Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

alurian virus


  • Please log in to reply
13 replies to this topic

#1 kellis1231

kellis1231

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:georgetown tx
  • Local time:05:12 AM

Posted 18 April 2012 - 08:40 AM

On HP laptop G72 64 bit system, running windows 7 and office 2010. On Sunday, my computer suddenly shut down - all by itself. Once it restarted, I was unable to open any programs except IE. I was unable to run any anti virus program (MB, SuperAntispyware, TDSSkiller, etc.) I went to the Microsoft site and ran their online Safety Scanner. It identified the Trojan Aluerian.A. After researching online, and unable to run any type of removal program, I reinstalled Windows 7. Everything seems to be OK now except when I ran TDSSkiller it found several items. I selected delete and reboot to cure, but everytime I run TDSSkiller, it continues to find the same items. Can you help me determine how to resolve this? The item it is finding is hpqcxs08. Some of the posts i have read say this could be a dangerous malware file. It is located at HKLM\SYSTEM\ControlSet001\services\hpqcxs08.

Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum, due to the absence of any logs. ~ Animal

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:12 AM

Posted 18 April 2012 - 10:02 AM

TDSSkiller is not finding the actual rootkit but just a helper service related to the rootkit

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 Queen-Evie

Queen-Evie

    Official Bleepin' Bama Belle


  • Global Moderator
  • 7,679 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Tuscaloosa, Alabama
  • Local time:05:12 AM

Posted 18 April 2012 - 10:15 AM

It is located at HKLM\SYSTEM\ControlSet001\services\hpqcxs08.


Do you have an HP all-in-one printer/scanner/copier?

FWIW, this is a legitmate entry relating to HP all-in-one printer units. My other computer has an HP all-in-one and the same entry in the registry.

HAVING MENTIONED THAT FACT it is up to someone who knows more about malware removal than I do to determine if you are infected.

#4 kellis1231

kellis1231
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:georgetown tx
  • Local time:05:12 AM

Posted 18 April 2012 - 11:11 PM

Here is the log you requested. Thank you very much. Kathy

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-18 22:42:26
-----------------------------
22:42:26.020 OS Version: Windows x64 6.1.7600
22:42:26.020 Number of processors: 2 586 0x2502
22:42:26.030 ComputerName: KATHYELLIS-HP UserName: Kathy Ellis
22:42:28.280 Initialize success
22:45:08.330 AVAST engine defs: 12041802
22:46:07.526 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:46:07.531 Disk 0 Vendor: Hitachi_HTS545032B9A300 PB3OCA1G Size: 305245MB BusType: 11
22:46:07.555 Disk 0 MBR read successfully
22:46:07.560 Disk 0 MBR scan
22:46:07.666 Disk 0 Windows 7 default MBR code
22:46:07.679 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
22:46:07.731 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 290333 MB offset 409600
22:46:07.796 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 14608 MB offset 595011584
22:46:07.846 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768
22:46:08.052 Disk 0 scanning C:\Windows\system32\drivers
22:46:19.077 Service scanning
22:46:19.550 Service 00240540 C:\Windows\system32\drivers\00696678.sys **HIDDEN**
22:46:53.146 Modules scanning
22:46:53.502 Disk 0 trace - called modules:
22:46:53.513
22:46:54.524 AVAST engine scan C:\Windows
22:46:57.647 AVAST engine scan C:\Windows\system32
22:50:59.856 AVAST engine scan C:\Windows\system32\drivers
22:51:12.856 AVAST engine scan C:\Users\Kathy Ellis
22:56:39.267 Disk 0 MBR has been saved successfully to "C:\Users\Kathy Ellis\Desktop\MBR.dat"
22:56:39.270 The log file has been saved successfully to "C:\Users\Kathy Ellis\Desktop\aswMBR.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:12 AM

Posted 18 April 2012 - 11:21 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

#6 kellis1231

kellis1231
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:georgetown tx
  • Local time:05:12 AM

Posted 18 April 2012 - 11:28 PM

I ran TDSSKiller but i do not know how to post the logs. can you please help me with that?

#7 kellis1231

kellis1231
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:georgetown tx
  • Local time:05:12 AM

Posted 18 April 2012 - 11:30 PM

i apologize - i did not see your comment about the log being in the C drive. i found it and here it is:

