Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

clicking on google search results link redirects to another site


  • Please log in to reply
16 replies to this topic

#1 smithk3933

smithk3933

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:06 PM

Posted 30 July 2012 - 07:52 PM

Running Windows Vista and using Google Chrome. Now when I use Google for search and click on one of the search results it redirects to some other site, often another search result list which has some ip address as the web URL. If I hit back and go back to the Google Search results and click on the same link it will then go to the correct site.

Based on other posts I've seen, I ran Rkill, TDsskiller and then MalwareBytes all to no help. TDsskiller found a couple of items the first time.

Still having the same problem.

Where to go next?

Thanks.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:06 PM

Posted 30 July 2012 - 07:54 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 smithk3933

smithk3933
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:06 PM

Posted 30 July 2012 - 08:11 PM

TDSSKiller log file:

21:05:28.0768 3688 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
21:05:29.0411 3688 ============================================================
21:05:29.0411 3688 Current date / time: 2012/07/30 21:05:29.0411
21:05:29.0411 3688 SystemInfo:
21:05:29.0411 3688
21:05:29.0411 3688 OS Version: 6.0.6002 ServicePack: 2.0
21:05:29.0411 3688 Product type: Workstation
21:05:29.0411 3688 ComputerName: HP-LAPTOP
21:05:29.0412 3688 UserName: Keith
21:05:29.0412 3688 Windows directory: C:\Windows
21:05:29.0412 3688 System windows directory: C:\Windows
21:05:29.0412 3688 Running under WOW64
21:05:29.0412 3688 Processor architecture: Intel x64
21:05:29.0412 3688 Number of processors: 2
21:05:29.0412 3688 Page size: 0x1000
21:05:29.0412 3688 Boot type: Normal boot
21:05:29.0412 3688 ============================================================
21:05:30.0562 3688 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:05:30.0577 3688 ============================================================
21:05:30.0577 3688 \Device\Harddisk0\DR0:
21:05:30.0577 3688 MBR partitions:
21:05:30.0577 3688 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23B3BFC1
21:05:30.0578 3688 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23B3C000, BlocksNum 0x18F1000
21:05:30.0578 3688 ============================================================
21:05:30.0592 3688 C: <-> \Device\Harddisk0\DR0\Partition0
21:05:30.0636 3688 D: <-> \Device\Harddisk0\DR0\Partition1
21:05:30.0636 3688 ============================================================
21:05:30.0636 3688 Initialize success
21:05:30.0636 3688 ============================================================
21:05:50.0277 5364 ============================================================
21:05:50.0277 5364 Scan started
21:05:50.0277 5364 Mode: Manual; TDLFS;
21:05:50.0277 5364 ============================================================
21:05:50.0892 5364 Accelerometer (60fbb29ccce48b4c3a6517caf42c3496) C:\Windows\system32\DRIVERS\Accelerometer.sys
21:05:50.0893 5364 Accelerometer - ok
21:05:51.0065 5364 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
21:05:51.0069 5364 ACPI - ok
21:05:51.0337 5364 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:05:51.0338 5364 AdobeARMservice - ok
21:05:51.0452 5364 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
21:05:51.0457 5364 adp94xx - ok
21:05:51.0517 5364 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
21:05:51.0521 5364 adpahci - ok
21:05:51.0544 5364 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
21:05:51.0545 5364 adpu160m - ok
21:05:51.0574 5364 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
21:05:51.0576 5364 adpu320 - ok
21:05:51.0621 5364 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
21:05:51.0622 5364 AeLookupSvc - ok
21:05:51.0776 5364 AESTFilters (7f66523a27754afcfecae2f5eb643a4a) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe
21:05:51.0777 5364 AESTFilters - ok
21:05:51.0868 5364 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
21:05:51.0872 5364 AFD - ok
21:05:51.0913 5364 AgereModemAudio (8b0d8b5bafd4c9d57b41426bc68b32f9) C:\Windows\system32\agr64svc.exe
21:05:51.0914 5364 AgereModemAudio - ok
21:05:52.0052 5364 AgereSoftModem (3627a62b10284ffbf862bfd49928edf4) C:\Windows\system32\DRIVERS\agrsm64.sys
21:05:52.0067 5364 AgereSoftModem - ok
21:05:52.0114 5364 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
21:05:52.0115 5364 agp440 - ok
21:05:52.0141 5364 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
21:05:52.0142 5364 aic78xx - ok
21:05:52.0178 5364 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
21:05:52.0179 5364 ALG - ok
21:05:52.0203 5364 aliide (e0ca5bb8e6c79533dc6b1da7361a201e) C:\Windows\system32\drivers\aliide.sys
21:05:52.0204 5364 aliide - ok
21:05:52.0210 5364 amdide (7034f8d1b9703d711d3f92c95deb377d) C:\Windows\system32\drivers\amdide.sys
21:05:52.0211 5364 amdide - ok
21:05:52.0254 5364 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
21:05:52.0255 5364 AmdK8 - ok
21:05:52.0304 5364 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
21:05:52.0305 5364 Appinfo - ok
21:05:52.0349 5364 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
21:05:52.0350 5364 arc - ok
21:05:52.0368 5364 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
21:05:52.0370 5364 arcsas - ok
21:05:52.0404 5364 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
21:05:52.0404 5364 AsyncMac - ok
21:05:52.0451 5364 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
21:05:52.0451 5364 atapi - ok
21:05:52.0549 5364 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
21:05:52.0555 5364 AudioEndpointBuilder - ok
21:05:52.0564 5364 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
21:05:52.0570 5364 AudioSrv - ok
21:05:52.0746 5364 BCM43XX (a4815907b039121d8d9221695cdc35f7) C:\Windows\system32\DRIVERS\bcmwl664.sys
21:05:52.0765 5364 BCM43XX - ok
21:05:52.0980 5364 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
21:05:52.0986 5364 BFE - ok
21:05:53.0216 5364 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\BASHDefs\20120711.002\BHDrvx64.sys
21:05:53.0232 5364 BHDrvx64 - ok
21:05:53.0490 5364 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
21:05:53.0506 5364 BITS - ok
21:05:53.0560 5364 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
21:05:53.0561 5364 blbdrive - ok
21:05:53.0607 5364 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
21:05:53.0608 5364 bowser - ok
21:05:53.0638 5364 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
21:05:53.0639 5364 BrFiltLo - ok
21:05:53.0654 5364 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
21:05:53.0655 5364 BrFiltUp - ok
21:05:53.0703 5364 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
21:05:53.0704 5364 Browser - ok
21:05:53.0730 5364 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
21:05:53.0732 5364 Brserid - ok
21:05:53.0826 5364 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
21:05:53.0827 5364 BrSerWdm - ok
21:05:53.0855 5364 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
21:05:53.0855 5364 BrUsbMdm - ok
21:05:53.0902 5364 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
21:05:53.0903 5364 BrUsbSer - ok
21:05:53.0940 5364 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
21:05:53.0941 5364 BTHMODEM - ok
21:05:54.0061 5364 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys
21:05:54.0063 5364 ccSet_N360 - ok
21:05:54.0090 5364 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
21:05:54.0092 5364 cdfs - ok
21:05:54.0155 5364 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
21:05:54.0156 5364 cdrom - ok
21:05:54.0222 5364 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
21:05:54.0223 5364 CertPropSvc - ok
