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:51:08.0088 3000 sffp_sd - ok
12:51:08.0096 3000 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:51:08.0098 3000 sfloppy - ok
12:51:08.0171 3000 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:51:08.0187 3000 SharedAccess - ok
12:51:08.0233 3000 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:51:08.0248 3000 ShellHWDetection - ok
12:51:08.0298 3000 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:51:08.0301 3000 SiSRaid2 - ok
12:51:08.0318 3000 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:51:08.0321 3000 SiSRaid4 - ok
12:51:08.0372 3000 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:51:08.0376 3000 Smb - ok
12:51:08.0437 3000 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:51:08.0440 3000 SNMPTRAP - ok
12:51:08.0452 3000 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:51:08.0454 3000 spldr - ok
12:51:08.0492 3000 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:51:08.0512 3000 Spooler - ok
12:51:08.0677 3000 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:51:08.0770 3000 sppsvc - ok
12:51:08.0888 3000 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:51:08.0892 3000 sppuinotify - ok
12:51:08.0979 3000 sptd (88e5162e58c8919cc873f5d8946197cf) C:\Windows\system32\Drivers\sptd.sys
12:51:08.0984 3000 sptd - ok
12:51:09.0035 3000 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:51:09.0049 3000 srv - ok
12:51:09.0101 3000 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:51:09.0116 3000 srv2 - ok
12:51:09.0139 3000 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:51:09.0143 3000 srvnet - ok
12:51:09.0198 3000 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:51:09.0203 3000 SSDPSRV - ok
12:51:09.0217 3000 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:51:09.0221 3000 SstpSvc - ok
12:51:09.0349 3000 STacSV (2185595c6663660fdc90f5a2a79e2155) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe
12:51:09.0359 3000 STacSV - ok
12:51:09.0390 3000 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:51:09.0392 3000 stexstor - ok
12:51:09.0428 3000 STHDA (8d1ce4322a35f840711b87927cb57c05) C:\Windows\system32\DRIVERS\stwrt64.sys
12:51:09.0431 3000 STHDA - ok
12:51:09.0513 3000 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:51:09.0533 3000 stisvc - ok
12:51:09.0570 3000 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:51:09.0572 3000 swenum - ok
12:51:09.0619 3000 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:51:09.0647 3000 swprv - ok
12:51:09.0704 3000 SynTP (3a706a967295e16511e40842b1a2761d) C:\Windows\system32\DRIVERS\SynTP.sys
12:51:09.0706 3000 SynTP - ok
12:51:09.0804 3000 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:51:09.0840 3000 SysMain - ok
12:51:09.0989 3000 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:51:09.0994 3000 TabletInputService - ok
12:51:10.0025 3000 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:51:10.0041 3000 TapiSrv - ok
12:51:10.0056 3000 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:51:10.0059 3000 TBS - ok
12:51:10.0170 3000 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:51:10.0182 3000 Tcpip - ok
12:51:10.0352 3000 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:51:10.0363 3000 TCPIP6 - ok
12:51:10.0451 3000 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:51:10.0454 3000 tcpipreg - ok
12:51:10.0494 3000 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:51:10.0497 3000 TDPIPE - ok
12:51:10.0526 3000 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:51:10.0528 3000 TDTCP - ok
12:51:10.0592 3000 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:51:10.0595 3000 tdx - ok
12:51:10.0626 3000 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:51:10.0628 3000 TermDD - ok
12:51:10.0689 3000 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:51:10.0707 3000 TermService - ok
12:51:10.0741 3000 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:51:10.0745 3000 Themes - ok
12:51:10.0781 3000 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:51:10.0783 3000 THREADORDER - ok
12:51:10.0804 3000 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:51:10.0808 3000 TrkWks - ok
12:51:10.0879 3000 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:51:10.0882 3000 TrustedInstaller - ok
12:51:10.0915 3000 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:51:10.0917 3000 tssecsrv - ok
12:51:10.0984 3000 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:51:10.0987 3000 TsUsbFlt - ok
12:51:11.0046 3000 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:51:11.0049 3000 tunnel - ok
12:51:11.0184 3000 TVCapSvc (1c31169dddc70c1605f703da701eaeea) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
12:51:11.0187 3000 TVCapSvc - ok
12:51:11.0204 3000 TVSched (290b8c381dbc15d3dbcbd2bdb6b0ba12) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
12:51:11.0205 3000 TVSched - ok
12:51:11.0240 3000 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:51:11.0242 3000 uagp35 - ok
12:51:11.0284 3000 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:51:11.0300 3000 udfs - ok
12:51:11.0335 3000 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:51:11.0339 3000 UI0Detect - ok
12:51:11.0405 3000 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:51:11.0407 3000 uliagpkx - ok
12:51:11.0456 3000 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:51:11.0459 3000 umbus - ok
12:51:11.0468 3000 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:51:11.0470 3000 UmPass - ok
12:51:11.0497 3000 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:51:11.0513 3000 upnphost - ok
12:51:11.0532 3000 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:51:11.0536 3000 usbccgp - ok
12:51:11.0552 3000 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:51:11.0555 3000 usbcir - ok
12:51:11.0573 3000 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
12:51:11.0575 3000 usbehci - ok
12:51:11.0601 3000 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:51:11.0614 3000 usbhub - ok
12:51:11.0627 3000 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
12:51:11.0630 3000 usbohci - ok
12:51:11.0699 3000 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:51:11.0702 3000 usbprint - ok
12:51:11.0720 3000 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
12:51:11.0722 3000 usbscan - ok
12:51:11.0742 3000 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:51:11.0745 3000 USBSTOR - ok
12:51:11.0760 3000 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
12:51:11.0762 3000 usbuhci - ok
12:51:11.0778 3000 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
12:51:11.0782 3000 usbvideo - ok
12:51:11.0798 3000 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:51:11.0802 3000 UxSms - ok
12:51:11.0835 3000 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:51:11.0837 3000 VaultSvc - ok
12:51:11.0894 3000 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
12:51:11.0894 3000 VClone - ok
12:51:11.0944 3000 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:51:11.0946 3000 vdrvroot - ok
12:51:11.0994 3000 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:51:12.0015 3000 vds - ok
12:51:12.0052 3000 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:51:12.0054 3000 vga - ok
12:51:12.0078 3000 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:51:12.0085 3000 VgaSave - ok
12:51:12.0109 3000 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:51:12.0114 3000 vhdmp - ok
12:51:12.0126 3000 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:51:12.0128 3000 viaide - ok
12:51:12.0144 3000 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:51:12.0147 3000 volmgr - ok
12:51:12.0186 3000 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:51:12.0202 3000 volmgrx - ok
12:51:12.0227 3000 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:51:12.0242 3000 volsnap - ok
12:51:12.0295 3000 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:51:12.0299 3000 vsmraid - ok
12:51:12.0391 3000 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:51:12.0451 3000 VSS - ok
12:51:12.0572 3000 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:51:12.0575 3000 vwifibus - ok
12:51:12.0590 3000 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:51:12.0593 3000 vwififlt - ok
12:51:12.0647 3000 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
12:51:12.0649 3000 vwifimp - ok
12:51:12.0696 3000 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:51:12.0711 3000 W32Time - ok
12:51:12.0729 3000 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:51:12.0731 3000 WacomPen - ok
12:51:12.0787 3000 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:51:12.0790 3000 WANARP - ok
12:51:12.0793 3000 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:51:12.0794 3000 Wanarpv6 - ok
12:51:12.0907 3000 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:51:12.0958 3000 WatAdminSvc - ok
12:51:13.0045 3000 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:51:13.0116 3000 wbengine - ok
12:51:13.0252 3000 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:51:13.0263 3000 WbioSrvc - ok
12:51:13.0331 3000 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:51:13.0344 3000 wcncsvc - ok
12:51:13.0364 3000 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:51:13.0368 3000 WcsPlugInService - ok
12:51:13.0412 3000 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:51:13.0414 3000 Wd - ok
12:51:13.0454 3000 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:51:13.0486 3000 Wdf01000 - ok
12:51:13.0503 3000 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:51:13.0508 3000 WdiServiceHost - ok
12:51:13.0512 3000 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:51:13.0515 3000 WdiSystemHost - ok
12:51:13.0542 3000 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:51:13.0557 3000 WebClient - ok
12:51:13.0583 3000 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:51:13.0598 3000 Wecsvc - ok
12:51:13.0617 3000 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:51:13.0621 3000 wercplsupport - ok
12:51:13.0672 3000 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:51:13.0676 3000 WerSvc - ok
12:51:13.0730 3000 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:51:13.0732 3000 WfpLwf - ok
12:51:13.0744 3000 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:51:13.0747 3000 WIMMount - ok
12:51:13.0790 3000 WinDefend - ok
12:51:13.0797 3000 WinHttpAutoProxySvc - ok
12:51:13.0868 3000 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:51:13.0873 3000 Winmgmt - ok
12:51:13.0985 3000 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:51:14.0056 3000 WinRM - ok
12:51:14.0186 3000 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:51:14.0188 3000 WinUsb - ok
12:51:14.0255 3000 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:51:14.0293 3000 Wlansvc - ok
12:51:14.0480 3000 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:51:14.0564 3000 wlidsvc - ok
12:51:14.0725 3000 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:51:14.0727 3000 WmiAcpi - ok
12:51:14.0798 3000 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:51:14.0802 3000 wmiApSrv - ok
12:51:14.0868 3000 WMPNetworkSvc - ok
12:51:14.0989 3000 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe
12:51:15.0006 3000 WMZuneComm - ok
12:51:15.0035 3000 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:51:15.0039 3000 WPCSvc - ok
12:51:15.0074 3000 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:51:15.0079 3000 WPDBusEnum - ok
12:51:15.0109 3000 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:51:15.0111 3000 ws2ifsl - ok
12:51:15.0127 3000 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
12:51:15.0131 3000 wscsvc - ok
12:51:15.0135 3000 WSearch - ok
12:51:15.0266 3000 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
12:51:15.0347 3000 wuauserv - ok
12:51:15.0540 3000 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:51:15.0543 3000 WudfPf - ok
12:51:15.0595 3000 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:51:15.0599 3000 WUDFRd - ok
12:51:15.0642 3000 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:51:15.0646 3000 wudfsvc - ok
12:51:15.0679 3000 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:51:15.0695 3000 WwanSvc - ok
12:51:15.0812 3000 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:51:15.0830 3000 YahooAUService - ok
12:51:16.0271 3000 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe
12:51:16.0427 3000 ZuneNetworkSvc - ok
12:51:16.0486 3000 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
12:51:16.0501 3000 ZuneWlanCfgSvc - ok
12:51:16.0571 3000 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:51:16.0961 3000 \Device\Harddisk0\DR0 - ok
12:51:16.0968 3000 Boot (0x1200) (4f795b9239c0993c0b4a21ca8bf68804) \Device\Harddisk0\DR0\Partition0
12:51:16.0972 3000 \Device\Harddisk0\DR0\Partition0 - ok
12:51:16.0990 3000 Boot (0x1200) (2852e1ae2a60e64e1deccc1b3392e30a) \Device\Harddisk0\DR0\Partition1
12:51:16.0993 3000 \Device\Harddisk0\DR0\Partition1 - ok
12:51:16.0993 3000 ============================================================
12:51:16.0993 3000 Scan finished
12:51:16.0993 3000 ============================================================
12:51:17.0005 5056 Detected object count: 0
12:51:17.0005 5056 Actual detected object count: 0
12:53:35.0996 3128 Deinitialize success