23:23:35.0001 1736 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
23:23:35.0433 1736 ============================================================
23:23:35.0433 1736 Current date / time: 2012/04/18 23:23:35.0433
23:23:35.0433 1736 SystemInfo:
23:23:35.0433 1736
23:23:35.0433 1736 OS Version: 6.1.7600 ServicePack: 0.0
23:23:35.0433 1736 Product type: Workstation
23:23:35.0433 1736 ComputerName: KATHYELLIS-HP
23:23:35.0443 1736 UserName: Kathy Ellis
23:23:35.0443 1736 Windows directory: C:\Windows
23:23:35.0443 1736 System windows directory: C:\Windows
23:23:35.0443 1736 Running under WOW64
23:23:35.0443 1736 Processor architecture: Intel x64
23:23:35.0443 1736 Number of processors: 2
23:23:35.0443 1736 Page size: 0x1000
23:23:35.0443 1736 Boot type: Normal boot
23:23:35.0443 1736 ============================================================
23:23:38.0521 1736 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:23:45.0083 1736 Drive \Device\Harddisk1\DR1 - Size: 0x15D27100000 (1396.61 Gb), SectorSize: 0x200, Cylinders: 0x2C82B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:23:45.0103 1736 \Device\Harddisk0\DR0:
23:23:45.0103 1736 MBR partitions:
23:23:45.0103 1736 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
23:23:45.0103 1736 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2370E800
23:23:45.0103 1736 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23772800, BlocksNum 0x1C88000
23:23:45.0103 1736 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
23:23:45.0103 1736 \Device\Harddisk1\DR1:
23:23:45.0103 1736 MBR partitions:
23:23:45.0103 1736 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAE9387C0
23:23:45.0133 1736 C: <-> \Device\Harddisk0\DR0\Partition1
23:23:45.0183 1736 D: <-> \Device\Harddisk0\DR0\Partition2
23:23:45.0193 1736 E: <-> \Device\Harddisk0\DR0\Partition3
23:23:45.0213 1736 H: <-> \Device\Harddisk1\DR1\Partition0
23:23:45.0213 1736 Initialize success
23:23:45.0213 1736 ============================================================
23:23:57.0897 4384 ============================================================
23:23:57.0897 4384 Scan started
23:23:57.0897 4384 Mode: Manual; TDLFS;
23:23:57.0897 4384 ============================================================
23:23:58.0529 4384 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
23:23:58.0529 4384 1394ohci - ok
23:23:58.0559 4384 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
23:23:58.0569 4384 ACPI - ok
23:23:58.0619 4384 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
23:23:58.0619 4384 AcpiPmi - ok
23:23:58.0729 4384 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:23:58.0729 4384 AdobeFlashPlayerUpdateSvc - ok
23:23:58.0849 4384 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
23:23:58.0859 4384 adp94xx - ok
23:23:58.0979 4384 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
23:23:58.0979 4384 adpahci - ok
23:23:58.0999 4384 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
23:23:58.0999 4384 adpu320 - ok
23:23:59.0029 4384 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
23:23:59.0029 4384 AeLookupSvc - ok
23:23:59.0109 4384 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
23:23:59.0119 4384 AFD - ok
23:23:59.0199 4384 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
23:23:59.0199 4384 agp440 - ok
23:23:59.0269 4384 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
23:23:59.0269 4384 ALG - ok
23:23:59.0339 4384 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
23:23:59.0339 4384 aliide - ok
23:23:59.0369 4384 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
23:23:59.0369 4384 amdide - ok
23:23:59.0419 4384 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
23:23:59.0419 4384 AmdK8 - ok
23:23:59.0429 4384 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:23:59.0429 4384 AmdPPM - ok
23:23:59.0499 4384 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
23:23:59.0499 4384 amdsata - ok
23:23:59.0569 4384 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
23:23:59.0569 4384 amdsbs - ok
23:23:59.0629 4384 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
23:23:59.0629 4384 amdxata - ok
23:23:59.0689 4384 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
23:23:59.0689 4384 AppID - ok
23:23:59.0749 4384 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
23:23:59.0749 4384 AppIDSvc - ok
23:23:59.0799 4384 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
23:23:59.0799 4384 Appinfo - ok
23:23:59.0869 4384 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
23:23:59.0869 4384 AppMgmt - ok
23:23:59.0929 4384 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
23:23:59.0929 4384 arc - ok
23:23:59.0969 4384 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
23:23:59.0969 4384 arcsas - ok
23:24:00.0019 4384 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:24:00.0019 4384 AsyncMac - ok
23:24:00.0029 4384 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
23:24:00.0029 4384 atapi - ok
23:24:00.0109 4384 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
23:24:00.0119 4384 AudioEndpointBuilder - ok
23:24:00.0139 4384 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
23:24:00.0139 4384 AudioSrv - ok
23:24:00.0219 4384 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
23:24:00.0219 4384 AxInstSV - ok
23:24:00.0295 4384 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
23:24:00.0295 4384 b06bdrv - ok
23:24:00.0404 4384 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:24:00.0404 4384 b57nd60a - ok
23:24:00.0451 4384 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
23:24:00.0451 4384 BDESVC - ok
23:24:00.0545 4384 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:24:00.0545 4384 Beep - ok
23:24:00.0607 4384 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
23:24:00.0623 4384 BFE - ok
23:24:00.0732 4384 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
23:24:00.0747 4384 BITS - ok
23:24:00.0841 4384 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:24:00.0841 4384 blbdrive - ok
23:24:00.0888 4384 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
23:24:00.0888 4384 bowser - ok
23:24:00.0950 4384 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:24:00.0950 4384 BrFiltLo - ok
23:24:00.0981 4384 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:24:00.0981 4384 BrFiltUp - ok
23:24:01.0013 4384 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
23:24:01.0028 4384 Browser - ok
23:24:01.0075 4384 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:24:01.0075 4384 Brserid - ok
23:24:01.0091 4384 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:24:01.0091 4384 BrSerWdm - ok
23:24:01.0106 4384 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:24:01.0106 4384 BrUsbMdm - ok
23:24:01.0122 4384 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:24:01.0122 4384 BrUsbSer - ok
23:24:01.0137 4384 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:24:01.0137 4384 BTHMODEM - ok
23:24:01.0153 4384 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
23:24:01.0153 4384 bthserv - ok
23:24:01.0200 4384 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:24:01.0215 4384 cdfs - ok
23:24:01.0247 4384 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
23:24:01.0262 4384 cdrom - ok
23:24:01.0293 4384 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
23:24:01.0309 4384 CertPropSvc - ok
23:24:01.0371 4384 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
23:24:01.0371 4384 circlass - ok
23:24:01.0434 4384 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:24:01.0449 4384 CLFS - ok
23:24:01.0496 4384 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:24:01.0496 4384 clr_optimization_v2.0.50727_32 - ok
23:24:01.0559 4384 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:24:01.0559 4384 clr_optimization_v2.0.50727_64 - ok
23:24:01.0683 4384 clwvd (e13a438f9e51dd034730678e33b73290) C:\Windows\system32\DRIVERS\clwvd.sys
23:24:01.0683 4384 clwvd - ok
23:24:01.0746 4384 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:24:01.0746 4384 CmBatt - ok
23:24:01.0777 4384 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
23:24:01.0777 4384 cmdide - ok
23:24:01.0886 4384 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
23:24:01.0886 4384 CNG - ok
23:24:01.0980 4384 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
23:24:01.0980 4384 Compbatt - ok
23:24:02.0011 4384 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
23:24:02.0011 4384 CompositeBus - ok
23:24:02.0027 4384 COMSysApp - ok
23:24:02.0042 4384 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
23:24:02.0042 4384 crcdisk - ok
23:24:02.0136 4384 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
23:24:02.0151 4384 CryptSvc - ok
23:24:02.0198 4384 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
23:24:02.0214 4384 CSC - ok
23:24:02.0307 4384 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
23:24:02.0323 4384 CscService - ok
23:24:02.0432 4384 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
23:24:02.0448 4384 DcomLaunch - ok
23:24:02.0619 4384 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
23:24:02.0619 4384 defragsvc - ok