21:05:54.0238 5364 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
21:05:54.0239 5364 circlass - ok
21:05:54.0316 5364 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
21:05:54.0321 5364 CLFS - ok
21:05:54.0398 5364 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:05:54.0401 5364 clr_optimization_v2.0.50727_32 - ok
21:05:54.0474 5364 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:05:54.0476 5364 clr_optimization_v2.0.50727_64 - ok
21:05:54.0573 5364 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:05:54.0575 5364 clr_optimization_v4.0.30319_32 - ok
21:05:54.0613 5364 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:05:54.0615 5364 clr_optimization_v4.0.30319_64 - ok
21:05:54.0650 5364 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
21:05:54.0652 5364 CmBatt - ok
21:05:54.0665 5364 cmdide (8c6aa24c1d7273a02284588426ab8ce3) C:\Windows\system32\drivers\cmdide.sys
21:05:54.0666 5364 cmdide - ok
21:05:54.0770 5364 Com4QLBEx (7795f8cebc284a426b53f541e538695f) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
21:05:54.0772 5364 Com4QLBEx - ok
21:05:54.0806 5364 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
21:05:54.0807 5364 Compbatt - ok
21:05:54.0815 5364 COMSysApp - ok
21:05:54.0841 5364 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
21:05:54.0842 5364 crcdisk - ok
21:05:54.0882 5364 CryptSvc (62740b9d2a137e8ced41a9e4239a7a31) C:\Windows\system32\cryptsvc.dll
21:05:54.0884 5364 CryptSvc - ok
21:05:54.0993 5364 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
21:05:55.0003 5364 DcomLaunch - ok
21:05:55.0101 5364 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
21:05:55.0102 5364 DfsC - ok
21:05:55.0472 5364 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
21:05:55.0513 5364 DFSR - ok
21:05:55.0704 5364 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
21:05:55.0708 5364 Dhcp - ok
21:05:55.0775 5364 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
21:05:55.0776 5364 disk - ok
21:05:55.0811 5364 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
21:05:55.0813 5364 Dnscache - ok
21:05:55.0877 5364 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
21:05:55.0880 5364 dot3svc - ok
21:05:55.0930 5364 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
21:05:55.0932 5364 DPS - ok
21:05:55.0970 5364 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
21:05:55.0971 5364 drmkaud - ok
21:05:56.0080 5364 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
21:05:56.0093 5364 DXGKrnl - ok
21:05:56.0147 5364 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
21:05:56.0149 5364 E1G60 - ok
21:05:56.0194 5364 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
21:05:56.0196 5364 EapHost - ok
21:05:56.0277 5364 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
21:05:56.0279 5364 Ecache - ok
21:05:56.0384 5364 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:05:56.0390 5364 eeCtrl - ok
21:05:56.0466 5364 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
21:05:56.0471 5364 ehRecvr - ok
21:05:56.0493 5364 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
21:05:56.0495 5364 ehSched - ok
21:05:56.0522 5364 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
21:05:56.0522 5364 ehstart - ok
21:05:56.0576 5364 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
21:05:56.0581 5364 elxstor - ok
21:05:56.0674 5364 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
21:05:56.0679 5364 EMDMgmt - ok
21:05:56.0717 5364 enecir (f218a3a27ed6592c0e22ec3595554447) C:\Windows\system32\DRIVERS\enecir.sys
21:05:56.0718 5364 enecir - ok
21:05:56.0821 5364 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:05:56.0823 5364 EraserUtilRebootDrv - ok
21:05:56.0845 5364 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
21:05:56.0846 5364 ErrDev - ok
21:05:56.0937 5364 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
21:05:56.0942 5364 EventSystem - ok
21:05:57.0039 5364 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
21:05:57.0042 5364 exfat - ok
21:05:57.0103 5364 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
21:05:57.0106 5364 fastfat - ok
21:05:57.0135 5364 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
21:05:57.0136 5364 fdc - ok
21:05:57.0157 5364 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
21:05:57.0159 5364 fdPHost - ok
21:05:57.0171 5364 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
21:05:57.0173 5364 FDResPub - ok
21:05:57.0190 5364 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
21:05:57.0191 5364 FileInfo - ok
21:05:57.0220 5364 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
21:05:57.0221 5364 Filetrace - ok
21:05:57.0274 5364 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
21:05:57.0275 5364 flpydisk - ok
21:05:57.0344 5364 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
21:05:57.0347 5364 FltMgr - ok
21:05:57.0524 5364 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
21:05:57.0540 5364 FontCache - ok
21:05:57.0620 5364 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:05:57.0621 5364 FontCache3.0.0.0 - ok
21:05:57.0692 5364 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
21:05:57.0693 5364 Fs_Rec - ok
21:05:57.0741 5364 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
21:05:57.0744 5364 gagp30kx - ok
21:05:57.0813 5364 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:05:57.0815 5364 GEARAspiWDM - ok
21:05:57.0935 5364 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
21:05:57.0958 5364 gpsvc - ok
21:05:58.0063 5364 gupdate1ca2136aa8c9150 (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:05:58.0067 5364 gupdate1ca2136aa8c9150 - ok
21:05:58.0108 5364 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:05:58.0110 5364 gupdatem - ok
21:05:58.0157 5364 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:05:58.0159 5364 gusvc - ok
21:05:58.0213 5364 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
21:05:58.0242 5364 HdAudAddService - ok
21:05:58.0371 5364 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:05:58.0409 5364 HDAudBus - ok
21:05:58.0447 5364 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
21:05:58.0450 5364 HidBth - ok
21:05:58.0495 5364 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys
21:05:58.0496 5364 HidIr - ok
21:05:58.0563 5364 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
21:05:58.0565 5364 hidserv - ok
21:05:58.0587 5364 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
21:05:58.0588 5364 HidUsb - ok
21:05:58.0617 5364 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
21:05:58.0621 5364 hkmsvc - ok
21:05:58.0724 5364 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
21:05:58.0725 5364 HP Health Check Service - ok
21:05:58.0756 5364 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
21:05:58.0763 5364 HpCISSs - ok
21:05:58.0821 5364 hpdskflt (4a435ca815a54639ca09ddf75d751ebc) C:\Windows\system32\DRIVERS\hpdskflt.sys
21:05:58.0822 5364 hpdskflt - ok
21:05:58.0866 5364 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:05:58.0867 5364 HpqKbFiltr - ok
21:05:58.0943 5364 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
21:05:58.0946 5364 hpqwmiex - ok
21:05:58.0968 5364 hpsrv (6bf024ea61d7894bf4af0b10a90b546e) C:\Windows\system32\Hpservice.exe
21:05:58.0970 5364 hpsrv - ok
21:05:59.0084 5364 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
21:05:59.0110 5364 HTTP - ok
21:05:59.0138 5364 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
21:05:59.0141 5364 i2omp - ok
21:05:59.0186 5364 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
21:05:59.0189 5364 i8042prt - ok
21:05:59.0294 5364 IAANTMON (cb686f44bf955ea02520710a56874fa4) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:05:59.0308 5364 IAANTMON - ok
21:05:59.0412 5364 iaStor (8d58627fef3f8767665d9f4dc91cbd97) C:\Windows\system32\DRIVERS\iaStor.sys
21:05:59.0416 5364 iaStor - ok