aswMBR
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-30 13:19:11
-----------------------------
13:19:11.495 OS Version: Windows x64 6.1.7601 Service Pack 1
13:19:11.495 Number of processors: 2 586 0x170A
13:19:11.496 ComputerName: LEONARDO-LAPTOP UserName: Leonardo
13:19:12.811 Initialize success
13:19:19.721 AVAST engine defs: 12073000
13:19:35.351 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:19:35.353 Disk 0 Vendor: ST950042 0003 Size: 476940MB BusType: 3
13:19:35.392 Disk 0 MBR read successfully
13:19:35.394 Disk 0 MBR scan
13:19:35.461 Disk 0 Windows 7 default MBR code
13:19:35.483 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 463587 MB offset 2048
13:19:35.554 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 13349 MB offset 949428224
13:19:35.706 Disk 0 scanning C:\Windows\system32\drivers
13:19:58.871 Service scanning
13:20:34.001 Modules scanning
13:20:34.010 Disk 0 trace - called modules:
13:20:34.025 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
13:20:34.029 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80057ca060]
13:20:34.364 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa80057c95d0]
13:20:34.370 5 hpdskflt.sys[fffff88001be1189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80047a0050]
13:20:37.950 AVAST engine scan C:\Windows
13:20:44.559 AVAST engine scan C:\Windows\system32
13:25:21.778 AVAST engine scan C:\Windows\system32\drivers
13:25:42.680 AVAST engine scan C:\Users\Leonardo
14:00:24.040 Disk 0 MBR has been saved successfully to "C:\Users\Leonardo\Documents\MBR.dat"
14:00:24.100 The log file has been saved successfully to "C:\Users\Leonardo\Documents\aswMBR.txt"