23:24:02.0744 4384 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
23:24:02.0744 4384 DfsC - ok
23:24:02.0791 4384 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
23:24:02.0791 4384 Dhcp - ok
23:24:02.0885 4384 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:24:02.0885 4384 discache - ok
23:24:02.0931 4384 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
23:24:02.0931 4384 Disk - ok
23:24:03.0034 4384 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
23:24:03.0044 4384 Dnscache - ok
23:24:03.0094 4384 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
23:24:03.0104 4384 dot3svc - ok
23:24:03.0184 4384 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
23:24:03.0184 4384 Dot4 - ok
23:24:03.0264 4384 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:24:03.0264 4384 Dot4Print - ok
23:24:03.0354 4384 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
23:24:03.0354 4384 dot4usb - ok
23:24:03.0424 4384 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
23:24:03.0434 4384 DPS - ok
23:24:03.0504 4384 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:24:03.0514 4384 drmkaud - ok
23:24:03.0584 4384 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
23:24:03.0594 4384 DXGKrnl - ok
23:24:03.0684 4384 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
23:24:03.0684 4384 EapHost - ok
23:24:03.0814 4384 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
23:24:03.0844 4384 ebdrv - ok
23:24:03.0934 4384 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
23:24:03.0944 4384 EFS - ok
23:24:04.0014 4384 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
23:24:04.0024 4384 ehRecvr - ok
23:24:04.0074 4384 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
23:24:04.0074 4384 ehSched - ok
23:24:04.0154 4384 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
23:24:04.0164 4384 elxstor - ok
23:24:04.0204 4384 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
23:24:04.0204 4384 ErrDev - ok
23:24:04.0284 4384 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
23:24:04.0284 4384 EventSystem - ok
23:24:04.0344 4384 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:24:04.0344 4384 exfat - ok
23:24:04.0434 4384 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:24:04.0434 4384 fastfat - ok
23:24:04.0504 4384 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
23:24:04.0514 4384 Fax - ok
23:24:04.0604 4384 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
23:24:04.0604 4384 fdc - ok
23:24:04.0654 4384 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
23:24:04.0654 4384 fdPHost - ok
23:24:04.0694 4384 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
23:24:04.0704 4384 FDResPub - ok
23:24:04.0754 4384 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:24:04.0764 4384 FileInfo - ok
23:24:04.0784 4384 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:24:04.0784 4384 Filetrace - ok
23:24:04.0794 4384 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
23:24:04.0804 4384 flpydisk - ok
23:24:04.0814 4384 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
23:24:04.0814 4384 FltMgr - ok
23:24:04.0884 4384 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
23:24:04.0904 4384 FontCache - ok
23:24:04.0984 4384 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:24:04.0984 4384 FontCache3.0.0.0 - ok
23:24:05.0059 4384 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:24:05.0059 4384 FsDepends - ok
23:24:05.0137 4384 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
23:24:05.0137 4384 Fs_Rec - ok
23:24:05.0200 4384 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:24:05.0200 4384 fvevol - ok
23:24:05.0278 4384 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:24:05.0278 4384 gagp30kx - ok
23:24:05.0371 4384 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
23:24:05.0387 4384 gpsvc - ok
23:24:05.0512 4384 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:24:05.0512 4384 gupdate - ok
23:24:05.0512 4384 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:24:05.0527 4384 gupdatem - ok
23:24:05.0543 4384 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:24:05.0605 4384 gusvc - ok
23:24:05.0699 4384 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:24:05.0715 4384 hcw85cir - ok
23:24:05.0777 4384 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
23:24:05.0793 4384 HdAudAddService - ok
23:24:05.0902 4384 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:24:05.0902 4384 HDAudBus - ok
23:24:05.0949 4384 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
23:24:05.0949 4384 HECIx64 - ok
23:24:05.0980 4384 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
23:24:05.0980 4384 HidBatt - ok
23:24:06.0073 4384 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
23:24:06.0073 4384 HidBth - ok
23:24:06.0089 4384 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
23:24:06.0089 4384 HidIr - ok
23:24:06.0136 4384 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
23:24:06.0136 4384 hidserv - ok
23:24:06.0261 4384 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
23:24:06.0261 4384 HidUsb - ok
23:24:06.0292 4384 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
23:24:06.0292 4384 hkmsvc - ok
23:24:06.0339 4384 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
23:24:06.0339 4384 HomeGroupListener - ok
23:24:06.0401 4384 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
23:24:06.0417 4384 HomeGroupProvider - ok
23:24:06.0588 4384 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
23:24:06.0588 4384 hpqcxs08 - ok
23:24:06.0697 4384 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
23:24:06.0713 4384 HpSAMD - ok
23:24:06.0760 4384 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
23:24:06.0760 4384 HTTP - ok
23:24:06.0853 4384 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
23:24:06.0853 4384 hwpolicy - ok
23:24:06.0885 4384 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
23:24:06.0900 4384 i8042prt - ok
23:24:07.0009 4384 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
23:24:07.0025 4384 iaStorV - ok
23:24:07.0119 4384 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:24:07.0134 4384 idsvc - ok
23:24:07.0524 4384 igfx (f4f91789c7c7a159ce8215c1f69f2a85) C:\Windows\system32\DRIVERS\igdkmd64.sys
23:24:07.0805 4384 igfx - ok
23:24:07.0945 4384 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
23:24:07.0945 4384 iirsp - ok
23:24:07.0992 4384 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
23:24:08.0008 4384 IKEEXT - ok
23:24:08.0101 4384 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
23:24:08.0117 4384 intelide - ok
23:24:08.0133 4384 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:24:08.0133 4384 intelppm - ok
23:24:08.0164 4384 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
23:24:08.0164 4384 IPBusEnum - ok
23:24:08.0257 4384 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:24:08.0257 4384 IpFilterDriver - ok
23:24:08.0320 4384 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
23:24:08.0335 4384 iphlpsvc - ok
23:24:08.0429 4384 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:24:08.0429 4384 IPMIDRV - ok
23:24:08.0460 4384 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:24:08.0460 4384 IPNAT - ok
23:24:08.0476 4384 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:24:08.0476 4384 IRENUM - ok
23:24:08.0569 4384 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
23:24:08.0585 4384 isapnp - ok
23:24:08.0616 4384 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
23:24:08.0616 4384 iScsiPrt - ok
23:24:08.0632 4384 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:24:08.0647 4384 kbdclass - ok
23:24:08.0741 4384 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
23:24:08.0741 4384 kbdhid - ok
23:24:08.0897 4384 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
23:24:08.0897 4384 KeyIso - ok
23:24:09.0178 4384 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
23:24:09.0193 4384 KSecDD - ok
23:24:09.0225 4384 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
23:24:09.0225 4384 KSecPkg - ok
23:24:09.0256 4384 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:24:09.0271 4384 ksthunk - ok
23:24:09.0349 4384 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
23:24:09.0365 4384 KtmRm - ok
23:24:09.0396 4384 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
23:24:09.0412 4384 LanmanServer - ok
23:24:09.0459 4384 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
23:24:09.0459 4384 LanmanWorkstation - ok
23:24:09.0537 4384 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:24:09.0537 4384 lltdio - ok
23:24:09.0615 4384 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
23:24:09.0615 4384 lltdsvc - ok
23:24:09.0677 4384 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
23:24:09.0677 4384 lmhosts - ok
23:24:09.0739 4384 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:24:09.0739 4384 LSI_FC - ok
23:24:09.0755 4384 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:24:09.0771 4384 LSI_SAS - ok
23:24:09.0771 4384 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:24:09.0786 4384 LSI_SAS2 - ok