21:05:59.0471 5364 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
21:05:59.0490 5364 iaStorV - ok
21:05:59.0589 5364 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:05:59.0590 5364 IDriverT - ok
21:05:59.0745 5364 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:05:59.0754 5364 idsvc - ok
21:05:59.0969 5364 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\IPSDefs\20120727.001\IDSvia64.sys
21:05:59.0984 5364 IDSVia64 - ok
21:06:01.0057 5364 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:06:01.0352 5364 igfx - ok
21:06:01.0492 5364 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
21:06:01.0494 5364 iirsp - ok
21:06:01.0631 5364 IJPLMSVC (755519f49906b73c1fe9cbbf75e347ea) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
21:06:01.0634 5364 IJPLMSVC - ok
21:06:01.0738 5364 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
21:06:01.0769 5364 IKEEXT - ok
21:06:01.0831 5364 IntcHdmiAddService (dea2ab452b4fa773187369c4b6517320) C:\Windows\system32\drivers\IntcHdmi.sys
21:06:01.0836 5364 IntcHdmiAddService - ok
21:06:01.0861 5364 intelide (475490caf376e55e6e8b37bbdfeb2e81) C:\Windows\system32\drivers\intelide.sys
21:06:01.0862 5364 intelide - ok
21:06:01.0890 5364 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
21:06:01.0893 5364 intelppm - ok
21:06:01.0927 5364 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
21:06:01.0931 5364 IPBusEnum - ok
21:06:02.0011 5364 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:06:02.0014 5364 IpFilterDriver - ok
21:06:02.0081 5364 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
21:06:02.0088 5364 iphlpsvc - ok
21:06:02.0092 5364 IpInIp - ok
21:06:02.0150 5364 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
21:06:02.0153 5364 IPMIDRV - ok
21:06:02.0225 5364 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
21:06:02.0229 5364 IPNAT - ok
21:06:02.0258 5364 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
21:06:02.0259 5364 IRENUM - ok
21:06:02.0288 5364 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
21:06:02.0289 5364 isapnp - ok
21:06:02.0378 5364 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
21:06:02.0384 5364 iScsiPrt - ok
21:06:02.0410 5364 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
21:06:02.0413 5364 iteatapi - ok
21:06:02.0461 5364 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
21:06:02.0463 5364 iteraid - ok
21:06:02.0495 5364 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
21:06:02.0497 5364 kbdclass - ok
21:06:02.0547 5364 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
21:06:02.0549 5364 kbdhid - ok
21:06:02.0568 5364 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
21:06:02.0571 5364 KeyIso - ok
21:06:02.0670 5364 KSecDD (88956ad9fa510848ad176777a6c6c1f5) C:\Windows\system32\Drivers\ksecdd.sys
21:06:02.0709 5364 KSecDD - ok
21:06:02.0750 5364 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
21:06:02.0751 5364 ksthunk - ok
21:06:02.0831 5364 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
21:06:02.0850 5364 KtmRm - ok
21:06:02.0920 5364 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
21:06:02.0927 5364 LanmanServer - ok
21:06:02.0996 5364 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
21:06:03.0004 5364 LanmanWorkstation - ok
21:06:03.0103 5364 Lavasoft Kernexplorer - ok
21:06:03.0188 5364 LightScribeService (abf90fc5a127f481219b873c1b8dfc1c) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
21:06:03.0191 5364 LightScribeService - ok
21:06:03.0213 5364 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
21:06:03.0216 5364 lltdio - ok
21:06:03.0291 5364 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
21:06:03.0312 5364 lltdsvc - ok
21:06:03.0330 5364 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
21:06:03.0332 5364 lmhosts - ok
21:06:03.0377 5364 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
21:06:03.0381 5364 LSI_FC - ok
21:06:03.0428 5364 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
21:06:03.0432 5364 LSI_SAS - ok
21:06:03.0445 5364 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
21:06:03.0449 5364 LSI_SCSI - ok
21:06:03.0486 5364 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
21:06:03.0489 5364 luafv - ok
21:06:03.0575 5364 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
21:06:03.0580 5364 Mcx2Svc - ok
21:06:03.0637 5364 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
21:06:03.0639 5364 megasas - ok
21:06:03.0691 5364 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
21:06:03.0715 5364 MegaSR - ok
21:06:03.0736 5364 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
21:06:03.0739 5364 MMCSS - ok
21:06:03.0783 5364 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
21:06:03.0785 5364 Modem - ok
21:06:03.0798 5364 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
21:06:03.0801 5364 monitor - ok
21:06:03.0845 5364 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
21:06:03.0848 5364 mouclass - ok
21:06:03.0919 5364 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
21:06:03.0920 5364 mouhid - ok
21:06:03.0938 5364 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
21:06:03.0941 5364 MountMgr - ok
21:06:03.0998 5364 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
21:06:04.0002 5364 mpio - ok
21:06:04.0061 5364 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
21:06:04.0064 5364 mpsdrv - ok
21:06:04.0162 5364 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
21:06:04.0188 5364 MpsSvc - ok
21:06:04.0207 5364 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
21:06:04.0210 5364 Mraid35x - ok
21:06:04.0305 5364 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
21:06:04.0309 5364 MRxDAV - ok
21:06:04.0362 5364 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:06:04.0367 5364 mrxsmb - ok
21:06:04.0433 5364 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:06:04.0440 5364 mrxsmb10 - ok
21:06:04.0496 5364 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:06:04.0499 5364 mrxsmb20 - ok
21:06:04.0590 5364 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\drivers\msahci.sys
21:06:04.0593 5364 msahci - ok
21:06:04.0643 5364 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
21:06:04.0647 5364 msdsm - ok
21:06:04.0702 5364 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
21:06:04.0707 5364 MSDTC - ok
21:06:04.0764 5364 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
21:06:04.0765 5364 Msfs - ok
21:06:04.0800 5364 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
21:06:04.0801 5364 msisadrv - ok
21:06:04.0829 5364 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
21:06:04.0834 5364 MSiSCSI - ok
21:06:04.0840 5364 msiserver - ok
21:06:04.0889 5364 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
21:06:04.0890 5364 MSKSSRV - ok
21:06:04.0911 5364 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
21:06:04.0912 5364 MSPCLOCK - ok
21:06:04.0932 5364 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
21:06:04.0933 5364 MSPQM - ok
21:06:05.0006 5364 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
21:06:05.0017 5364 MsRPC - ok
21:06:05.0077 5364 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
21:06:05.0080 5364 mssmbios - ok
21:06:05.0109 5364 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
21:06:05.0110 5364 MSTEE - ok
21:06:05.0155 5364 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
21:06:05.0158 5364 Mup - ok
21:06:05.0278 5364 N360 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
21:06:05.0281 5364 N360 - ok
21:06:05.0424 5364 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
21:06:05.0443 5364 napagent - ok
21:06:05.0510 5364 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
21:06:05.0515 5364 NativeWifiP - ok
21:06:05.0682 5364 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20120730.001\ENG64.SYS
21:06:05.0683 5364 NAVENG - ok
