Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD after login


  • Please log in to reply
21 replies to this topic

#1 joyceingle

joyceingle

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 18 February 2012 - 07:02 PM

(I am moving this post from the Vista Operating System Forum at Admin Allan's instruction)

Repost:
Posted Today, 06:02 PM

Here goes my first post, after a lot of lurking. I am using a Dell XPS M1530 laptop using Vista Home Edition. I am encountering the BSOD upon login. I see my desktop for about 20 seconds before fail. I can login in Safemode with network. I use Norton 360 for AV, have ran Spybot for spyware search, Malwarebytes' Anti Malware for malware search, Microsoft Security Essentials for any known security risks and just to clean up caches CC Cleaner. All found something to correct (neice was down for a visit and left me some presents). But dispite cleanup and removal, I am still BSOD on login.


Upon review of the forum Vista/BSOD impressive collection of BSOD topics, I have downloaded BSOD viewer and created a BSOD.txt for review. (Note, I have ran CC Cleaner during my initial search for malware/spyware/virus. I have since attempted a few boots and have learned my lesson on wiping useful information from my dump logs). Here is the content of the BSOD mini dumps:


==================================================
Dump File : Mini021812-05.dmp
Crash Time : 2/18/2012 5:35:41 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x82cdf14a
Parameter 3 : 0xad23f6a8
Parameter 4 : 0x00000000
Caused By Driver : iastor.sys
Caused By Address : iastor.sys+3d14a
File Description : Intel Matrix Storage Manager driver - ia32
Product Name : Intel Matrix Storage Manager driver
Company : Intel Corporation
File Version : 7.5.0.1017
Processor : 32-bit
Crash Address : iastor.sys+3d14a
Stack Address 1 : ntkrnlpa.exe+44976
Stack Address 2 : MpFilter.sys+bc7
Stack Address 3 : MpFilter.sys+ddfd
Computer Name :
Full Path : C:\Windows\Minidump\Mini021812-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 148,288
==================================================

==================================================
Dump File : Mini021812-04.dmp
Crash Time : 2/18/2012 5:17:59 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x82cdf14a
Parameter 3 : 0xb0a976a8
Parameter 4 : 0x00000000
Caused By Driver : iastor.sys
Caused By Address : iastor.sys+3d14a
File Description : Intel Matrix Storage Manager driver - ia32
Product Name : Intel Matrix Storage Manager driver
Company : Intel Corporation
File Version : 7.5.0.1017
Processor : 32-bit
Crash Address : iastor.sys+3d14a
Stack Address 1 : ntkrnlpa.exe+44976
Stack Address 2 : MpFilter.sys+bc7
Stack Address 3 : MpFilter.sys+ddfd
Computer Name :
Full Path : C:\Windows\Minidump\Mini021812-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 148,288
==================================================

==================================================
Dump File : Mini021812-03.dmp
Crash Time : 2/18/2012 5:05:52 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x82ce514a
Parameter 3 : 0xb17da6a8
Parameter 4 : 0x00000000
Caused By Driver : iastor.sys
Caused By Address : iastor.sys+3d14a
File Description : Intel Matrix Storage Manager driver - ia32
Product Name : Intel Matrix Storage Manager driver
Company : Intel Corporation
File Version : 7.5.0.1017
Processor : 32-bit
Crash Address : iastor.sys+3d14a
Stack Address 1 : ntkrnlpa.exe+44976
Stack Address 2 : MpFilter.sys+bc7
Stack Address 3 : MpFilter.sys+ddfd
Computer Name :
Full Path : C:\Windows\Minidump\Mini021812-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 148,688
==================================================

==================================================
Dump File : Mini021812-02.dmp
Crash Time : 2/18/2012 5:02:49 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x82ce314a
Parameter 3 : 0x81c546a8
Parameter 4 : 0x00000000
Caused By Driver : iastor.sys
Caused By Address : iastor.sys+3d14a
File Description : Intel Matrix Storage Manager driver - ia32
Product Name : Intel Matrix Storage Manager driver
Company : Intel Corporation
File Version : 7.5.0.1017
Processor : 32-bit
Crash Address : iastor.sys+3d14a
Stack Address 1 : ntkrnlpa.exe+44976
Stack Address 2 : MpFilter.sys+bc7
Stack Address 3 : MpFilter.sys+ddfd
Computer Name :
Full Path : C:\Windows\Minidump\Mini021812-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 145,992
==================================================

==================================================
Dump File : Mini021812-01.dmp
Crash Time : 2/18/2012 5:00:42 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x82ce614a
Parameter 3 : 0xab8bf6a8
Parameter 4 : 0x00000000
Caused By Driver : iastor.sys
Caused By Address : iastor.sys+3d14a
File Description : Intel Matrix Storage Manager driver - ia32
Product Name : Intel Matrix Storage Manager driver
Company : Intel Corporation
File Version : 7.5.0.1017
Processor : 32-bit
Crash Address : iastor.sys+3d14a
Stack Address 1 : ntkrnlpa.exe+44976
Stack Address 2 : MpFilter.sys+bc7
Stack Address 3 : MpFilter.sys+ddfd
Computer Name :
Full Path : C:\Windows\Minidump\Mini021812-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 148,288
==================================================

Any help or direction to a BSOD topic more like mine please direct.

Thank you,
Joyce

(Admin Allan helped me by informing me of the problem of having two AVs (MSE and Norton 360) even if MSE is not running. Should we fix the boot up problem, I will immediately remove MSE.)

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:04 PM

Posted 18 February 2012 - 07:22 PM

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

============================================================

Download BTKR_RunBox to your desktop.

Double click on downloaded BTKR_RunBox.exe file.
Small RunBox DOS window will open.
Press any key to continue.
Press "1" to select "Run a scan with Bootkit Remover" option.
Press "Enter".
Press "Enter" one more time to generate log.
Click OK, IF any "Warning" message pops up.
Notepad will open with Bootkit Remover log.
Copy the content and post it in your next reply.
In RunBox press "4" then Enter to exit it.

NOTE. In case you lost the log it's also located on your desktop as "scan.txt"

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 joyceingle

joyceingle
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 18 February 2012 - 07:47 PM

Thank you Broni.

aswMBR log:

aswMBR version 0.9.9.1618 Copyright© 2011 AVAST Software
Run date: 2012-02-18 19:29:05
-----------------------------
19:29:05.992 OS Version: Windows 6.0.6002 Service Pack 2
19:29:05.992 Number of processors: 2 586 0xF0B
19:29:05.992 ComputerName: LARRY-PC UserName: larry
19:29:13.667 Initialize success
19:29:59.500 AVAST engine defs: 12021802
19:30:17.143 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
19:30:17.143 Disk 0 Vendor: ST920042 3.AD Size: 190782MB BusType: 3
19:30:17.159 Disk 0 MBR read successfully
19:30:17.190 Disk 0 MBR scan
19:30:17.190 Disk 0 MBR:Pihar-C [Rtk]
19:30:17.206 Disk 0 TDL4@MBR code has been found
19:30:17.206 Disk 0 Windows VISTA default MBR code found via API
19:30:17.206 Disk 0 MBR hidden
19:30:17.221 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 78 MB offset 63
19:30:17.221 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 161792
19:30:17.268 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 177902 MB offset 21133312
19:30:17.268 Disk 0 Partition - 00 0F Extended LBA 2560 MB offset 385476608
19:30:17.299 Disk 0 Partition 4 00 DD MSDOS5.0 2559 MB offset 385478656
19:30:17.331 Disk 0 MBR [TDL4] **ROOTKIT**
19:30:17.346 Disk 0 trace - called modules:
19:30:17.346 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x86a3849f]<<
19:30:17.362 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86804840]
19:30:17.377 3 CLASSPNP.SYS[8ada48b3] -> nt!IofCallDriver -> [0x869eff08]
19:30:17.377 \Driver\iaStor[0x869ac730] -> IRP_MJ_CREATE -> 0x86a3849f
19:30:18.267 AVAST engine scan C:\Windows
19:30:20.887 AVAST engine scan C:\Windows\system32
19:33:53.765 AVAST engine scan C:\Windows\system32\drivers
19:34:08.491 AVAST engine scan C:\Users\larry
19:37:27.625 AVAST engine scan C:\ProgramData
19:40:09.772 Disk 0 MBR has been saved successfully to "C:\Users\larry\Desktop\MBR.dat"
19:40:09.803 The log file has been saved successfully to "C:\Users\larry\Desktop\aswMBR.txt"