23:24:09.0802 4384 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:24:09.0802 4384 LSI_SCSI - ok
23:24:09.0817 4384 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:24:09.0817 4384 luafv - ok
23:24:09.0864 4384 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
23:24:09.0864 4384 MBAMProtector - ok
23:24:09.0942 4384 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:24:09.0958 4384 MBAMService - ok
23:24:10.0051 4384 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
23:24:10.0051 4384 Mcx2Svc - ok
23:24:10.0098 4384 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
23:24:10.0098 4384 megasas - ok
23:24:10.0145 4384 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
23:24:10.0145 4384 MegaSR - ok
23:24:10.0176 4384 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:24:10.0176 4384 MMCSS - ok
23:24:10.0239 4384 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:24:10.0239 4384 Modem - ok
23:24:10.0270 4384 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:24:10.0270 4384 monitor - ok
23:24:10.0301 4384 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:24:10.0317 4384 mouclass - ok
23:24:10.0379 4384 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:24:10.0379 4384 mouhid - ok
23:24:10.0395 4384 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
23:24:10.0395 4384 mountmgr - ok
23:24:10.0441 4384 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
23:24:10.0441 4384 MpFilter - ok
23:24:10.0535 4384 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
23:24:10.0535 4384 mpio - ok
23:24:10.0582 4384 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
23:24:10.0597 4384 MpNWMon - ok
23:24:10.0720 4384 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:24:10.0720 4384 mpsdrv - ok
23:24:10.0780 4384 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
23:24:10.0790 4384 MpsSvc - ok
23:24:10.0880 4384 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
23:24:10.0880 4384 MRxDAV - ok
23:24:10.0940 4384 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:24:10.0960 4384 mrxsmb - ok
23:24:10.0990 4384 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:24:11.0000 4384 mrxsmb10 - ok
23:24:11.0100 4384 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:24:11.0100 4384 mrxsmb20 - ok
23:24:11.0140 4384 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
23:24:11.0140 4384 msahci - ok
23:24:11.0150 4384 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
23:24:11.0150 4384 msdsm - ok
23:24:11.0200 4384 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
23:24:11.0200 4384 MSDTC - ok
23:24:11.0280 4384 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:24:11.0290 4384 Msfs - ok
23:24:11.0340 4384 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:24:11.0340 4384 mshidkmdf - ok
23:24:11.0455 4384 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
23:24:11.0455 4384 msisadrv - ok
23:24:11.0490 4384 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
23:24:11.0495 4384 MSiSCSI - ok
23:24:11.0555 4384 msiserver - ok
23:24:11.0602 4384 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:24:11.0625 4384 MSKSSRV - ok
23:24:11.0742 4384 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
23:24:11.0742 4384 MsMpSvc - ok
23:24:11.0842 4384 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:24:11.0842 4384 MSPCLOCK - ok
23:24:11.0892 4384 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:24:11.0892 4384 MSPQM - ok
23:24:11.0922 4384 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
23:24:11.0932 4384 MsRPC - ok
23:24:12.0022 4384 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
23:24:12.0032 4384 mssmbios - ok
23:24:12.0052 4384 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:24:12.0052 4384 MSTEE - ok
23:24:12.0092 4384 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
23:24:12.0092 4384 MTConfig - ok
23:24:12.0102 4384 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:24:12.0102 4384 Mup - ok
23:24:12.0152 4384 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
23:24:12.0162 4384 napagent - ok
23:24:12.0282 4384 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:24:12.0282 4384 NativeWifiP - ok
23:24:12.0382 4384 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
23:24:12.0392 4384 NDIS - ok
23:24:12.0492 4384 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:24:12.0492 4384 NdisCap - ok
23:24:12.0552 4384 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:24:12.0552 4384 NdisTapi - ok
23:24:12.0642 4384 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
23:24:12.0642 4384 Ndisuio - ok
23:24:12.0662 4384 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
23:24:12.0662 4384 NdisWan - ok
23:24:12.0682 4384 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
23:24:12.0682 4384 NDProxy - ok
23:24:12.0712 4384 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:24:12.0712 4384 NetBIOS - ok
23:24:12.0732 4384 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
23:24:12.0742 4384 NetBT - ok
23:24:12.0782 4384 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
23:24:12.0782 4384 Netlogon - ok
23:24:12.0892 4384 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
23:24:12.0902 4384 Netman - ok
23:24:12.0922 4384 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
23:24:12.0932 4384 netprofm - ok
23:24:13.0032 4384 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:24:13.0032 4384 NetTcpPortSharing - ok
23:24:13.0112 4384 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
23:24:13.0112 4384 nfrd960 - ok
23:24:13.0172 4384 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:24:13.0172 4384 NisDrv - ok
23:24:13.0252 4384 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
23:24:13.0252 4384 NisSrv - ok
23:24:13.0342 4384 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
23:24:13.0352 4384 NlaSvc - ok
23:24:13.0412 4384 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:24:13.0412 4384 Npfs - ok
23:24:13.0442 4384 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
23:24:13.0442 4384 nsi - ok
23:24:13.0482 4384 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:24:13.0482 4384 nsiproxy - ok
23:24:13.0839 4384 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
23:24:13.0859 4384 Ntfs - ok
23:24:13.0969 4384 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:24:13.0969 4384 Null - ok
23:24:14.0019 4384 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
23:24:14.0019 4384 nvraid - ok
23:24:14.0129 4384 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
23:24:14.0129 4384 nvstor - ok
23:24:14.0179 4384 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
23:24:14.0189 4384 nv_agp - ok
23:24:14.0269 4384 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
23:24:14.0279 4384 ohci1394 - ok
23:24:14.0359 4384 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:24:14.0359 4384 ose - ok
23:24:14.0539 4384 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:24:14.0569 4384 osppsvc - ok
23:24:14.0659 4384 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:24:14.0669 4384 p2pimsvc - ok
23:24:14.0709 4384 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
23:24:14.0719 4384 p2psvc - ok
23:24:14.0819 4384 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
23:24:14.0819 4384 Parport - ok
23:24:14.0849 4384 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
23:24:14.0849 4384 partmgr - ok
23:24:14.0889 4384 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
23:24:14.0889 4384 PcaSvc - ok
23:24:14.0979 4384 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
23:24:14.0989 4384 pci - ok
23:24:14.0999 4384 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
23:24:14.0999 4384 pciide - ok
23:24:15.0029 4384 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
23:24:15.0039 4384 pcmcia - ok
23:24:15.0049 4384 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:24:15.0049 4384 pcw - ok
23:24:15.0159 4384 Peachtree SmartPosting 2012 (d87c58dd652df387c4e9a0f9ce595d69) C:\Program Files (x86)\Sage\Peachtree\SmartPostingService2012.exe
23:24:15.0189 4384 Peachtree SmartPosting 2012 - ok
23:24:15.0309 4384 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:24:15.0319 4384 PEAUTH - ok
23:24:15.0439 4384 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
23:24:15.0459 4384 PeerDistSvc - ok
23:24:15.0529 4384 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
23:24:15.0539 4384 PerfHost - ok
23:24:15.0649 4384 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
23:24:15.0679 4384 pla - ok
23:24:15.0809 4384 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
23:24:15.0819 4384 PlugPlay - ok
23:24:15.0849 4384 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
23:24:15.0849 4384 PNRPAutoReg - ok
23:24:15.0909 4384 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:24:15.0909 4384 PNRPsvc - ok
23:24:15.0979 4384 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
23:24:15.0989 4384 PolicyAgent - ok
23:24:16.0039 4384 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
23:24:16.0049 4384 Power - ok
23:24:16.0139 4384 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
23:24:16.0149 4384 PptpMiniport - ok