21:06:05.0903 5364 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\Definitions\VirusDefs\20120730.001\EX64.SYS
21:06:05.0925 5364 NAVEX15 - ok
21:06:06.0112 5364 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
21:06:06.0164 5364 NDIS - ok
21:06:06.0189 5364 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
21:06:06.0190 5364 NdisTapi - ok
21:06:06.0201 5364 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
21:06:06.0202 5364 Ndisuio - ok
21:06:06.0269 5364 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
21:06:06.0273 5364 NdisWan - ok
21:06:06.0291 5364 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
21:06:06.0294 5364 NDProxy - ok
21:06:06.0342 5364 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
21:06:06.0345 5364 NetBIOS - ok
21:06:06.0418 5364 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
21:06:06.0424 5364 netbt - ok
21:06:06.0482 5364 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
21:06:06.0484 5364 Netlogon - ok
21:06:06.0538 5364 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
21:06:06.0556 5364 Netman - ok
21:06:06.0586 5364 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
21:06:06.0598 5364 netprofm - ok
21:06:06.0652 5364 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:06:06.0654 5364 NetTcpPortSharing - ok
21:06:06.0970 5364 NETw3v64 (c86984aee87900c1eeb6942ede3bf4b6) C:\Windows\system32\DRIVERS\NETw3v64.sys
21:06:07.0075 5364 NETw3v64 - ok
21:06:07.0233 5364 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
21:06:07.0236 5364 nfrd960 - ok
21:06:07.0289 5364 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
21:06:07.0295 5364 NlaSvc - ok
21:06:07.0356 5364 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
21:06:07.0358 5364 Npfs - ok
21:06:07.0399 5364 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
21:06:07.0402 5364 nsi - ok
21:06:07.0432 5364 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
21:06:07.0433 5364 nsiproxy - ok
21:06:07.0730 5364 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
21:06:07.0792 5364 Ntfs - ok
21:06:07.0922 5364 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
21:06:07.0922 5364 Null - ok
21:06:07.0945 5364 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
21:06:07.0949 5364 nvraid - ok
21:06:07.0981 5364 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
21:06:07.0984 5364 nvstor - ok
21:06:08.0020 5364 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
21:06:08.0024 5364 nv_agp - ok
21:06:08.0029 5364 NwlnkFlt - ok
21:06:08.0037 5364 NwlnkFwd - ok
21:06:08.0115 5364 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys
21:06:08.0119 5364 ohci1394 - ok
21:06:08.0266 5364 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
21:06:08.0307 5364 p2pimsvc - ok
21:06:08.0323 5364 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
21:06:08.0334 5364 p2psvc - ok
21:06:08.0376 5364 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
21:06:08.0380 5364 Parport - ok
21:06:08.0409 5364 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
21:06:08.0412 5364 partmgr - ok
21:06:08.0435 5364 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
21:06:08.0439 5364 PcaSvc - ok
21:06:08.0523 5364 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
21:06:08.0528 5364 pci - ok
21:06:08.0557 5364 pciide (15e5c3f89a3452efbda3b39816dbc4ee) C:\Windows\system32\drivers\pciide.sys
21:06:08.0558 5364 pciide - ok
21:06:08.0625 5364 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
21:06:08.0662 5364 pcmcia - ok
21:06:08.0755 5364 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
21:06:08.0783 5364 PEAUTH - ok
21:06:08.0868 5364 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
21:06:08.0870 5364 PerfHost - ok
21:06:09.0014 5364 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
21:06:09.0068 5364 pla - ok
21:06:09.0160 5364 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
21:06:09.0176 5364 PlugPlay - ok
21:06:09.0325 5364 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
21:06:09.0338 5364 PNRPAutoReg - ok
21:06:09.0356 5364 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
21:06:09.0369 5364 PNRPsvc - ok
21:06:09.0469 5364 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
21:06:09.0487 5364 PolicyAgent - ok
21:06:09.0563 5364 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
21:06:09.0566 5364 PptpMiniport - ok
21:06:09.0614 5364 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
21:06:09.0617 5364 Processor - ok
21:06:09.0713 5364 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
21:06:09.0719 5364 ProfSvc - ok
21:06:09.0782 5364 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
21:06:09.0785 5364 ProtectedStorage - ok
21:06:09.0853 5364 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
21:06:09.0857 5364 PSched - ok
21:06:09.0986 5364 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
21:06:10.0043 5364 ql2300 - ok
21:06:10.0056 5364 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
21:06:10.0061 5364 ql40xx - ok
21:06:10.0190 5364 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
21:06:10.0235 5364 QWAVE - ok
21:06:10.0257 5364 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
21:06:10.0259 5364 QWAVEdrv - ok
21:06:10.0282 5364 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
21:06:10.0283 5364 RasAcd - ok
21:06:10.0315 5364 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
21:06:10.0321 5364 RasAuto - ok
21:06:10.0378 5364 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:06:10.0382 5364 Rasl2tp - ok
21:06:10.0447 5364 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
21:06:10.0456 5364 RasMan - ok
21:06:10.0492 5364 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
21:06:10.0496 5364 RasPppoe - ok
21:06:10.0553 5364 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
21:06:10.0556 5364 RasSstp - ok
21:06:10.0618 5364 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
21:06:10.0638 5364 rdbss - ok
21:06:10.0657 5364 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:06:10.0658 5364 RDPCDD - ok
21:06:10.0710 5364 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
21:06:10.0718 5364 rdpdr - ok
21:06:10.0725 5364 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
21:06:10.0726 5364 RDPENCDD - ok
21:06:10.0809 5364 RDPWD (ae4bd9e1c33d351d8e607fc81f15160c) C:\Windows\system32\drivers\RDPWD.sys
21:06:10.0815 5364 RDPWD - ok
21:06:10.0911 5364 Recovery Service for Windows (d5f08cc3d19b1c7f49619b9dad43c0ce) C:\Program Files (x86)\SMINST\BLService.exe
21:06:10.0916 5364 Recovery Service for Windows - ok
21:06:10.0983 5364 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
21:06:10.0987 5364 RemoteAccess - ok
21:06:11.0080 5364 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
21:06:11.0132 5364 RemoteRegistry - ok
21:06:11.0187 5364 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:06:11.0189 5364 RichVideo - ok
21:06:11.0204 5364 RimUsb - ok
21:06:11.0247 5364 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
21:06:11.0249 5364 RimVSerPort - ok
21:06:11.0311 5364 ROOTMODEM (6a0cf73b019cbc9255e23c9192ec3702) C:\Windows\system32\Drivers\RootMdm.sys
21:06:11.0312 5364 ROOTMODEM - ok
21:06:11.0346 5364 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
21:06:11.0348 5364 RpcLocator - ok
21:06:11.0437 5364 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
21:06:11.0449 5364 RpcSs - ok
21:06:11.0508 5364 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
21:06:11.0512 5364 rspndr - ok
21:06:11.0628 5364 RTL8169 (af7074e1d6a8a66204067ee8b2a8327a) C:\Windows\system32\DRIVERS\Rtlh64.sys
21:06:11.0634 5364 RTL8169 - ok
21:06:11.0687 5364 RTSTOR (aa3987386cf7d9005c42bc974634bd56) C:\Windows\system32\drivers\RTSTOR64.SYS
21:06:11.0690 5364 RTSTOR - ok
21:06:11.0739 5364 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
21:06:11.0741 5364 SamSs - ok