BTKR_Runbox log:

Bootkit Remover
© 2009 eSage Lab
www.esagelab.com
Program version: 1.2.0.0
OS Version: Microsoft Windows Vista Home Premium Edition Service Pack 2 (build 6002), 32-bit
System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000002`84f00000

Size Device Name MBR Status
--------------------------------------------
186 GB \\.\PhysicalDrive0 Controlled by rootkit!

Boot code on some of your physical disks is hidden by a rootkit.
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]

Done;



Press any key to quit...

Awaiting your reply.

Joyce

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:04 PM

Posted 18 February 2012 - 07:51 PM

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 joyceingle

joyceingle
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 18 February 2012 - 08:17 PM

I have been requested to reboot. Before I reboot, should I reboot Normally (risking continued BSOD) or continue in Safe Mode with Network.

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:04 PM

Posted 18 February 2012 - 08:20 PM

Try to boot normally.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 joyceingle

joyceingle
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 18 February 2012 - 08:32 PM

Looking good, first successful boot in days. Here is the report from TDSSKiller:
20:12:40.0892 2168 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
20:12:41.0828 2168 ============================================================
20:12:41.0828 2168 Current date / time: 2012/02/18 20:12:41.0828
20:12:41.0828 2168 SystemInfo:
20:12:41.0828 2168
20:12:41.0828 2168 OS Version: 6.0.6002 ServicePack: 2.0
20:12:41.0828 2168 Product type: Workstation
20:12:41.0828 2168 ComputerName: LARRY-PC
20:12:41.0828 2168 UserName: larry
20:12:41.0828 2168 Windows directory: C:\Windows
20:12:41.0828 2168 System windows directory: C:\Windows
20:12:41.0828 2168 Processor architecture: Intel x86
20:12:41.0828 2168 Number of processors: 2
20:12:41.0828 2168 Page size: 0x1000
20:12:41.0828 2168 Boot type: Safe boot with network
20:12:41.0828 2168 ============================================================
20:12:42.0671 2168 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:12:42.0671 2168 \Device\Harddisk0\DR0:
20:12:42.0671 2168 MBR used
20:12:42.0671 2168 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x27800, BlocksNum 0x1400000
20:12:42.0671 2168 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1427800, BlocksNum 0x15B77000
20:12:42.0764 2168 Initialize success
20:12:42.0764 2168 ============================================================
20:12:46.0617 1368 ============================================================
20:12:46.0617 1368 Scan started
20:12:46.0617 1368 Mode: Manual;
20:12:46.0617 1368 ============================================================
20:12:48.0567 1368 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:12:48.0567 1368 ACPI - ok
20:12:48.0645 1368 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
20:12:48.0677 1368 adp94xx - ok
20:12:48.0848 1368 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
20:12:48.0957 1368 adpahci - ok
20:12:49.0082 1368 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
20:12:49.0082 1368 adpu160m - ok
20:12:49.0269 1368 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
20:12:49.0269 1368 adpu320 - ok
20:12:49.0535 1368 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:12:49.0659 1368 AFD - ok
20:12:49.0956 1368 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
20:12:49.0956 1368 agp440 - ok
20:12:50.0065 1368 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:12:50.0065 1368 aic78xx - ok
20:12:50.0174 1368 aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys
20:12:50.0174 1368 aliide - ok
20:12:50.0299 1368 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
20:12:50.0299 1368 amdagp - ok
20:12:50.0424 1368 amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys
20:12:50.0424 1368 amdide - ok
20:12:50.0486 1368 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
20:12:50.0486 1368 AmdK7 - ok
20:12:50.0517 1368 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
20:12:50.0517 1368 AmdK8 - ok
20:12:50.0564 1368 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\Windows\system32\DRIVERS\Apfiltr.sys
20:12:50.0564 1368 ApfiltrService - ok
20:12:50.0642 1368 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
20:12:50.0642 1368 arc - ok
20:12:50.0658 1368 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
20:12:50.0658 1368 arcsas - ok
20:12:50.0720 1368 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:12:50.0720 1368 AsyncMac - ok
20:12:50.0767 1368 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\DRIVERS\ATAPI.SYS
20:12:50.0767 1368 atapi - ok
20:12:50.0861 1368 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:12:50.0861 1368 Beep - ok
20:12:50.0892 1368 blbdrive - ok
20:12:50.0954 1368 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:12:50.0954 1368 bowser - ok
20:12:51.0001 1368 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:12:51.0001 1368 BrFiltLo - ok
20:12:51.0032 1368 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:12:51.0032 1368 BrFiltUp - ok
20:12:51.0079 1368 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:12:51.0110 1368 Brserid - ok
20:12:51.0141 1368 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:12:51.0141 1368 BrSerWdm - ok
20:12:51.0173 1368 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:12:51.0173 1368 BrUsbMdm - ok
20:12:51.0204 1368 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:12:51.0204 1368 BrUsbSer - ok
20:12:51.0219 1368 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
20:12:51.0219 1368 BthEnum - ok
20:12:51.0266 1368 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:12:51.0266 1368 BTHMODEM - ok
20:12:51.0329 1368 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
20:12:51.0329 1368 BthPan - ok
20:12:51.0391 1368 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
20:12:51.0407 1368 BTHPORT - ok
20:12:51.0453 1368 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
20:12:51.0453 1368 BTHUSB - ok
20:12:51.0547 1368 btwaudio (4a28e7bd365377d0512b7ef8c7596d2c) C:\Windows\system32\drivers\btwaudio.sys
20:12:51.0578 1368 btwaudio - ok
20:12:51.0625 1368 btwavdt (5ffde57253d665067b0886612817eb11) C:\Windows\system32\drivers\btwavdt.sys
20:12:51.0656 1368 btwavdt - ok
20:12:51.0719 1368 btwrchid (ab07dc8b05c31a4f95fc73019be9db15) C:\Windows\system32\DRIVERS\btwrchid.sys
20:12:51.0719 1368 btwrchid - ok
20:12:51.0859 1368 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:12:51.0875 1368 cdfs - ok
20:12:51.0984 1368 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:12:51.0984 1368 cdrom - ok
20:12:52.0109 1368 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys
20:12:52.0109 1368 cfwids - ok
20:12:52.0171 1368 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
20:12:52.0202 1368 circlass - ok
20:12:52.0280 1368 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:12:52.0311 1368 CLFS - ok
20:12:52.0374 1368 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
20:12:52.0389 1368 CmBatt - ok
20:12:52.0436 1368 cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys
20:12:52.0452 1368 cmdide - ok
20:12:52.0499 1368 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
20:12:52.0514 1368 Compbatt - ok
20:12:52.0608 1368 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
20:12:52.0623 1368 crcdisk - ok
20:12:52.0686 1368 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
20:12:52.0686 1368 Crusoe - ok
20:12:52.0811 1368 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:12:52.0873 1368 DfsC - ok
20:12:52.0967 1368 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:12:52.0967 1368 disk - ok
20:12:53.0029 1368 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:12:53.0029 1368 drmkaud - ok
20:12:53.0138 1368 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
20:12:53.0185 1368 DSproct - ok
20:12:53.0232 1368 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
20:12:53.0232 1368 dsunidrv - ok
20:12:53.0325 1368 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:12:53.0357 1368 DXGKrnl - ok
20:12:53.0388 1368 dzhwyifx - ok
20:12:53.0435 1368 e1express (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys
20:12:53.0450 1368 e1express - ok