ESET online scanner
C:\Users\Leonardo\AppData\Local\AIM\Adobe\rqpphm.dll a variant of Win32/Kryptik.AIZP trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Leonardo\AppData\Local\Mozilla\Firefox\Profiles\1jwllcni.default\Cache\5\DD\89EBCd01 HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\Leonardo\AppData\Local\Temp\jar_cache1721523747335327940.tmp multiple threats deleted - quarantined
C:\Users\Leonardo\AppData\Local\Temp\NODB9D3.tmp a variant of Win32/Kryptik.AIZP trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Leonardo\AppData\Local\Temp\ICReinstall\cnet2_MatroskaSplitter_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Leonardo\AppData\Local\Temp\ICReinstall\cnet2_setup_magicdisc106_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Leonardo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\4e880d57-74b36894 a variant of Java/Exploit.Blacole.AI trojan deleted - quarantined
C:\Users\Leonardo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\505d5b5b-3b1846a7 Java/TrojanDownloader.Agent.NCM trojan deleted - quarantined
C:\Users\Leonardo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\13673cb0-7f5f989b a variant of Java/TrojanDownloader.OpenStream.NCE trojan deleted - quarantined
C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\1jwllcni.default\extensions\wukgteamcu@wukgteamcu.org.xpi JS/Redirector.NCA trojan deleted - quarantined


Edit: That seems to have gotten rid of the redirect, thanks for the help! The only thing is that now I'm getting an error message at startup: "There was a problem starting. C:\Users\Leonardo\AppData\Local\AIM\Adobe\rqpphm.dll The specified module could not be found."

Edited by amalgam, 30 July 2012 - 04:52 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:46 AM

Posted 30 July 2012 - 07:43 PM

We still have few scans

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users