21:06:11.0767 5364 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
21:06:11.0771 5364 sbp2port - ok
21:06:11.0829 5364 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
21:06:11.0835 5364 SCardSvr - ok
21:06:11.0940 5364 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
21:06:12.0009 5364 Schedule - ok
21:06:12.0054 5364 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
21:06:12.0057 5364 SCPolicySvc - ok
21:06:12.0100 5364 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys
21:06:12.0129 5364 sdbus - ok
21:06:12.0156 5364 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
21:06:12.0161 5364 SDRSVC - ok
21:06:12.0200 5364 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:06:12.0201 5364 secdrv - ok
21:06:12.0220 5364 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
21:06:12.0223 5364 seclogon - ok
21:06:12.0242 5364 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
21:06:12.0246 5364 SENS - ok
21:06:12.0313 5364 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
21:06:12.0314 5364 Serenum - ok
21:06:12.0339 5364 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
21:06:12.0343 5364 Serial - ok
21:06:12.0383 5364 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
21:06:12.0384 5364 sermouse - ok
21:06:12.0431 5364 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
21:06:12.0435 5364 SessionEnv - ok
21:06:12.0451 5364 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
21:06:12.0452 5364 sffdisk - ok
21:06:12.0466 5364 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
21:06:12.0467 5364 sffp_mmc - ok
21:06:12.0483 5364 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
21:06:12.0484 5364 sffp_sd - ok
21:06:12.0504 5364 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
21:06:12.0505 5364 sfloppy - ok
21:06:12.0602 5364 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
21:06:12.0655 5364 SharedAccess - ok
21:06:12.0705 5364 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
21:06:12.0717 5364 ShellHWDetection - ok
21:06:12.0763 5364 silabenm (720088aad691ff1d90be8ec28727f6ca) C:\Windows\system32\DRIVERS\silabenm.sys
21:06:12.0765 5364 silabenm - ok
21:06:12.0794 5364 silabser (245889e622fec92c989787a9801f6896) C:\Windows\system32\DRIVERS\silabser.sys
21:06:12.0798 5364 silabser - ok
21:06:12.0854 5364 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
21:06:12.0857 5364 SiSRaid2 - ok
21:06:12.0902 5364 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
21:06:12.0906 5364 SiSRaid4 - ok
21:06:13.0159 5364 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
21:06:13.0262 5364 slsvc - ok
21:06:13.0396 5364 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
21:06:13.0400 5364 SLUINotify - ok
21:06:13.0473 5364 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
21:06:13.0476 5364 Smb - ok
21:06:13.0544 5364 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
21:06:13.0547 5364 SNMPTRAP - ok
21:06:13.0597 5364 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
21:06:13.0598 5364 spldr - ok
21:06:13.0672 5364 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
21:06:13.0692 5364 Spooler - ok
21:06:13.0808 5364 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\N360x64\0602010.005\SRTSP64.SYS
21:06:13.0835 5364 SRTSP - ok
21:06:13.0860 5364 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\N360x64\0602010.005\SRTSPX64.SYS
21:06:13.0863 5364 SRTSPX - ok
21:06:13.0943 5364 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
21:06:13.0962 5364 srv - ok
21:06:14.0008 5364 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
21:06:14.0013 5364 srv2 - ok
21:06:14.0074 5364 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
21:06:14.0078 5364 srvnet - ok
21:06:14.0142 5364 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
21:06:14.0149 5364 SSDPSRV - ok
21:06:14.0222 5364 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
21:06:14.0228 5364 SstpSvc - ok
21:06:14.0352 5364 STacSV (3fb66e86ba667d627a613e1d677469b0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe
21:06:14.0358 5364 STacSV - ok
21:06:14.0516 5364 STHDA (e01797a54f8a61512b7e590fde6d1988) C:\Windows\system32\DRIVERS\stwrt64.sys
21:06:14.0534 5364 STHDA - ok
21:06:14.0553 5364 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys
21:06:14.0554 5364 StillCam - ok
21:06:14.0648 5364 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
21:06:14.0670 5364 stisvc - ok
21:06:14.0776 5364 SupportSoft RemoteAssist (42fef84684d217870f3c8813b6f58276) C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
21:06:14.0780 5364 SupportSoft RemoteAssist - ok
21:06:14.0815 5364 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
21:06:14.0816 5364 swenum - ok
21:06:14.0895 5364 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
21:06:14.0911 5364 swprv - ok
21:06:15.0014 5364 Symantec RemoteAssist (267c914667c94e5f47d342311c1c577f) C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe
21:06:15.0019 5364 Symantec RemoteAssist - ok
21:06:15.0047 5364 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
21:06:15.0050 5364 Symc8xx - ok
21:06:15.0171 5364 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS
21:06:15.0188 5364 SymDS - ok
21:06:15.0275 5364 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS
21:06:15.0311 5364 SymEFA - ok
21:06:15.0342 5364 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:06:15.0347 5364 SymEvent - ok
21:06:15.0353 5364 SYMFW - ok
21:06:15.0420 5364 SymIM (b681d1b0f9596684225dcc9b94c6bacf) C:\Windows\system32\DRIVERS\SymIMv.sys
21:06:15.0423 5364 SymIM - ok
21:06:15.0453 5364 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS
21:06:15.0458 5364 SymIRON - ok
21:06:15.0464 5364 SYMNDISV - ok
21:06:15.0538 5364 SYMTDIv (a25fee245c78804601d83431386a0bee) C:\Windows\System32\Drivers\N360x64\0602010.005\SYMTDIV.SYS
21:06:15.0591 5364 SYMTDIv - ok
21:06:15.0622 5364 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
21:06:15.0625 5364 Sym_hi - ok
21:06:15.0689 5364 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
21:06:15.0692 5364 Sym_u3 - ok
21:06:15.0758 5364 SynTP (c851305e2bcfce8aaa53342f912ddd7f) C:\Windows\system32\DRIVERS\SynTP.sys
21:06:15.0768 5364 SynTP - ok
21:06:15.0865 5364 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
21:06:15.0932 5364 SysMain - ok
21:06:15.0958 5364 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
21:06:15.0963 5364 TabletInputService - ok
21:06:16.0033 5364 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
21:06:16.0044 5364 TapiSrv - ok
21:06:16.0075 5364 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
21:06:16.0079 5364 TBS - ok
21:06:16.0233 5364 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys
21:06:16.0281 5364 Tcpip - ok
21:06:16.0513 5364 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys
21:06:16.0530 5364 Tcpip6 - ok
21:06:16.0652 5364 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
21:06:16.0655 5364 tcpipreg - ok
21:06:16.0707 5364 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
21:06:16.0708 5364 TDPIPE - ok
21:06:16.0735 5364 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
21:06:16.0737 5364 TDTCP - ok
21:06:16.0802 5364 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
21:06:16.0805 5364 tdx - ok
21:06:16.0847 5364 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
21:06:16.0850 5364 TermDD - ok
21:06:16.0940 5364 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
21:06:16.0965 5364 TermService - ok
21:06:17.0005 5364 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
21:06:17.0010 5364 Themes - ok
21:06:17.0037 5364 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
21:06:17.0040 5364 THREADORDER - ok
21:06:17.0079 5364 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
21:06:17.0085 5364 TrkWks - ok
21:06:17.0194 5364 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
21:06:17.0195 5364 TrustedInstaller - ok