20:12:53.0513 1368 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:12:53.0513 1368 E1G60 - ok
20:12:53.0762 1368 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:12:53.0793 1368 Ecache - ok
20:12:54.0480 1368 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
20:12:55.0135 1368 elxstor - ok
20:12:55.0837 1368 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:12:55.0853 1368 exfat - ok
20:12:55.0993 1368 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:12:56.0009 1368 fastfat - ok
20:12:56.0102 1368 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
20:12:56.0102 1368 fdc - ok
20:12:56.0196 1368 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:12:56.0196 1368 FileInfo - ok
20:12:56.0321 1368 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:12:56.0321 1368 Filetrace - ok
20:12:56.0367 1368 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
20:12:56.0367 1368 flpydisk - ok
20:12:56.0461 1368 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:12:56.0461 1368 FltMgr - ok
20:12:56.0586 1368 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
20:12:56.0586 1368 Fs_Rec - ok
20:12:56.0726 1368 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
20:12:56.0726 1368 gagp30kx - ok
20:12:56.0929 1368 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:12:56.0929 1368 GEARAspiWDM - ok
20:12:57.0038 1368 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:12:57.0054 1368 HDAudBus - ok
20:12:57.0085 1368 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:12:57.0085 1368 HidBth - ok
20:12:57.0147 1368 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:12:57.0147 1368 HidIr - ok
20:12:57.0194 1368 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:12:57.0194 1368 HidUsb - ok
20:12:57.0225 1368 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
20:12:57.0225 1368 HpCISSs - ok
20:12:57.0288 1368 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
20:12:57.0303 1368 HTTP - ok
20:12:57.0350 1368 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
20:12:57.0350 1368 i2omp - ok
20:12:57.0381 1368 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:12:57.0381 1368 i8042prt - ok
20:12:57.0444 1368 iaNvStor (92b37e0a61cd710a0c66dc3567a8bf3c) C:\Windows\system32\drivers\ianvstor.sys
20:12:57.0459 1368 iaNvStor - ok
20:12:57.0506 1368 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
20:12:57.0506 1368 iaStor - ok
20:12:57.0553 1368 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
20:12:57.0553 1368 iaStorV - ok
20:12:57.0615 1368 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:12:57.0615 1368 iirsp - ok
20:12:57.0771 1368 intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\DRIVERS\intelide.sys
20:12:57.0771 1368 intelide - ok
20:12:57.0834 1368 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
20:12:57.0834 1368 intelppm - ok
20:12:57.0927 1368 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:12:57.0927 1368 IpFilterDriver - ok
20:12:57.0943 1368 IpInIp - ok
20:12:58.0005 1368 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
20:12:58.0005 1368 IPMIDRV - ok
20:12:58.0052 1368 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:12:58.0068 1368 IPNAT - ok
20:12:58.0130 1368 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:12:58.0130 1368 IRENUM - ok
20:12:58.0177 1368 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
20:12:58.0177 1368 isapnp - ok
20:12:58.0255 1368 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:12:58.0255 1368 iScsiPrt - ok
20:12:58.0302 1368 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:12:58.0302 1368 iteatapi - ok
20:12:58.0333 1368 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:12:58.0333 1368 iteraid - ok
20:12:58.0380 1368 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:12:58.0380 1368 kbdclass - ok
20:12:58.0411 1368 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
20:12:58.0411 1368 kbdhid - ok
20:12:58.0473 1368 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
20:12:58.0489 1368 KSecDD - ok
20:12:58.0598 1368 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:12:58.0598 1368 lltdio - ok
20:12:58.0692 1368 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
20:12:58.0692 1368 LSI_FC - ok
20:12:58.0754 1368 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
20:12:58.0754 1368 LSI_SAS - ok
20:12:58.0817 1368 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
20:12:58.0832 1368 LSI_SCSI - ok
20:12:58.0879 1368 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:12:58.0879 1368 luafv - ok
20:12:58.0941 1368 lvpopflt (9fb982de1c8dd769f8ed681dd878b12f) C:\Windows\system32\DRIVERS\lvpopflt.sys
20:12:58.0941 1368 lvpopflt - ok
20:12:58.0988 1368 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
20:12:58.0988 1368 LVPr2Mon - ok
20:12:59.0035 1368 LVRS (37072ec9299e825f4335cc554b6fac6a) C:\Windows\system32\DRIVERS\lvrs.sys
20:12:59.0035 1368 LVRS - ok
20:12:59.0347 1368 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\Windows\system32\DRIVERS\lvuvc.sys
20:12:59.0550 1368 LVUVC - ok
20:12:59.0799 1368 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
20:12:59.0799 1368 megasas - ok
20:12:59.0862 1368 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys
20:12:59.0877 1368 mfeapfk - ok
20:12:59.0940 1368 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys
20:12:59.0940 1368 mfeavfk - ok
20:13:00.0002 1368 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys
20:13:00.0002 1368 mfebopk - ok
20:13:00.0080 1368 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys
20:13:00.0096 1368 mfefirek - ok
20:13:00.0158 1368 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys
20:13:00.0174 1368 mfehidk - ok
20:13:00.0221 1368 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys
20:13:00.0221 1368 mfenlfk - ok
20:13:00.0314 1368 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys
20:13:00.0314 1368 mferkdet - ok
20:13:00.0361 1368 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys
20:13:00.0361 1368 mfewfpk - ok
20:13:00.0423 1368 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:13:00.0423 1368 Modem - ok
20:13:00.0470 1368 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:13:00.0470 1368 monitor - ok
20:13:00.0501 1368 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:13:00.0501 1368 mouclass - ok
20:13:00.0548 1368 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:13:00.0548 1368 mouhid - ok
20:13:00.0611 1368 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:13:00.0611 1368 MountMgr - ok
20:13:00.0720 1368 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
20:13:00.0720 1368 MpFilter - ok
20:13:00.0782 1368 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
20:13:00.0782 1368 mpio - ok
20:13:00.0923 1368 MpKsl79000a05 (a69630d039c38018689190234f866d77) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A3CCE955-9EEE-4297-9E1F-421BC8790B14}\MpKsl79000a05.sys
20:13:00.0923 1368 Suspicious file (Forged): C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A3CCE955-9EEE-4297-9E1F-421BC8790B14}\MpKsl79000a05.sys. Real md5: a69630d039c38018689190234f866d77, Fake md5: 4137ee420481d10734da3018d0325582
20:13:00.0923 1368 MpKsl79000a05 ( ForgedFile.Multi.Generic ) - warning
20:13:00.0923 1368 MpKsl79000a05 - detected ForgedFile.Multi.Generic (1)
20:13:00.0985 1368 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
20:13:00.0985 1368 MpNWMon - ok
20:13:01.0016 1368 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:13:01.0016 1368 mpsdrv - ok
20:13:01.0079 1368 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:13:01.0094 1368 Mraid35x - ok
20:13:01.0157 1368 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:13:01.0157 1368 MRxDAV - ok
20:13:01.0235 1368 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:13:01.0235 1368 mrxsmb - ok
20:13:01.0281 1368 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:13:01.0297 1368 mrxsmb10 - ok
20:13:01.0313 1368 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:13:01.0313 1368 mrxsmb20 - ok
20:13:01.0375 1368 msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys
20:13:01.0375 1368 msahci - ok
20:13:01.0406 1368 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
20:13:01.0422 1368 msdsm - ok
20:13:01.0500 1368 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:13:01.0500 1368 Msfs - ok