23:24:16.0209 4384 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
23:24:16.0209 4384 Processor - ok
23:24:16.0269 4384 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
23:24:16.0269 4384 ProfSvc - ok
23:24:16.0359 4384 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
23:24:16.0359 4384 ProtectedStorage - ok
23:24:16.0449 4384 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
23:24:16.0449 4384 Psched - ok
23:24:16.0549 4384 psqlWGE (1ff50da96e12e243a70b5023cfe22d42) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
23:24:16.0619 4384 psqlWGE - ok
23:24:16.0759 4384 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
23:24:16.0789 4384 ql2300 - ok
23:24:16.0879 4384 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
23:24:16.0889 4384 ql40xx - ok
23:24:16.0919 4384 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
23:24:16.0929 4384 QWAVE - ok
23:24:16.0989 4384 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:24:16.0989 4384 QWAVEdrv - ok
23:24:17.0039 4384 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:24:17.0039 4384 RasAcd - ok
23:24:17.0069 4384 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:24:17.0079 4384 RasAgileVpn - ok
23:24:17.0149 4384 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
23:24:17.0149 4384 RasAuto - ok
23:24:17.0219 4384 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:24:17.0219 4384 Rasl2tp - ok
23:24:17.0289 4384 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
23:24:17.0299 4384 RasMan - ok
23:24:17.0359 4384 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:24:17.0369 4384 RasPppoe - ok
23:24:17.0409 4384 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:24:17.0419 4384 RasSstp - ok
23:24:17.0429 4384 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
23:24:17.0439 4384 rdbss - ok
23:24:17.0459 4384 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
23:24:17.0459 4384 rdpbus - ok
23:24:17.0489 4384 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:24:17.0489 4384 RDPCDD - ok
23:24:17.0539 4384 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
23:24:17.0539 4384 RDPDR - ok
23:24:17.0569 4384 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:24:17.0569 4384 RDPENCDD - ok
23:24:17.0589 4384 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:24:17.0589 4384 RDPREFMP - ok
23:24:17.0639 4384 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
23:24:17.0639 4384 RDPWD - ok
23:24:17.0729 4384 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
23:24:17.0739 4384 rdyboost - ok
23:24:17.0809 4384 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
23:24:17.0809 4384 RemoteAccess - ok
23:24:17.0869 4384 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
23:24:17.0879 4384 RemoteRegistry - ok
23:24:17.0929 4384 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
23:24:17.0929 4384 RpcEptMapper - ok
23:24:17.0986 4384 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
23:24:17.0986 4384 RpcLocator - ok
23:24:18.0048 4384 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
23:24:18.0064 4384 RpcSs - ok
23:24:18.0173 4384 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:24:18.0173 4384 rspndr - ok
23:24:18.0266 4384 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
23:24:18.0266 4384 RTL8167 - ok
23:24:18.0360 4384 rtl8192se (ce594045b2969f5fc3f77b824629ac7f) C:\Windows\system32\DRIVERS\rtl8192se.sys
23:24:18.0391 4384 rtl8192se - ok
23:24:18.0485 4384 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
23:24:18.0485 4384 s3cap - ok
23:24:18.0532 4384 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
23:24:18.0532 4384 SamSs - ok
23:24:18.0594 4384 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
23:24:18.0594 4384 sbp2port - ok
23:24:18.0688 4384 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
23:24:18.0719 4384 SCardSvr - ok
23:24:18.0797 4384 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
23:24:18.0797 4384 scfilter - ok
23:24:18.0875 4384 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
23:24:18.0906 4384 Schedule - ok
23:24:18.0984 4384 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
23:24:19.0000 4384 SCPolicySvc - ok
23:24:19.0046 4384 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
23:24:19.0046 4384 SDRSVC - ok
23:24:19.0140 4384 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:24:19.0156 4384 secdrv - ok
23:24:19.0390 4384 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
23:24:19.0390 4384 seclogon - ok
23:24:19.0452 4384 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
23:24:19.0452 4384 SENS - ok
23:24:19.0483 4384 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
23:24:19.0483 4384 SensrSvc - ok
23:24:19.0530 4384 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
23:24:19.0546 4384 Serenum - ok
23:24:19.0592 4384 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
23:24:19.0592 4384 Serial - ok
23:24:19.0639 4384 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
23:24:19.0639 4384 sermouse - ok
23:24:19.0702 4384 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
23:24:19.0702 4384 SessionEnv - ok
23:24:19.0780 4384 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
23:24:19.0780 4384 sffdisk - ok
23:24:19.0826 4384 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:24:19.0826 4384 sffp_mmc - ok
23:24:19.0826 4384 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
23:24:19.0826 4384 sffp_sd - ok
23:24:19.0842 4384 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
23:24:19.0842 4384 sfloppy - ok
23:24:19.0904 4384 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
23:24:19.0904 4384 SharedAccess - ok
23:24:19.0967 4384 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
23:24:19.0967 4384 ShellHWDetection - ok
23:24:20.0045 4384 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:24:20.0060 4384 SiSRaid2 - ok
23:24:20.0060 4384 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
23:24:20.0076 4384 SiSRaid4 - ok
23:24:20.0092 4384 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:24:20.0092 4384 Smb - ok
23:24:20.0154 4384 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
23:24:20.0170 4384 SNMPTRAP - ok
23:24:20.0248 4384 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:24:20.0248 4384 spldr - ok
23:24:20.0294 4384 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
23:24:20.0310 4384 Spooler - ok
23:24:20.0497 4384 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
23:24:20.0544 4384 sppsvc - ok
23:24:20.0638 4384 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
23:24:20.0638 4384 sppuinotify - ok
23:24:20.0716 4384 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
23:24:20.0716 4384 srv - ok
23:24:20.0856 4384 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
23:24:20.0856 4384 srv2 - ok
23:24:20.0903 4384 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
23:24:20.0903 4384 srvnet - ok
23:24:21.0028 4384 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
23:24:21.0028 4384 SSDPSRV - ok
23:24:21.0043 4384 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
23:24:21.0043 4384 SstpSvc - ok
23:24:21.0090 4384 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
23:24:21.0090 4384 stexstor - ok
23:24:21.0184 4384 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
23:24:21.0199 4384 stisvc - ok
23:24:21.0293 4384 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
23:24:21.0293 4384 storflt - ok
23:24:21.0308 4384 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
23:24:21.0308 4384 storvsc - ok
23:24:21.0340 4384 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
23:24:21.0340 4384 swenum - ok
23:24:21.0402 4384 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
23:24:21.0418 4384 swprv - ok
23:24:21.0527 4384 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
23:24:21.0558 4384 SysMain - ok
23:24:21.0652 4384 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
23:24:21.0652 4384 TabletInputService - ok
23:24:21.0698 4384 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
23:24:21.0714 4384 TapiSrv - ok
23:24:21.0745 4384 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
23:24:21.0745 4384 TBS - ok
23:24:21.0870 4384 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
23:24:21.0901 4384 Tcpip - ok
23:24:22.0057 4384 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
23:24:22.0073 4384 TCPIP6 - ok
23:24:22.0166 4384 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
23:24:22.0166 4384 tcpipreg - ok
23:24:22.0198 4384 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:24:22.0198 4384 TDPIPE - ok
23:24:22.0229 4384 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
23:24:22.0229 4384 TDTCP - ok
23:24:22.0322 4384 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
23:24:22.0322 4384 tdx - ok
23:24:22.0338 4384 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
23:24:22.0338 4384 TermDD - ok
23:24:22.0385 4384 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
23:24:22.0400 4384 TermService - ok
23:24:22.0510 4384 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
23:24:22.0510 4384 Themes - ok
23:24:22.0541 4384 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:24:22.0541 4384 THREADORDER - ok