21:06:17.0256 5364 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:06:17.0258 5364 tssecsrv - ok
21:06:17.0283 5364 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
21:06:17.0284 5364 tunmp - ok
21:06:17.0342 5364 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
21:06:17.0344 5364 tunnel - ok
21:06:17.0516 5364 TVCapSvc (bb313ae85ec95b7cb87fc5ed53f3a22b) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
21:06:17.0520 5364 TVCapSvc - ok
21:06:17.0568 5364 TVSched (0c66e48654afd8a6bcfbce22e7fab251) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
21:06:17.0570 5364 TVSched - ok
21:06:17.0599 5364 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
21:06:17.0602 5364 uagp35 - ok
21:06:17.0698 5364 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
21:06:17.0710 5364 udfs - ok
21:06:17.0785 5364 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
21:06:17.0789 5364 UI0Detect - ok
21:06:17.0836 5364 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
21:06:17.0839 5364 uliagpkx - ok
21:06:17.0886 5364 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
21:06:17.0894 5364 uliahci - ok
21:06:17.0937 5364 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
21:06:17.0941 5364 UlSata - ok
21:06:17.0986 5364 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
21:06:18.0002 5364 ulsata2 - ok
21:06:18.0023 5364 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
21:06:18.0026 5364 umbus - ok
21:06:18.0132 5364 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
21:06:18.0184 5364 upnphost - ok
21:06:18.0231 5364 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
21:06:18.0235 5364 usbccgp - ok
21:06:18.0304 5364 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
21:06:18.0307 5364 usbcir - ok
21:06:18.0357 5364 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
21:06:18.0360 5364 usbehci - ok
21:06:18.0409 5364 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
21:06:18.0416 5364 usbhub - ok
21:06:18.0437 5364 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
21:06:18.0439 5364 usbohci - ok
21:06:18.0482 5364 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
21:06:18.0483 5364 usbprint - ok
21:06:18.0547 5364 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
21:06:18.0550 5364 usbscan - ok
21:06:18.0605 5364 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:06:18.0609 5364 USBSTOR - ok
21:06:18.0653 5364 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
21:06:18.0656 5364 usbuhci - ok
21:06:18.0704 5364 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
21:06:18.0709 5364 usbvideo - ok
21:06:18.0774 5364 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
21:06:18.0778 5364 UxSms - ok
21:06:18.0864 5364 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
21:06:18.0881 5364 vds - ok
21:06:18.0928 5364 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
21:06:18.0931 5364 vga - ok
21:06:18.0987 5364 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
21:06:18.0988 5364 VgaSave - ok
21:06:19.0007 5364 viaide (4f964e6828156f0ef3fa8d3a9a7895de) C:\Windows\system32\drivers\viaide.sys
21:06:19.0008 5364 viaide - ok
21:06:19.0091 5364 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
21:06:19.0094 5364 volmgr - ok
21:06:19.0175 5364 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
21:06:19.0195 5364 volmgrx - ok
21:06:19.0275 5364 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
21:06:19.0281 5364 volsnap - ok
21:06:19.0314 5364 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
21:06:19.0318 5364 vsmraid - ok
21:06:19.0444 5364 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
21:06:19.0527 5364 VSS - ok
21:06:19.0630 5364 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
21:06:19.0652 5364 W32Time - ok
21:06:19.0694 5364 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
21:06:19.0695 5364 WacomPen - ok
21:06:19.0737 5364 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
21:06:19.0740 5364 Wanarp - ok
21:06:19.0746 5364 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
21:06:19.0748 5364 Wanarpv6 - ok
21:06:19.0850 5364 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
21:06:19.0874 5364 wcncsvc - ok
21:06:19.0900 5364 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
21:06:19.0905 5364 WcsPlugInService - ok
21:06:19.0963 5364 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
21:06:19.0964 5364 Wd - ok
21:06:20.0060 5364 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
21:06:20.0116 5364 Wdf01000 - ok
21:06:20.0137 5364 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
21:06:20.0142 5364 WdiServiceHost - ok
21:06:20.0147 5364 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
21:06:20.0151 5364 WdiSystemHost - ok
21:06:20.0208 5364 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
21:06:20.0216 5364 WebClient - ok
21:06:20.0293 5364 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
21:06:20.0301 5364 Wecsvc - ok
21:06:20.0352 5364 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
21:06:20.0357 5364 wercplsupport - ok
21:06:20.0410 5364 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
21:06:20.0415 5364 WerSvc - ok
21:06:20.0473 5364 WinDefend - ok
21:06:20.0483 5364 WinHttpAutoProxySvc - ok
21:06:20.0584 5364 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
21:06:20.0589 5364 Winmgmt - ok
21:06:20.0778 5364 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
21:06:20.0866 5364 WinRM - ok
21:06:21.0036 5364 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
21:06:21.0061 5364 Wlansvc - ok
21:06:21.0171 5364 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:06:21.0173 5364 WmiAcpi - ok
21:06:21.0257 5364 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
21:06:21.0262 5364 wmiApSrv - ok
21:06:21.0318 5364 WMPNetworkSvc - ok
21:06:21.0381 5364 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
21:06:21.0388 5364 WPCSvc - ok
21:06:21.0455 5364 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
21:06:21.0460 5364 WPDBusEnum - ok
21:06:21.0533 5364 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
21:06:21.0537 5364 WpdUsb - ok
21:06:21.0754 5364 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:06:21.0768 5364 WPFFontCache_v0400 - ok
21:06:21.0821 5364 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
21:06:21.0822 5364 ws2ifsl - ok
21:06:21.0880 5364 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
21:06:21.0885 5364 wscsvc - ok
21:06:21.0894 5364 WSearch - ok
21:06:22.0120 5364 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
21:06:22.0197 5364 wuauserv - ok
21:06:22.0317 5364 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:06:22.0320 5364 WUDFRd - ok
21:06:22.0376 5364 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
21:06:22.0381 5364 wudfsvc - ok
21:06:22.0455 5364 yukonx64 (07f7285220307aafb755d890295f0f9a) C:\Windows\system32\DRIVERS\yk60x64.sys
21:06:22.0462 5364 yukonx64 - ok
21:06:22.0576 5364 {55662437-DA8C-40c0-AADA-2C816A897A49} (15cc7077d2dc28776cd430ecabbffd66) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
21:06:22.0577 5364 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
21:06:22.0603 5364 MBR (0x1B8) (588ae8f0c685c02ba11f30d9cd7e61a0) \Device\Harddisk0\DR0
21:06:22.0907 5364 \Device\Harddisk0\DR0 - ok
21:06:22.0912 5364 Boot (0x1200) (cead4ce2578bee1165dd63076e3b8c55) \Device\Harddisk0\DR0\Partition0
21:06:22.0914 5364 \Device\Harddisk0\DR0\Partition0 - ok
21:06:22.0925 5364 Boot (0x1200) (19ad2fe022b14124c4524076532b3dca) \Device\Harddisk0\DR0\Partition1
21:06:22.0927 5364 \Device\Harddisk0\DR0\Partition1 - ok
21:06:22.0931 5364 ============================================================
21:06:22.0931 5364 Scan finished
21:06:22.0931 5364 ============================================================
21:06:22.0953 4116 Detected object count: 0
21:06:22.0953 4116 Actual detected object count: 0