20:13:01.0562 1368 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:13:01.0562 1368 msisadrv - ok
20:13:01.0640 1368 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:13:01.0640 1368 MSKSSRV - ok
20:13:01.0734 1368 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:13:01.0734 1368 MSPCLOCK - ok
20:13:01.0781 1368 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:13:01.0781 1368 MSPQM - ok
20:13:01.0812 1368 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:13:01.0812 1368 MsRPC - ok
20:13:01.0874 1368 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:13:01.0874 1368 mssmbios - ok
20:13:01.0905 1368 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:13:01.0905 1368 MSTEE - ok
20:13:01.0952 1368 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:13:01.0952 1368 Mup - ok
20:13:02.0015 1368 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:13:02.0015 1368 NativeWifiP - ok
20:13:02.0093 1368 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:13:02.0108 1368 NDIS - ok
20:13:02.0155 1368 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:13:02.0171 1368 NdisTapi - ok
20:13:02.0233 1368 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:13:02.0233 1368 Ndisuio - ok
20:13:02.0264 1368 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:13:02.0264 1368 NdisWan - ok
20:13:02.0342 1368 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:13:02.0342 1368 NDProxy - ok
20:13:02.0420 1368 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:13:02.0451 1368 NetBIOS - ok
20:13:02.0529 1368 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:13:02.0529 1368 netbt - ok
20:13:02.0654 1368 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
20:13:02.0717 1368 NETw4v32 - ok
20:13:02.0779 1368 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:13:02.0779 1368 nfrd960 - ok
20:13:02.0841 1368 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:13:02.0841 1368 NisDrv - ok
20:13:02.0919 1368 nmwcd (c82f4cc10ad315b6d6bcb14d0a7cad66) C:\Windows\system32\drivers\ccdcmb.sys
20:13:02.0935 1368 nmwcd - ok
20:13:03.0013 1368 nmwcdc (60ef5f5621d7832f00a3f190a0c905e2) C:\Windows\system32\drivers\ccdcmbo.sys
20:13:03.0013 1368 nmwcdc - ok
20:13:03.0075 1368 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:13:03.0075 1368 Npfs - ok
20:13:03.0153 1368 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:13:03.0153 1368 nsiproxy - ok
20:13:03.0278 1368 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:13:03.0309 1368 Ntfs - ok
20:13:03.0419 1368 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:13:03.0419 1368 ntrigdigi - ok
20:13:03.0450 1368 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:13:03.0450 1368 Null - ok
20:13:03.0762 1368 nvlddmkm (bd409de5681c74c1de51d72427dc202d) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:13:04.0027 1368 nvlddmkm - ok
20:13:04.0105 1368 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
20:13:04.0105 1368 nvraid - ok
20:13:04.0152 1368 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
20:13:04.0152 1368 nvstor - ok
20:13:04.0230 1368 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
20:13:04.0230 1368 nv_agp - ok
20:13:04.0292 1368 NwlnkFlt - ok
20:13:04.0308 1368 NwlnkFwd - ok
20:13:04.0417 1368 OEM02Dev (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
20:13:04.0433 1368 OEM02Dev - ok
20:13:04.0495 1368 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
20:13:04.0495 1368 OEM02Vfx - ok
20:13:04.0542 1368 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
20:13:04.0542 1368 ohci1394 - ok
20:13:04.0620 1368 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:13:04.0620 1368 Parport - ok
20:13:04.0682 1368 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
20:13:04.0682 1368 partmgr - ok
20:13:04.0729 1368 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:13:04.0745 1368 Parvdm - ok
20:13:04.0807 1368 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:13:04.0807 1368 pci - ok
20:13:04.0838 1368 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
20:13:04.0838 1368 pciide - ok
20:13:04.0885 1368 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:13:04.0901 1368 pcmcia - ok
20:13:04.0963 1368 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:13:04.0994 1368 PEAUTH - ok
20:13:05.0088 1368 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:13:05.0088 1368 PptpMiniport - ok
20:13:05.0135 1368 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
20:13:05.0150 1368 Processor - ok
20:13:05.0228 1368 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:13:05.0228 1368 PSched - ok
20:13:05.0291 1368 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
20:13:05.0291 1368 PxHelp20 - ok
20:13:05.0384 1368 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
20:13:05.0447 1368 ql2300 - ok
20:13:05.0493 1368 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:13:05.0493 1368 ql40xx - ok
20:13:05.0540 1368 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:13:05.0540 1368 QWAVEdrv - ok
20:13:05.0665 1368 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
20:13:05.0743 1368 R300 - ok
20:13:05.0805 1368 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:13:05.0821 1368 RasAcd - ok
20:13:05.0883 1368 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:13:05.0883 1368 Rasl2tp - ok
20:13:05.0930 1368 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:13:05.0930 1368 RasPppoe - ok
20:13:05.0977 1368 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:13:05.0993 1368 RasSstp - ok
20:13:06.0055 1368 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:13:06.0071 1368 rdbss - ok
20:13:06.0117 1368 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:13:06.0117 1368 RDPCDD - ok
20:13:06.0195 1368 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
20:13:06.0211 1368 rdpdr - ok
20:13:06.0273 1368 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:13:06.0273 1368 RDPENCDD - ok
20:13:06.0351 1368 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
20:13:06.0367 1368 RDPWD - ok
20:13:06.0445 1368 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
20:13:06.0445 1368 RFCOMM - ok
20:13:06.0523 1368 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
20:13:06.0523 1368 rimmptsk - ok
20:13:06.0570 1368 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
20:13:06.0570 1368 rimsptsk - ok
20:13:06.0601 1368 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
20:13:06.0601 1368 rismxdp - ok
20:13:06.0695 1368 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:13:06.0695 1368 rspndr - ok
20:13:06.0757 1368 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:13:06.0757 1368 sbp2port - ok
20:13:06.0835 1368 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
20:13:06.0835 1368 sdbus - ok
20:13:06.0882 1368 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:13:06.0882 1368 secdrv - ok
20:13:06.0929 1368 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:13:06.0929 1368 Serenum - ok
20:13:07.0022 1368 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:13:07.0022 1368 Serial - ok
20:13:07.0069 1368 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:13:07.0069 1368 sermouse - ok
20:13:07.0131 1368 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
20:13:07.0131 1368 sffdisk - ok
20:13:07.0178 1368 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
20:13:07.0194 1368 sffp_mmc - ok
20:13:07.0225 1368 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:13:07.0225 1368 sffp_sd - ok
20:13:07.0287 1368 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
20:13:07.0287 1368 sfloppy - ok
20:13:07.0381 1368 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
20:13:07.0381 1368 sisagp - ok
20:13:07.0443 1368 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
20:13:07.0443 1368 SiSRaid2 - ok
20:13:07.0521 1368 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
20:13:07.0521 1368 SiSRaid4 - ok
20:13:07.0599 1368 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:13:07.0615 1368 Smb - ok
20:13:07.0724 1368 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:13:07.0724 1368 spldr - ok
20:13:07.0802 1368 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:13:07.0818 1368 srv - ok
20:13:07.0880 1368 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:13:07.0880 1368 srv2 - ok
20:13:07.0911 1368 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:13:07.0911 1368 srvnet - ok