23:24:22.0588 4384 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
23:24:22.0588 4384 TrkWks - ok
23:24:22.0619 4384 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
23:24:22.0619 4384 TrustedInstaller - ok
23:24:22.0697 4384 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:24:22.0697 4384 tssecsrv - ok
23:24:22.0759 4384 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
23:24:22.0759 4384 tunnel - ok
23:24:22.0853 4384 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
23:24:22.0853 4384 uagp35 - ok
23:24:22.0868 4384 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
23:24:22.0868 4384 udfs - ok
23:24:22.0915 4384 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
23:24:22.0915 4384 UI0Detect - ok
23:24:23.0024 4384 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
23:24:23.0024 4384 uliagpkx - ok
23:24:23.0056 4384 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
23:24:23.0056 4384 umbus - ok
23:24:23.0149 4384 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
23:24:23.0149 4384 UmPass - ok
23:24:23.0180 4384 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
23:24:23.0180 4384 UmRdpService - ok
23:24:23.0243 4384 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
23:24:23.0258 4384 upnphost - ok
23:24:23.0336 4384 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
23:24:23.0336 4384 usbccgp - ok
23:24:23.0383 4384 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
23:24:23.0383 4384 usbcir - ok
23:24:23.0508 4384 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
23:24:23.0508 4384 usbehci - ok
23:24:23.0539 4384 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
23:24:23.0555 4384 usbhub - ok
23:24:23.0648 4384 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
23:24:23.0648 4384 usbohci - ok
23:24:23.0695 4384 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:24:23.0695 4384 usbprint - ok
23:24:23.0820 4384 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:24:23.0820 4384 usbscan - ok
23:24:23.0867 4384 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
23:24:23.0867 4384 USBSTOR - ok
23:24:23.0882 4384 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
23:24:23.0882 4384 usbuhci - ok
23:24:24.0023 4384 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
23:24:24.0023 4384 usbvideo - ok
23:24:24.0054 4384 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
23:24:24.0054 4384 UxSms - ok
23:24:24.0148 4384 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
23:24:24.0148 4384 VaultSvc - ok
23:24:24.0226 4384 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
23:24:24.0226 4384 vdrvroot - ok
23:24:24.0319 4384 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
23:24:24.0335 4384 vds - ok
23:24:24.0413 4384 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:24:24.0413 4384 vga - ok
23:24:24.0506 4384 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:24:24.0506 4384 VgaSave - ok
23:24:24.0522 4384 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
23:24:24.0522 4384 vhdmp - ok
23:24:24.0538 4384 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
23:24:24.0538 4384 viaide - ok
23:24:24.0569 4384 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
23:24:24.0569 4384 vmbus - ok
23:24:24.0600 4384 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
23:24:24.0600 4384 VMBusHID - ok
23:24:24.0702 4384 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
23:24:24.0702 4384 volmgr - ok
23:24:24.0712 4384 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
23:24:24.0722 4384 volmgrx - ok
23:24:24.0742 4384 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
23:24:24.0742 4384 volsnap - ok
23:24:24.0772 4384 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
23:24:24.0782 4384 vsmraid - ok
23:24:24.0842 4384 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
23:24:24.0862 4384 VSS - ok
23:24:24.0932 4384 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:24:24.0932 4384 vwifibus - ok
23:24:24.0962 4384 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:24:24.0962 4384 vwififlt - ok
23:24:25.0012 4384 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
23:24:25.0022 4384 W32Time - ok
23:24:25.0102 4384 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
23:24:25.0102 4384 WacomPen - ok
23:24:25.0162 4384 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
23:24:25.0172 4384 WANARP - ok
23:24:25.0172 4384 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
23:24:25.0182 4384 Wanarpv6 - ok
23:24:25.0312 4384 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
23:24:25.0332 4384 WatAdminSvc - ok
23:24:25.0442 4384 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
23:24:25.0472 4384 wbengine - ok
23:24:25.0562 4384 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
23:24:25.0572 4384 WbioSrvc - ok
23:24:25.0632 4384 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
23:24:25.0642 4384 wcncsvc - ok
23:24:25.0672 4384 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
23:24:25.0682 4384 WcsPlugInService - ok
23:24:25.0732 4384 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
23:24:25.0732 4384 Wd - ok
23:24:25.0832 4384 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
23:24:25.0832 4384 WDC_SAM - ok
23:24:25.0912 4384 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:24:25.0922 4384 Wdf01000 - ok
23:24:25.0982 4384 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:24:25.0982 4384 WdiServiceHost - ok
23:24:25.0992 4384 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:24:25.0992 4384 WdiSystemHost - ok
23:24:26.0082 4384 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
23:24:26.0092 4384 WebClient - ok
23:24:26.0122 4384 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
23:24:26.0132 4384 Wecsvc - ok
23:24:26.0162 4384 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
23:24:26.0162 4384 wercplsupport - ok
23:24:26.0222 4384 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
23:24:26.0232 4384 WerSvc - ok
23:24:26.0312 4384 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:24:26.0312 4384 WfpLwf - ok
23:24:26.0372 4384 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:24:26.0372 4384 WIMMount - ok
23:24:26.0402 4384 WinDefend - ok
23:24:26.0412 4384 WinHttpAutoProxySvc - ok
23:24:26.0482 4384 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
23:24:26.0492 4384 Winmgmt - ok
23:24:26.0612 4384 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
23:24:26.0642 4384 WinRM - ok
23:24:26.0837 4384 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
23:24:26.0868 4384 Wlansvc - ok
23:24:26.0976 4384 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:24:26.0976 4384 WmiAcpi - ok
23:24:27.0046 4384 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
23:24:27.0046 4384 wmiApSrv - ok
23:24:27.0086 4384 WMPNetworkSvc - ok
23:24:27.0166 4384 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
23:24:27.0176 4384 WPCSvc - ok
23:24:27.0196 4384 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
23:24:27.0206 4384 WPDBusEnum - ok
23:24:27.0256 4384 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:24:27.0256 4384 ws2ifsl - ok
23:24:27.0356 4384 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
23:24:27.0366 4384 wscsvc - ok
23:24:27.0376 4384 WSearch - ok
23:24:27.0466 4384 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
23:24:27.0486 4384 wuauserv - ok
23:24:27.0586 4384 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
23:24:27.0586 4384 WudfPf - ok
23:24:27.0636 4384 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:24:27.0636 4384 WUDFRd - ok
23:24:27.0676 4384 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
23:24:27.0676 4384 wudfsvc - ok
23:24:27.0766 4384 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
23:24:27.0776 4384 WwanSvc - ok
23:24:27.0836 4384 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:24:27.0946 4384 \Device\Harddisk0\DR0 - ok
23:24:27.0956 4384 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
23:24:28.0116 4384 \Device\Harddisk1\DR1 - ok
23:24:28.0126 4384 Boot (0x1200) (583ef8c6ea055b2b7dd92510a164ef38) \Device\Harddisk0\DR0\Partition0
23:24:28.0126 4384 \Device\Harddisk0\DR0\Partition0 - ok
23:24:28.0156 4384 Boot (0x1200) (ebe9c8c6953eb695d7479dba73770148) \Device\Harddisk0\DR0\Partition1
23:24:28.0156 4384 \Device\Harddisk0\DR0\Partition1 - ok
23:24:28.0186 4384 Boot (0x1200) (0029a60bb6d28cde55b40ef8b18041b4) \Device\Harddisk0\DR0\Partition2
23:24:28.0186 4384 \Device\Harddisk0\DR0\Partition2 - ok
23:24:28.0206 4384 Boot (0x1200) (1d8806fb92f8d1f22e7b42f259a02baa) \Device\Harddisk0\DR0\Partition3
23:24:28.0206 4384 \Device\Harddisk0\DR0\Partition3 - ok
23:24:28.0216 4384 Boot (0x1200) (e7ad5589715290208b64460d043093ad) \Device\Harddisk1\DR1\Partition0
23:24:28.0216 4384 \Device\Harddisk1\DR1\Partition0 - ok
23:24:28.0216 4384 ============================================================
23:24:28.0216 4384 Scan finished
23:24:28.0216 4384 ============================================================
23:24:28.0236 1652 Detected object count: 0
23:24:28.0236 1652 Actual detected object count: 0