#4 smithk3933

smithk3933
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:06 PM

Posted 30 July 2012 - 08:57 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-30 21:12:35
-----------------------------
21:12:35.018 OS Version: Windows x64 6.0.6002 Service Pack 2
21:12:35.018 Number of processors: 2 586 0x170A
21:12:35.019 ComputerName: HP-LAPTOP UserName: Keith
21:12:37.282 Initialize success
21:13:59.481 AVAST engine defs: 12073100
21:14:06.260 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:14:06.263 Disk 0 Vendor: FUJITSU_ 8909 Size: 305245MB BusType: 3
21:14:06.273 Disk 0 MBR read successfully
21:14:06.277 Disk 0 MBR scan
21:14:06.284 Disk 0 unknown MBR code
21:14:06.289 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 292471 MB offset 63
21:14:06.319 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 12770 MB offset 598982656
21:14:06.379 Disk 0 scanning C:\Windows\system32\drivers
21:14:25.496 Service scanning
21:14:59.636 Modules scanning
21:14:59.648 Disk 0 trace - called modules:
21:14:59.679 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
21:14:59.686 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800506d790]
21:15:00.032 3 CLASSPNP.SYS[fffffa6000a56c33] -> nt!IofCallDriver -> [0xfffffa8004f65390]
21:15:00.041 5 hpdskflt.sys[fffffa6001c020ee] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004c11050]
21:15:01.575 AVAST engine scan C:\Windows
21:15:08.217 AVAST engine scan C:\Windows\system32
21:20:26.801 AVAST engine scan C:\Windows\system32\drivers
21:20:53.928 AVAST engine scan C:\Users\Keith
21:43:18.022 AVAST engine scan C:\ProgramData
21:52:27.964 Scan finished successfully
21:55:26.542 Disk 0 MBR has been saved successfully to "C:\Users\Keith\Documents\MBR.dat"
21:55:26.551 The log file has been saved successfully to "C:\Users\Keith\Documents\aswMBR.txt"

#5 smithk3933

smithk3933
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:06 PM

Posted 30 July 2012 - 10:12 PM

The following URL is typical of where it gets routed when the Original Google Search returned entries based on the search "RUFF HOUSING" as an example.

http://63.209.69.107/search/web/ruff+housing/C10/ecn/46355-8911_1346/v5

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:06 PM

Posted 30 July 2012 - 10:16 PM

Still waiting for ESET scanner log

#7 smithk3933

smithk3933
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:06 PM

Posted 31 July 2012 - 07:26 AM

ESET:


C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Keith\AppData\Local\Google\Chrome\User Data\Default\Default\aagfddgddcdjdcdcdfdjgggbdedfdfgf\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:06 PM

Posted 31 July 2012 - 07:28 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#9 smithk3933

smithk3933
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:06 PM

Posted 31 July 2012 - 09:15 AM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.31.08

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Keith :: HP-LAPTOP [administrator]

7/31/2012 8:34:24 AM
mbam-log-2012-07-31 (08-34-24).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 385114
Time elapsed: 1 hour(s), 38 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#10 smithk3933

smithk3933
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:06 PM

Posted 31 July 2012 - 11:11 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Keith (administrator) on 31-07-2012 at 12:07:41
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 802.11b/g WLAN = Wireless Network Connection (Connected)
Realtek RTL8102/8103 Family PCI-E FE NIC = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : HP-Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
Physical Address. . . . . . . . . : 00-21-00-AB-7F-56
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::411c:d473:f20c:af1%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, July 30, 2012 7:58:54 PM
Lease Expires . . . . . . . . . . : Wednesday, August 01, 2012 8:23:17 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 268443904
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-21-9F-6A-00-23-8B-73-71-7A
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8102/8103 Family PCI-E FE NIC
Physical Address. . . . . . . . . : 00-23-8B-73-71-7A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{08BD5CE9-7628-4140-9529-BCA414F2A5B6}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{00D767B4-75AE-4894-89B9-A40A23972454}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2001:4860:800a::71
74.125.134.113
74.125.134.138
74.125.134.139
74.125.134.100
74.125.134.101
74.125.134.102



Pinging google.com [74.125.134.113] with 32 bytes of data:

Reply from 74.125.134.113: bytes=32 time=19ms TTL=48

Reply from 74.125.134.113: bytes=32 time=19ms TTL=48



Ping statistics for 74.125.134.113:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 19ms, Maximum = 19ms, Average = 19ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=46ms TTL=53

Reply from 209.191.122.70: bytes=32 time=62ms TTL=53



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 46ms, Maximum = 62ms, Average = 54ms

Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 21 00 ab 7f 56 ...... Broadcom 802.11b/g WLAN
10 ...00 23 8b 73 71 7a ...... Realtek RTL8102/8103 Family PCI-E FE NIC
1 ........................... Software Loopback Interface 1
15 ...00 00 00 00 00 00 00 e0 isatap.{08BD5CE9-7628-4140-9529-BCA414F2A5B6}
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
14 ...00 00 00 00 00 00 00 e0 isatap.{00D767B4-75AE-4894-89B9-A40A23972454}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 281
192.168.1.100 255.255.255.255 On-link 192.168.1.100 281
192.168.1.255 255.255.255.255 On-link 192.168.1.100 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::411c:d473:f20c:af1/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/31/2012 08:33:04 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\KEITH\DOWNLOADS\UNCONFIRMED 8998.CRDOWNLOAD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/30/2012 09:57:24 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\KEITH\DOWNLOADS\UNCONFIRMED 38773.CRDOWNLOAD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/30/2012 09:05:11 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\KEITH\DOWNLOADS\UNCONFIRMED 77391.CRDOWNLOAD> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/30/2012 08:59:01 PM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 20.0.1132.57, time stamp 0x4ffb8830, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x074a20c0,
process id 0xa6c, application start time 0xchrome.exe0.