20:13:07.0989 1368 STHDA (5af135b2e2097d4494b9067ce84e2665) C:\Windows\system32\drivers\stwrt.sys
20:13:08.0005 1368 STHDA - ok
20:13:08.0036 1368 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:13:08.0036 1368 swenum - ok
20:13:08.0099 1368 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:13:08.0099 1368 Symc8xx - ok
20:13:08.0161 1368 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:13:08.0161 1368 Sym_hi - ok
20:13:08.0208 1368 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:13:08.0208 1368 Sym_u3 - ok
20:13:08.0317 1368 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
20:13:08.0348 1368 Tcpip - ok
20:13:08.0426 1368 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
20:13:08.0442 1368 Tcpip6 - ok
20:13:08.0489 1368 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
20:13:08.0489 1368 tcpipreg - ok
20:13:08.0520 1368 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\Windows\system32\Drivers\tcusb.sys
20:13:08.0551 1368 TcUsb - ok
20:13:08.0582 1368 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:13:08.0582 1368 TDPIPE - ok
20:13:08.0645 1368 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:13:08.0645 1368 TDTCP - ok
20:13:08.0707 1368 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:13:08.0723 1368 tdx - ok
20:13:08.0754 1368 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:13:08.0754 1368 TermDD - ok
20:13:08.0816 1368 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:13:08.0816 1368 tssecsrv - ok
20:13:08.0863 1368 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:13:08.0863 1368 tunmp - ok
20:13:08.0910 1368 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:13:08.0910 1368 tunnel - ok
20:13:08.0988 1368 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
20:13:09.0003 1368 uagp35 - ok
20:13:09.0081 1368 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:13:09.0081 1368 udfs - ok
20:13:09.0159 1368 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
20:13:09.0159 1368 uliagpkx - ok
20:13:09.0191 1368 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
20:13:09.0206 1368 uliahci - ok
20:13:09.0253 1368 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:13:09.0253 1368 UlSata - ok
20:13:09.0331 1368 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:13:09.0331 1368 ulsata2 - ok
20:13:09.0409 1368 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:13:09.0409 1368 umbus - ok
20:13:09.0503 1368 upperdev (bb16932a4189e82d6c455042c11849b6) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
20:13:09.0503 1368 upperdev - ok
20:13:09.0565 1368 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
20:13:09.0565 1368 usbaudio - ok
20:13:09.0596 1368 usbccgp (9e5da2e8be6f9c7b62fcbd92ce2e731d) C:\Windows\system32\DRIVERS\usbccgp.sys
20:13:09.0612 1368 usbccgp - ok
20:13:09.0659 1368 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:13:09.0659 1368 usbcir - ok
20:13:09.0721 1368 usbehci (e776e9ba8a38a8911436ed3de0a22b1a) C:\Windows\system32\DRIVERS\usbehci.sys
20:13:09.0721 1368 usbehci - ok
20:13:09.0752 1368 usbhub (f98692a6fa7b0feabe79cc2517924dc8) C:\Windows\system32\DRIVERS\usbhub.sys
20:13:09.0752 1368 usbhub - ok
20:13:09.0799 1368 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
20:13:09.0799 1368 usbohci - ok
20:13:09.0861 1368 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:13:09.0861 1368 usbprint - ok
20:13:09.0908 1368 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
20:13:09.0908 1368 usbscan - ok
20:13:09.0955 1368 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\DRIVERS\usbser.sys
20:13:09.0955 1368 usbser - ok
20:13:10.0017 1368 UsbserFilt (e748d50b3b2ec7f40a2ba67fb094cf01) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
20:13:10.0017 1368 UsbserFilt - ok
20:13:10.0049 1368 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:13:10.0049 1368 USBSTOR - ok
20:13:10.0095 1368 usbuhci (2de7e06b96916677b3537d98d0c0623a) C:\Windows\system32\DRIVERS\usbuhci.sys
20:13:10.0095 1368 usbuhci - ok
20:13:10.0142 1368 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
20:13:10.0142 1368 usbvideo - ok
20:13:10.0205 1368 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
20:13:10.0205 1368 vga - ok
20:13:10.0267 1368 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:13:10.0267 1368 VgaSave - ok
20:13:10.0329 1368 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
20:13:10.0329 1368 viaagp - ok
20:13:10.0376 1368 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
20:13:10.0376 1368 ViaC7 - ok
20:13:10.0423 1368 viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys
20:13:10.0423 1368 viaide - ok
20:13:10.0454 1368 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:13:10.0485 1368 volmgr - ok
20:13:10.0532 1368 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:13:10.0532 1368 volmgrx - ok
20:13:10.0595 1368 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:13:10.0595 1368 volsnap - ok
20:13:10.0641 1368 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
20:13:10.0657 1368 vsmraid - ok
20:13:10.0719 1368 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:13:10.0719 1368 WacomPen - ok
20:13:10.0766 1368 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:13:10.0766 1368 Wanarp - ok
20:13:10.0797 1368 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:13:10.0797 1368 Wanarpv6 - ok
20:13:10.0844 1368 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
20:13:10.0844 1368 Wd - ok
20:13:10.0907 1368 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:13:10.0922 1368 Wdf01000 - ok
20:13:11.0063 1368 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:13:11.0063 1368 WmiAcpi - ok
20:13:11.0125 1368 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
20:13:11.0141 1368 WpdUsb - ok
20:13:11.0203 1368 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:13:11.0219 1368 ws2ifsl - ok
20:13:11.0343 1368 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:13:11.0343 1368 WUDFRd - ok
20:13:11.0437 1368 yukonwlh (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
20:13:11.0437 1368 yukonwlh - ok
20:13:11.0499 1368 MBR (0x1B8) (4bf077b4df3f4f5483a79d4ce511c7f3) \Device\Harddisk0\DR0
20:13:11.0515 1368 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
20:13:11.0515 1368 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
20:13:11.0546 1368 Boot (0x1200) (418719578ab2fab7b535279f8007d01f) \Device\Harddisk0\DR0\Partition0
20:13:11.0546 1368 \Device\Harddisk0\DR0\Partition0 - ok
20:13:11.0562 1368 Boot (0x1200) (73080bdefcdb59555ef889803b8a51da) \Device\Harddisk0\DR0\Partition1
20:13:11.0562 1368 \Device\Harddisk0\DR0\Partition1 - ok
20:13:11.0577 1368 ============================================================
20:13:11.0577 1368 Scan finished
20:13:11.0577 1368 ============================================================
20:13:11.0577 1952 Detected object count: 2
20:13:11.0577 1952 Actual detected object count: 2
20:15:45.0830 1952 MpKsl79000a05 ( ForgedFile.Multi.Generic ) - skipped by user
20:15:45.0830 1952 MpKsl79000a05 ( ForgedFile.Multi.Generic ) - User select action: Skip
20:15:45.0955 1952 \Device\Harddisk0\DR0\# - copied to quarantine
20:15:45.0955 1952 \Device\Harddisk0\DR0 - copied to quarantine
20:15:45.0971 1952 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
20:15:45.0986 1952 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
20:15:45.0986 1952 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
20:15:45.0986 1952 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
20:15:46.0002 1952 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
20:15:46.0002 1952 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
20:15:46.0017 1952 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
20:15:46.0033 1952 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
20:15:46.0033 1952 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
20:15:46.0049 1952 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
20:15:46.0049 1952 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
20:15:46.0049 1952 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
20:15:46.0049 1952 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
20:15:46.0064 1952 \Device\Harddisk0\DR0 - ok
20:15:46.0064 1952 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
20:22:04.0629 3008 Deinitialize success