#8 kellis1231

kellis1231
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:georgetown tx
  • Local time:05:12 AM

Posted 19 April 2012 - 07:30 AM

Here is log from what i am hoping is a clean Malwarebytes scan.


Malwarebytes Anti-Malware (PRO) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.19.01

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Kathy Ellis :: KATHYELLIS-HP [administrator]

Protection: Enabled

4/19/2012 4:00:03 AM
mbam-log-2012-04-19 (04-00-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 195928
Time elapsed: 2 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:12 AM

Posted 19 April 2012 - 08:35 AM

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#10 kellis1231

kellis1231
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:georgetown tx
  • Local time:05:12 AM

Posted 19 April 2012 - 10:05 PM

EST ON LINE SCANNER:

C:\TDSSKiller_Quarantine\16.04.2012_23.01.12\tdlfs0000\tsk0000.dta Win32/Olmarik.AXZ trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.04.2012_23.01.12\tdlfs0000\tsk0001.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.04.2012_23.01.12\tdlfs0000\tsk0002.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.04.2012_23.17.55\tdlfs0000\tsk0000.dta Win32/Olmarik.AXZ trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.04.2012_23.17.55\tdlfs0000\tsk0001.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.04.2012_23.17.55\tdlfs0000\tsk0002.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\Users\Kathy Ellis\AppData\Local\Temp\ICReinstall\cnet2_CyberLink_YouCam_Downloader_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined

#11 kellis1231

kellis1231
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:georgetown tx
  • Local time:05:12 AM

Posted 19 April 2012 - 10:09 PM

MiniToolBox by Farbar Version: 18-01-2012
Ran by Kathy Ellis (administrator) on 19-04-2012 at 22:07:26
Microsoft Windows 7 Ultimate (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8191SE 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : KathyEllis-hp
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain_not_set.invalid

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 70-F1-A1-DA-D1-78
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : domain_not_set.invalid
Description . . . . . . . . . . . : Realtek RTL8191SE 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 70-F1-A1-DA-D1-78
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::385c:690f:1ba8:dcda%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.66(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, April 19, 2012 6:22:20 PM
Lease Expires . . . . . . . . . . : Friday, April 20, 2012 6:22:20 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 326168993
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-1D-F8-DE-C8-0A-A9-EA-FA-1F
DNS Servers . . . . . . . . . . . : 192.168.1.1
68.238.96.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : domain_not_set.invalid
Description . . . . . . . . . . . : Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : C8-0A-A9-EA-FA-1F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.domain_not_set.invalid:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : domain_not_set.invalid
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:c82:1780:b884:f946(Preferred)
Link-local IPv6 Address . . . . . : fe80::c82:1780:b884:f946%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{DF27A7DA-61DF-4D85-A1C0-829584233A80}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dslmodem.domain
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.227.129
74.125.227.128
74.125.227.134
74.125.227.132
74.125.227.131
74.125.227.142
74.125.227.135
74.125.227.133
74.125.227.137
74.125.227.136
74.125.227.130


Pinging google.com [74.125.227.137] with 32 bytes of data:
Reply from 74.125.227.137: bytes=32 time=39ms TTL=55
Reply from 74.125.227.137: bytes=32 time=39ms TTL=55

Ping statistics for 74.125.227.137:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 39ms, Maximum = 39ms, Average = 39ms
Server: dslmodem.domain
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=205ms TTL=50
Reply from 98.139.183.24: bytes=32 time=87ms TTL=50

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 87ms, Maximum = 205ms, Average = 146ms
Server: dslmodem.domain
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=7ms TTL=128
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 5ms, Maximum = 7ms, Average = 6ms
===========================================================================
Interface List
25...70 f1 a1 da d1 78 ......Microsoft Virtual WiFi Miniport Adapter
14...70 f1 a1 da d1 78 ......Realtek RTL8191SE 802.11b/g/n WiFi Adapter
11...c8 0a a9 ea fa 1f ......Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.66 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.66 281
192.168.1.66 255.255.255.255 On-link 192.168.1.66 281
192.168.1.255 255.255.255.255 On-link 192.168.1.66 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.66 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.66 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:c82:1780:b884:f946/128
On-link
14 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::c82:1780:b884:f946/128
On-link
14 281 fe80::385c:690f:1ba8:dcda/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
14 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/19/2012 07:09:47 PM) (Source: Application Hang) (User: )
Description: The program Acrobat.exe version 10.1.3.23 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e18

Start Time: 01cd1e89d9c616d3

Termination Time: 16

Application Path: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe

Report Id: 2077987e-8a7d-11e1-821f-c80aa9eafa1f

Error: (04/19/2012 07:09:21 PM) (Source: Application Hang) (User: )
Description: The program Acrobat.exe version 10.1.3.23 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1550

Start Time: 01cd1e569bdfa34b

Termination Time: 4462

Application Path: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe

Report Id: edd8d52a-8a7c-11e1-821f-c80aa9eafa1f

Error: (04/19/2012 07:03:29 PM) (Source: Application Hang) (User: )
Description: The program PDR10.exe version 10.0.0.1424 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 11f4

Start Time: 01cd1e851a4b386b

Termination Time: 1842

Application Path: C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe

Report Id: dfee744a-8a7a-11e1-821f-c80aa9eafa1f

Error: (04/19/2012 06:56:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/19/2012 06:55:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/19/2012 06:52:29 PM) (Source: MsiInstaller) (User: Kathy Ellis)Kathy Ellis
Description: Product: MSXML 4.0 SP2 (KB973688) -- Error 1935. An error occured during the installation of assembly component {7B2B4EA5-1028-B7E6-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9876.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"

Error: (04/19/2012 05:24:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: Hpqdirec.exe, version: 130.0.44.62, time stamp: 0x4a0c0922
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x1198
Faulting application start time: 0xHpqdirec.exe0
Faulting application path: Hpqdirec.exe1
Faulting module path: Hpqdirec.exe2
Report Id: Hpqdirec.exe3

Error: (04/19/2012 05:07:11 PM) (Source: Application Error) (User: )
Description: Faulting application name: Hpqdirec.exe, version: 130.0.44.62, time stamp: 0x4a0c0922
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x1914
Faulting application start time: 0xHpqdirec.exe0
Faulting application path: Hpqdirec.exe1
Faulting module path: Hpqdirec.exe2
Report Id: Hpqdirec.exe3

Error: (04/19/2012 10:50:55 AM) (Source: Software Protection Platform Service) (User: )
Description: Acquisition of End User License failed. hr=0xC004C008
Sku Id=ac96e1a8-6cc4-4310-a4ff-332ce77fb5b8

Error: (04/19/2012 10:50:55 AM) (Source: Software Protection Platform Service) (User: )
Description: License acquisition failure details.
hr=0xC004C008


System errors:
=============
Error: (04/19/2012 06:56:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB973688).

Error: (04/19/2012 02:14:52 PM) (Source: Service Control Manager) (User: )
Description: The CyberLink PowerDVD 12 Media Server Monitor Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (04/19/2012 02:14:51 PM) (Source: Service Control Manager) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (04/19/2012 11:24:34 AM) (Source: DCOM) (User: )
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -Embedding740{B3EDE298-AE75-4A1C-AB7E-1B9229B77BBE}

Error: (04/19/2012 10:25:30 AM) (Source: Service Control Manager) (User: )
Description: The CyberLink PowerDVD 12 Media Server Monitor Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (04/19/2012 10:25:29 AM) (Source: Service Control Manager) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (04/18/2012 11:03:29 PM) (Source: DCOM) (User: Kathy Ellis)
Description: application-specificLocalActivation{F706B4B5-72BC-49D5-967C-05194FA83446}{F706B4B5-72BC-49D5-967C-05194FA83446}KathyEllis-hpKathy EllisS-1-5-21-3700042763-3039227250-2771175788-1000LocalHost (Using LRPC)