Error: (07/30/2012 07:59:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2012 05:56:01 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Failed to start service

Error: (07/30/2012 05:53:48 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Failed to start service

Error: (07/30/2012 05:53:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2012 05:50:37 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Failed to start service

Error: (07/30/2012 05:50:30 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Failed to start service


System errors:
=============
Error: (07/30/2012 08:46:26 AM) (Source: Service Control Manager) (User: )
Description: 30000Netman

Error: (07/14/2012 08:32:10 AM) (Source: Service Control Manager) (User: )
Description: 30000Netman

Error: (07/13/2012 10:38:40 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer GATEWAY
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{08BD5CE9-7628-4140-9529-BCA414F2A5B6}.
The master browser is stopping or an election is being forced.

Error: (07/12/2012 04:30:13 PM) (Source: DCOM) (User: )
Description: {28778B62-8481-400D-8E8A-A4C81ED3F65C}

Error: (07/12/2012 04:29:57 PM) (Source: DCOM) (User: )
Description: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}

Error: (07/12/2012 04:29:25 PM) (Source: DCOM) (User: )
Description: {6295DF2D-35EE-11D1-8707-00C04FD93327}

Error: (06/28/2012 11:01:27 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer GATEWAY
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{08BD5CE9-7628-4140-9529-BCA414F2A5B6}.
The master browser is stopping or an election is being forced.

Error: (06/21/2012 07:06:04 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update Aux32 from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US(Language Pack) into Staged(Staged) state

Error: (06/21/2012 07:06:04 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US(Language Pack) into Staged(Staged) state

Error: (06/21/2012 07:06:04 PM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US (Language Pack) into Install Requested(Install Requested) state


Microsoft Office Sessions:
=========================
Error: (07/31/2012 08:33:04 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\KEITH\DOWNLOADS\UNCONFIRMED 8998.CRDOWNLOAD

Error: (07/30/2012 09:57:24 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\KEITH\DOWNLOADS\UNCONFIRMED 38773.CRDOWNLOAD

Error: (07/30/2012 09:05:11 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\KEITH\DOWNLOADS\UNCONFIRMED 77391.CRDOWNLOAD

Error: (07/30/2012 08:59:01 PM) (Source: Application Error)(User: )
Description: chrome.exe20.0.1132.574ffb8830unknown0.0.0.000000000c0000005074a20c0a6c01cd6eb06c7591ad

Error: (07/30/2012 07:59:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2012 05:56:01 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Failed to start service

Error: (07/30/2012 05:53:48 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Failed to start service

Error: (07/30/2012 05:53:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2012 05:50:37 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Failed to start service

Error: (07/30/2012 05:50:30 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Failed to start service


=========================== Installed Programs ============================

Agere Systems HDA Modem
Bing Maps 3D (Version: 4.0.903.16005)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.10.38.14)
Canon MP620 series MP Drivers
Garmin Communicator Plugin x64 (Version: 4.0.1)
Google Chrome (Version: 20.0.1132.57)
HP MediaSmart SmartMenu (Version: 2.0.8)
HP Officejet Pro 8500 A910 Basic Device Software (Version: 22.50.231.0)
HP Smart Web Printing 4.60 (Version: 4.60)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Move Media Player
ProtectSmart Hard Drive Protection (Version: 3.10.1.7)
Synaptics Pointing Device Driver (Version: 11.1.18.0)
Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0) (Version: 09/04/2008 2.6.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 67%
Total physical RAM: 4026.27 MB
Available physical RAM: 1292.44 MB
Total Pagefile: 8245.8 MB
Available Pagefile: 5387.93 MB
Total Virtual: 4095.88 MB
Available Virtual: 3992.43 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:285.62 GB) (Free:172.91 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.47 GB) (Free:1.97 GB) NTFS

========================= Users: ========================================

User accounts for \\HP-LAPTOP

Administrator Guest Keith


**** End of log ****

#11 smithk3933

smithk3933
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:06 PM

Posted 31 July 2012 - 11:14 AM

FSS Log:


C:\Windows\System32\drivers\afd.sys
[2012-02-16 14:26] - [2012-01-03 10:25] - 0404992 ____A (Microsoft Corporation) C4F6CE6087760AD70960C9EB130E7943

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-11 14:11] - [2012-03-30 08:45] - 1423744 ____A (Microsoft Corporation) 46D448E9117464E4D3BBF36D7E3FA48E

C:\Windows\System32\dnsrslvr.dll
[2011-04-13 12:10] - [2011-03-02 12:12] - 0117760 ____A (Microsoft Corporation) 06230F1B721494A6DF8D47FD395BB1B0

C:\Windows\System32\mpssvc.dll
[2009-12-03 13:48] - [2009-04-11 03:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C

C:\Windows\System32\bfe.dll
[2009-12-03 13:47] - [2009-04-11 03:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe
[2009-12-03 13:48] - [2009-04-11 03:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1

C:\Windows\System32\wscsvc.dll
[2009-12-03 13:46] - [2009-04-11 03:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A

C:\Windows\System32\wbem\WMIsvc.dll
[2009-12-03 13:47] - [2009-04-11 03:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02

C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll
[2009-12-03 13:48] - [2009-04-11 03:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C

C:\Windows\System32\es.dll
[2009-12-03 13:48] - [2009-04-11 03:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF

C:\Windows\System32\cryptsvc.dll
[2012-06-13 07:40] - [2012-04-23 12:25] - 0174592 ____A (Microsoft Corporation) 62740B9D2A137E8CED41A9E4239A7A31

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-12-03 13:48] - [2009-04-11 03:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF



**** End of log ****

#12 smithk3933

smithk3933
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:06 PM

Posted 31 July 2012 - 11:22 AM

and finally the ADWARE Cleaner results:


# AdwCleaner v1.703 - Logfile created 07/31/2012 at 12:15:14
# Updated 20/07/2012 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : Keith - HP-LAPTOP
# Running from : C:\Users\Keith\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Users\Keith\AppData\Local\Temp\avg@toolbar
Deleted on reboot : C:\Program Files (x86)\StartNow Toolbar
File Deleted : C:\Users\Keith\AppData\Local\Temp\Uninstall.exe

***** [Registry] *****

Key Deleted : HKCU\Software\Zugo

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v20.0.1132.57

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:06 PM

Posted 31 July 2012 - 12:39 PM

Do you still have redirects?

#14 smithk3933

smithk3933
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:06 PM

Posted 31 July 2012 - 01:28 PM

It seems to have been resolved!!! I think it must have been one of the last two utilities that corrected it! Outstanding. Thanks for the great response!

Keith

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:06 PM

Posted 31 July 2012 - 01:32 PM

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users