I await your interpretation.

Thank you,
Joyce

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:04 PM

Posted 18 February 2012 - 09:05 PM

Good news :)

Post new aswMBR log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 joyceingle

joyceingle
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 18 February 2012 - 10:33 PM

That took a while. Here is the aswMBR log:

aswMBR version 0.9.9.1618 Copyright© 2011 AVAST Software
Run date: 2012-02-18 21:09:02
-----------------------------
21:09:02.030 OS Version: Windows 6.0.6002 Service Pack 2
21:09:02.031 Number of processors: 2 586 0xF0B
21:09:02.033 ComputerName: LARRY-PC UserName: larry
21:09:19.408 Initialize success
21:09:31.938 AVAST engine defs: 12021802
21:09:39.251 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
21:09:39.256 Disk 0 Vendor: ST920042 3.AD Size: 190782MB BusType: 3
21:09:39.324 Disk 0 MBR read successfully
21:09:39.329 Disk 0 MBR scan
21:09:39.342 Disk 0 Windows VISTA default MBR code
21:09:39.361 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 78 MB offset 63
21:09:39.422 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 161792
21:09:39.474 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 177902 MB offset 21133312
21:09:39.510 Disk 0 Partition - 00 0F Extended LBA 2560 MB offset 385476608
21:09:39.592 Disk 0 Partition 4 00 DD MSDOS5.0 2559 MB offset 385478656
21:09:39.795 Disk 0 scanning sectors +390719488
21:09:39.910 Disk 0 scanning C:\Windows\system32\drivers
21:10:19.826 Service scanning
21:10:44.883 Service MpKsl27f31621 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5C44A341-B6E7-41DC-B4D3-3A4F5FB6B52C}\MpKsl27f31621.sys **LOCKED** 32
21:10:44.999 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
21:11:09.054 Modules scanning
21:11:14.343 Disk 0 trace - called modules:
21:11:14.378 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
21:11:14.390 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86400608]
21:11:14.402 3 CLASSPNP.SYS[8ad9d8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85936030]
21:11:15.847 AVAST engine scan C:\Windows
21:11:21.052 AVAST engine scan C:\Windows\system32
21:20:09.933 AVAST engine scan C:\Windows\system32\drivers
21:20:52.313 AVAST engine scan C:\Users\larry
21:30:57.734 AVAST engine scan C:\ProgramData
22:18:42.712 Scan finished successfully
22:30:24.629 Disk 0 MBR has been saved successfully to "C:\Users\larry\Desktop\MBR.dat"
22:30:24.644 The log file has been saved successfully to "C:\Users\larry\Desktop\aswMBR.txt"


Hmm, did we get it?

Joyce

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:04 PM

Posted 18 February 2012 - 10:36 PM

Looks good.

Let's run couple more checks....

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 joyceingle

joyceingle
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 18 February 2012 - 11:50 PM

I am unable to load SecurityCheck.exe from http://screen317.changelog.fr/SecurityCheck.exe.


Farbar Service Scanner log results:

Farbar Service Scanner Version: 14-02-2012
Ran by larry (administrator) on 18-02-2012 at 23:28:13
Running from "C:\Users\larry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O52H9G9C"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2011-11-09 15:07] - [2011-09-20 16:02] - 0913280 ____A (Microsoft Corporation) 16731B631F28F63CD9F4CB60940E7DDD

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****






MiniToolBox results:

MiniToolBox by Farbar Version: 18-01-2012
Ran by larry (administrator) on 18-02-2012 at 23:31:23
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================



94.63.147.17 www.bing.com


========================= IP Configuration: ================================

Intel® Wireless WiFi Link 4965AGN = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : larry-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mc.at.cox.net

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-1D-D9-EA-37-FD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : mc.at.cox.net
Description . . . . . . . . . . . : Intel® Wireless WiFi Link 4965AGN
Physical Address. . . . . . . . . : 00-1D-E0-50-D8-6B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c:970c:583d:8235%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, February 18, 2012 8:23:32 PM
Lease Expires . . . . . . . . . . : Sunday, February 19, 2012 8:23:31 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 167779808
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-0D-FB-39-00-15-C5-84-09-FC
DNS Servers . . . . . . . . . . . : 68.105.28.12
68.105.29.12
68.105.28.11
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-15-C5-84-09-FC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2c3a:1c88:3f57:fe98(Preferred)
Link-local IPv6 Address . . . . . : fe80::2c3a:1c88:3f57:fe98%8(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{CA05CDD0-D9D5-4841-830F-9FD65134D543}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{CA05CDD0-D9D5-4841-830F-9FD65134D543}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : mc.at.cox.net
Description . . . . . . . . . . . : isatap.mc.at.cox.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{83CE3200-4F10-4FD7-A054-83E6D4702BEC}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns2.cox.net
Address: 68.105.28.12

Name: google.com
Addresses: 74.125.227.11
74.125.227.12
74.125.227.13
74.125.227.14
74.125.227.15
74.125.227.0
74.125.227.1
74.125.227.2
74.125.227.3
74.125.227.4
74.125.227.5
74.125.227.6
74.125.227.7
74.125.227.8
74.125.227.9
74.125.227.10



Pinging google.com [74.125.227.32] with 32 bytes of data:

Reply from 74.125.227.32: bytes=32 time=528ms TTL=53

Reply from 74.125.227.32: bytes=32 time=62ms TTL=53



Ping statistics for 74.125.227.32:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 62ms, Maximum = 528ms, Average = 295ms

Server: cdns2.cox.net
Address: 68.105.28.12

Name: yahoo.com
Addresses: 98.139.127.62
98.139.183.24
209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=166ms TTL=56

Reply from 209.191.122.70: bytes=32 time=46ms TTL=56



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 46ms, Maximum = 166ms, Average = 106ms

Server: cdns2.cox.net
Address: 68.105.28.12

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Request timed out.