Error: (04/18/2012 11:03:29 PM) (Source: DCOM) (User: Kathy Ellis)
Description: application-specificLocalActivation{F706B4B5-72BC-49D5-967C-05194FA83446}{F706B4B5-72BC-49D5-967C-05194FA83446}KathyEllis-hpKathy EllisS-1-5-21-3700042763-3039227250-2771175788-1000LocalHost (Using LRPC)

Error: (04/18/2012 11:03:26 PM) (Source: DCOM) (User: Kathy Ellis)
Description: application-specificLocalActivation{F706B4B5-72BC-49D5-967C-05194FA83446}{F706B4B5-72BC-49D5-967C-05194FA83446}KathyEllis-hpKathy EllisS-1-5-21-3700042763-3039227250-2771175788-1000LocalHost (Using LRPC)

Error: (04/18/2012 11:03:26 PM) (Source: DCOM) (User: Kathy Ellis)
Description: application-specificLocalActivation{F706B4B5-72BC-49D5-967C-05194FA83446}{F706B4B5-72BC-49D5-967C-05194FA83446}KathyEllis-hpKathy EllisS-1-5-21-3700042763-3039227250-2771175788-1000LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (04/19/2012 07:09:47 PM) (Source: Application Hang)(User: )
Description: Acrobat.exe10.1.3.23e1801cd1e89d9c616d316C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe2077987e-8a7d-11e1-821f-c80aa9eafa1f

Error: (04/19/2012 07:09:21 PM) (Source: Application Hang)(User: )
Description: Acrobat.exe10.1.3.23155001cd1e569bdfa34b4462C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exeedd8d52a-8a7c-11e1-821f-c80aa9eafa1f

Error: (04/19/2012 07:03:29 PM) (Source: Application Hang)(User: )
Description: PDR10.exe10.0.0.142411f401cd1e851a4b386b1842C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exedfee744a-8a7a-11e1-821f-c80aa9eafa1f

Error: (04/19/2012 06:56:14 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Kathy Ellis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R39YSFQ6\esetsmartinstaller_enu.exe

Error: (04/19/2012 06:55:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Kathy Ellis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R39YSFQ6\esetsmartinstaller_enu.exe

Error: (04/19/2012 06:52:29 PM) (Source: MsiInstaller)(User: Kathy Ellis)Kathy Ellis
Description: Product: MSXML 4.0 SP2 (KB973688) -- Error 1935. An error occured during the installation of assembly component {7B2B4EA5-1028-B7E6-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9876.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/19/2012 05:24:13 PM) (Source: Application Error)(User: )
Description: Hpqdirec.exe130.0.44.624a0c0922unknown0.0.0.000000000c000000500000000119801cd1e797db4bf68C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exeunknown64248cab-8a6e-11e1-821f-c80aa9eafa1f

Error: (04/19/2012 05:07:11 PM) (Source: Application Error)(User: )
Description: Hpqdirec.exe130.0.44.624a0c0922unknown0.0.0.000000000c000000500000000191401cd1e787a675a1cC:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exeunknown02c07fff-8a6c-11e1-821f-c80aa9eafa1f

Error: (04/19/2012 10:50:55 AM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004C008ac96e1a8-6cc4-4310-a4ff-332ce77fb5b8

Error: (04/19/2012 10:50:55 AM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004C00800010001(0x00000000, 10:50:55:391 - http://go.microsoft.com/fwlink/?LinkID=88341)
00020001(0x00000000, 10:50:55:392)
00030001(0x00000000, 10:50:55:392 - http://go.microsoft.com)
00030002(0x00000000, 10:50:55:392 - 1)
00020005(0x00000000, 10:50:55:392 - 0)
0002000C(0x00000000, 10:50:55:483 - 302)
0002000E(0x00000000, 10:50:55:483 - https://activation.sls.microsoft.com/sllicensing/SLLicense.asmx)
00020001(0x00000000, 10:50:55:484)
00030001(0x00000000, 10:50:55:484 - https://activation.sls.microsoft.com)
00030002(0x00000000, 10:50:55:484 - 1)
00020005(0x00000000, 10:50:55:484 - 0)
0002000C(0x00000000, 10:50:55:986 - 500)
00010002(0x8004FC01, 10:50:55:986 - <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>SoapException</faultstring><detail><HRESULT>0xC004C008</HRESULT><Messages><Message>113 (Activation) - [PA Maximum unlock exceeded. ---&gt; Maximum unlock exceeded]</Message></Messages></detail></soap:Fault></soap:Body></soap:Envelope>)
00010003(0x8004FC01, 10:50:55:987)


=========================== Installed Programs ============================

5600 (Version: 130.0.365.000)
5600_Help (Version: 82.0.242.000)
5600Trb (Version: 82.0.242.000)
64 Bit HP CIO Components Installer (Version: 6.2.1)
Adobe Acrobat X Pro - English, Franšais, Deutsch (Version: 10.1.3)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.233)
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
Akamai NetSession Interface
Apple Application Support (Version: 2.0.1)
Apple Software Update (Version: 2.1.3.127)
Art Effects for PDR10 (Version: 2.0)
BufferChm (Version: 130.0.331.000)
Copy (Version: 130.0.428.000)
Coupon Printer for Windows (Version: 5.0.0.1)
CyberLink PowerDirector 10 (Version: 10.0.0.1424c)
CyberLink PowerDirector 10 Content Pack II (Version: 10.0)
CyberLink PowerDVD 12 (Version: 12.0.1421.04)
CyberLink WaveEditor (Version: 1.0.1.3628a)
CyberLink YouCam 5 (Version: 5.0.1129)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DesignPro 5 (Version: 5.5.708)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
ESET Online Scanner v3
EstimatorPro 5.3 (Version: 5.3.0009)
Fax (Version: 130.0.418.000)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
GPBaseService2 (Version: 130.0.371.000)
HiJackThis (Version: 1.0.0)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MarketResearch (Version: 130.0.374.000)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Peachtree Accounting 2012 (Version: 19.00.01)
Peachtree Signature Ready Forms (Version: 6.14.24)
Pervasive PSQL v10 SP2 Workgroup (32-bit) (Version: 10.10.126)
Pervasive PSQL v10 SP2 Workgroup (32-bit) (Version: 10.20.034)
QBFC 7.0 (Version: 7.0.0.134)
QBXMLRP2 (Version: 7.0.0.134)
QuickTime (Version: 7.70.80.34)
RoboForm 7-7-5 (All Users) (Version: 7-7-5)
Sage Integration Services (Version: 2.2.2240)
Scan (Version: 13.0.0.0)
Shop for HP Supplies (Version: 13.0)
SmartSound Quicktracks 5 (Version: 5.1.8)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.469.000)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (Version: 1)
WebReg (Version: 130.0.132.017)
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 69%
Total physical RAM: 3893.86 MB
Available physical RAM: 1186.8 MB
Total Pagefile: 7785.86 MB
Available Pagefile: 4491.04 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.07 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:283.53 GB) (Free:174.51 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.27 GB) (Free:2.35 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

========================= Users: ========================================

User accounts for \\KATHYELLIS-HP

Administrator Guest Kathy Ellis


**** End of log ****

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:12 AM

Posted 19 April 2012 - 11:05 PM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#13 kellis1231

kellis1231
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:georgetown tx
  • Local time:05:12 AM

Posted 19 April 2012 - 11:23 PM

Thank you very much for your time. I really appreciate your help.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:12 AM

Posted 19 April 2012 - 11:38 PM

You're welcome :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users