Request timed out.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
12 ...00 1d d9 ea 37 fd ...... Bluetooth Device (Personal Area Network)
10 ...00 1d e0 50 d8 6b ...... Intel® Wireless WiFi Link 4965AGN
9 ...00 15 c5 84 09 fc ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
8 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
15 ...00 00 00 00 00 00 00 e0 isatap.{CA05CDD0-D9D5-4841-830F-9FD65134D543}
16 ...00 00 00 00 00 00 00 e0 isatap.{CA05CDD0-D9D5-4841-830F-9FD65134D543}
17 ...00 00 00 00 00 00 00 e0 isatap.mc.at.cox.net
18 ...00 00 00 00 00 00 00 e0 isatap.{83CE3200-4F10-4FD7-A054-83E6D4702BEC}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.103 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.103 281
192.168.1.103 255.255.255.255 On-link 192.168.1.103 281
192.168.1.255 255.255.255.255 On-link 192.168.1.103 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.103 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.103 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
8 18 ::/0 On-link
1 306 ::1/128 On-link
8 18 2001::/32 On-link
8 266 2001:0:4137:9e76:2c3a:1c88:3f57:fe98/128
On-link
10 281 fe80::/64 On-link
8 266 fe80::/64 On-link
10 281 fe80::c:970c:583d:8235/128
On-link
8 266 fe80::2c3a:1c88:3f57:fe98/128
On-link
1 306 ff00::/8 On-link
8 266 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/18/2012 10:50:52 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 10:50:52 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 10:49:03 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 8.0.6001.19190 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 159c
Start Time: 01cceeb6e96d4534
Termination Time: 0

Error: (02/18/2012 10:14:14 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 10:14:04 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 09:05:52 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 09:05:52 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 09:04:11 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 09:04:11 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 09:00:41 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)


System errors:
=============
Error: (02/18/2012 11:17:08 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (02/18/2012 11:16:21 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (02/18/2012 10:43:28 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.

Error: (02/18/2012 10:43:27 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.

Error: (02/18/2012 10:43:27 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (02/18/2012 10:43:26 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (02/18/2012 10:43:26 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.

Error: (02/18/2012 10:43:25 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.

Error: (02/18/2012 10:43:24 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.

Error: (02/18/2012 10:43:23 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.


Microsoft Office Sessions:
=========================
Error: (02/18/2012 10:50:52 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 10:50:52 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 10:49:03 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.19190159c01cceeb6e96d45340

Error: (02/18/2012 10:14:14 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 10:14:04 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 09:05:52 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 09:05:52 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 09:04:11 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 09:04:11 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 09:00:41 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)


=========================== Installed Programs ============================

ABBYY FineReader 6.0 Sprint (Version: 6.00.1990.41618)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Reader 9.5.0 (Version: 9.5.0)
Advanced Audio FX Engine
Advanced Video FX Engine
AOL Install (Version: 1.0.0)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Avery Wizard 3.1 (Version: 3.1.9)
Bid Whist for Windows
Bid Whist for Windows - DEMO
Bonjour (Version: 3.0.0.10)
Browser Address Error Redirector (Version: 1.00.0000)
CCleaner (Version: 3.15)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Consumer Complete Care Services Agreement (Version: 1.10.0000)
Corel Paint Shop Pro Photo X2 (Version: 12.010.0000)
Corel Snapfire muvee autoProducer add-on (Version: 1.00.0000)
Corel Snapfire Plus (Version: 1.30.0000)
Coupon Printer for Windows (Version: 5.0.0.1)
Creative MediaSource 5 (Version: 5.00)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Online (Version: 1.0.21)
Dell Driver Download Manager (Version: 2.1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Touchpad (Version: 7.1.102.7)
Dell Webcam Center
Dell Webcam Manager
DellSupport (Version: 6.0.3075)
DeLorme Phone Data 2009 (Version: 2.00.2009)
DeLorme Street Atlas USA 2009 Plus (Version: 9.01.0000)
DHTML Editing Component (Version: 6.02.0001)
DivX Setup (Version: 2.6.1.5)
DrawPlus 3.0
EarthLink Setup Files (Version: 2005.2.178.0.2.2)
Fingerprint Reader Suite 5.6 (Version: 5.6.2.3476)
Google Chrome (Version: 17.0.963.56)
Google Desktop (Version: 5.9.1005.12335)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.99)
Hoyle Card Games Classic
Intel® Matrix Storage Manager
Intel® PROSet/Wireless Software (Version: 11.01.0000)
Internet Service Offers Launcher (Version: 1.00.0000)
iSEEK AnswerWorks English Runtime (Version: 009.000.0002)
iTunes (Version: 10.5.1.42)
Java Auto Updater (Version: 2.0.1.2)
Java™ 6 Update 18 (Version: 6.0.180)
Java™ SE Runtime Environment 6 (Version: 1.6.0.0)
Laptop Integrated Webcam Driver (1.04.01.1011)
Lexmark Pro200-S500 Series
Lexmark Toolbar (Version: 4.13.37.0)
Live! Cam Avatar Creator (Version: 4.6.0817.1)
Live! Cam Avatar v1.0 (Version: 1.0)
Logitech Vid (Version: 1.50.1043)
Logitech Webcam Software (Version: 12.10.1113)
Logitech Webcam Software Driver Package (Version: 12.10.1110)
MagicfeaturesPlugin Release 2.08
magicJack (Version: 2.0.6073.4252)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
McAfee SecurityCenter (Version: 11.0.654)
McAfee Virtual Technician (Version: 5.5.2.0)
mCore (Version: 9.24.0000)
MediaDirect (Version: 4.7)
mHelp (Version: 9.24.0000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Automated Troubleshooting Services Shim
Microsoft Fix it Center (Version: 1.0.0080)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Web Publishing Wizard 1.52
Microsoft Works (Version: 9.7.0621)
mMHouse (Version: 9.24.0000)
Mozilla Maintenance Service (Version: 12.0a2)
mPfMgr (Version: 9.24.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music, Photos & Videos Launcher (Version: 1.00.0000)
muvee autoProducer 5.0 (Version: 5.00.050)
mWMI (Version: 9.24.0000)
NetZeroInstallers (Version: 1.0.0)
NirSoft BlueScreenView
Nokia Connectivity Cable Driver (Version: 6.80.5.1)
Norton Safe Web Lite (Version: 1.2.0.7)
Norton Security Scan (Version: 3.6.1.11)
NVIDIA Drivers (Version: 1.3)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenOffice.org 3.1 (Version: 3.1.9420)
OutlookAddinSetup (Version: 1.0.0)
Picasa 3 (Version: 3.8)
Product Documentation Launcher (Version: 1.00.0000)
Punch! ViaCAD 2D v6 (Version: 6.0.0 build 852)
QualxServ Service Agreement (Version: 1.11.0000)
QuickSet (Version: 8.2.17)
QuickTime (Version: 7.71.80.42)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator BDAV Plugin (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator Premier (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio EasyArchive (Version: 3.3.0)
Roxio MyDVD Premier (Version: 9.0.116)
Roxio Update Manager (Version: 3.0.0)
Seagate Manager Installer (Version: 2.01.0600)
Shockwave
Sonic Activation Module (Version: 1.0)
Sound Blaster Audigy ADVANCED MB (Version: 1.0)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy (Version: 1.6.2)
System Requirements Lab
The Print Shop
Total 3D Home, Landscape & Deck Premium Suite (Version: 9.1)
TurboTax 2009
TurboTax 2009 wgaiper (Version: 009.000.0913)
TurboTax 2009 WinPerFedFormset (Version: 009.000.2881)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0245)
TurboTax 2009 wrapper (Version: 009.000.0145)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
User's Guides
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Webshots Daily Features (Version: 1.0)
Webshots Desktop (Version: 3.1.5.7619)
WIDCOMM Bluetooth Software 6.0.1.3100 (Version: 6.0.1.3100)
Windows Live OneCare safety scanner (Version: 1.0.0.0)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)
WinZip 15.5 (Version: 15.5.9510)
Yahoo! BrowserPlus 2.9.8
Yahoo! Install Manager
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 48%
Total physical RAM: 3069.33 MB
Available physical RAM: 1566.19 MB
Total Pagefile: 6339.68 MB
Available Pagefile: 4448.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.05 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:173.73 GB) (Free:95.58 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.12 GB) NTFS
3 Drive e: (FreeAgent Drive) (Fixed) (Total:465.76 GB) (Free:449.93 GB) NTFS

========================= Users: ========================================

User accounts for \\LARRY-PC

Administrator Guest larry


**** End of log ****





MalwareBytes logMalwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.19.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19190
larry :: LARRY-PC [administrator]

2/18/2012 11:37:03 PM
mbam-log-2012-02-18 (23-37-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 189291
Time elapsed: 10 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Windows\Temp\mwjwanoe.exe (Spyware.Password) -> Quarantined and deleted successfully.
C:\Windows\Temp\uuvimmd.exe (Spyware.Password) -> Quarantined and deleted successfully.

(end)


I will now reboot.

Joyce

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:04 PM

Posted 18 February 2012 - 11:55 PM

I am unable to load SecurityCheck.exe from http://screen317.changelog.fr/SecurityCheck.exe.

Do you mean download?

Uploaded it for you here: http://www.uploadmb.com/dw.php?id=1329627280

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 joyceingle

joyceingle
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 19 February 2012 - 12:02 AM

I rebooted without a problem and have returned to find your updated post. Sorry I was so vague, I couldn't get to the site to download. Your alternative site has worked perfectly.


SecurityCheck.exe Results:



Results of screen317's Security Check version 0.99.24
Windows Vista Service Pack 2 x86 (UAC is disabled!)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
McAfee SecurityCenter
McAfee Virtual Technician
Microsoft Security Essentials
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Spybot - Search & Destroy
CCleaner
Java™ 6 Update 18
Java™ SE Runtime Environment 6
Out of date Java installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
Microsoft Security Client Antimalware NisSrv.exe
``````````End of Log````````````


How we looking?

Joyce

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:04 PM

Posted 19 February 2012 - 12:10 AM

You have some McAfee and Norton's leftovers.
Run following two tools to remove those:
https://www-secure.symantec.com/norton-support/jsp/help-solutions.jsp?docid=20080710133834EN&lg=english&ct=united+states&product=home&version=1&pvid=f-home&entsrc=redirect_pubweb
http://www.softpedia.com/get/Tweak/Uninstallers/McAfee-Consumer-Product-Removal-Tool.shtml

Then you have "hosts" file hijacked.

Please, go here: http://support.microsoft.com/kb/972034#FixItForMeAlways and click on "Fix it" button to reset your "hosts" file.
Follow all prompts.

*********************

Re-run MiniToolbox.
Checkmark following boxes:
  • List content of Hosts
Click Go and post the result.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 joyceingle

joyceingle
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:04 PM

Posted 19 February 2012 - 12:35 AM

MiniToolbox results:

MiniToolBox by Farbar Version: 18-01-2012
Ran by larry (administrator) on 19-02-2012 at 00:33:05
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

::1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Wireless WiFi Link 4965AGN = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : larry-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mc.at.cox.net

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-1D-D9-EA-37-FD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : mc.at.cox.net
Description . . . . . . . . . . . : Intel® Wireless WiFi Link 4965AGN
Physical Address. . . . . . . . . : 00-1D-E0-50-D8-6B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c:970c:583d:8235%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, February 19, 2012 12:27:21 AM
Lease Expires . . . . . . . . . . : Monday, February 20, 2012 12:27:21 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 167779808
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-0D-FB-39-00-15-C5-84-09-FC
DNS Servers . . . . . . . . . . . : 68.105.28.12
68.105.29.12
68.105.28.11
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-15-C5-84-09-FC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:28c6:3c04:3f57:fe98(Preferred)
Link-local IPv6 Address . . . . . : fe80::28c6:3c04:3f57:fe98%8(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{CA05CDD0-D9D5-4841-830F-9FD65134D543}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{CA05CDD0-D9D5-4841-830F-9FD65134D543}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : mc.at.cox.net
Description . . . . . . . . . . . : isatap.mc.at.cox.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{83CE3200-4F10-4FD7-A054-83E6D4702BEC}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns2.cox.net
Address: 68.105.28.12

Name: google.com
Addresses: 74.125.227.100
74.125.227.101
74.125.227.102
74.125.227.103
74.125.227.104
74.125.227.105
74.125.227.106
74.125.227.107
74.125.227.108
74.125.227.109
74.125.227.110
74.125.227.111
74.125.227.96
74.125.227.97
74.125.227.98
74.125.227.99



Pinging google.com [74.125.227.72] with 32 bytes of data:

Reply from 74.125.227.72: bytes=32 time=392ms TTL=53

Reply from 74.125.227.72: bytes=32 time=71ms TTL=53



Ping statistics for 74.125.227.72:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 71ms, Maximum = 392ms, Average = 231ms

Server: cdns2.cox.net
Address: 68.105.28.12

Name: yahoo.com
Addresses: 209.191.122.70
98.139.127.62
98.139.183.24



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=46ms TTL=56

Reply from 209.191.122.70: bytes=32 time=48ms TTL=56



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 46ms, Maximum = 48ms, Average = 47ms

Server: cdns2.cox.net
Address: 68.105.28.12

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Request timed out.

Request timed out.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
12 ...00 1d d9 ea 37 fd ...... Bluetooth Device (Personal Area Network)
10 ...00 1d e0 50 d8 6b ...... Intel® Wireless WiFi Link 4965AGN
9 ...00 15 c5 84 09 fc ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
8 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
15 ...00 00 00 00 00 00 00 e0 isatap.{CA05CDD0-D9D5-4841-830F-9FD65134D543}
16 ...00 00 00 00 00 00 00 e0 isatap.{CA05CDD0-D9D5-4841-830F-9FD65134D543}
17 ...00 00 00 00 00 00 00 e0 isatap.mc.at.cox.net
18 ...00 00 00 00 00 00 00 e0 isatap.{83CE3200-4F10-4FD7-A054-83E6D4702BEC}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.103 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.103 281
192.168.1.103 255.255.255.255 On-link 192.168.1.103 281
192.168.1.255 255.255.255.255 On-link 192.168.1.103 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.103 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.103 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
8 18 ::/0 On-link
1 306 ::1/128 On-link
8 18 2001::/32 On-link
8 266 2001:0:4137:9e76:28c6:3c04:3f57:fe98/128
On-link
10 281 fe80::/64 On-link
8 266 fe80::/64 On-link
10 281 fe80::c:970c:583d:8235/128
On-link
8 266 fe80::28c6:3c04:3f57:fe98/128
On-link
1 306 ff00::/8 On-link
8 266 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/19/2012 00:29:55 AM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/19/2012 00:29:53 AM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/19/2012 00:04:40 AM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/19/2012 00:04:40 AM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/19/2012 00:03:50 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (02/19/2012 00:03:18 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (02/18/2012 11:56:27 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 11:56:27 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 10:50:52 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 10:50:52 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)


System errors:
=============
Error: (02/19/2012 00:27:53 AM) (Source: Service Control Manager) (User: )
Description: cdrom
PxHelp20

Error: (02/19/2012 00:27:48 AM) (Source: Service Control Manager) (User: )
Description: lxebCATSCustConnectService%%1053

Error: (02/19/2012 00:27:48 AM) (Source: Service Control Manager) (User: )
Description: 30000lxebCATSCustConnectService

Error: (02/19/2012 00:27:41 AM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (02/19/2012 00:06:10 AM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (02/19/2012 00:03:53 AM) (Source: DCOM) (User: NETWORK SERVICE)
Description: machine-defaultLocalActivation{A4199E55-EBB9-49E5-AF1A-7A5408B2E206}NT AUTHORITYNETWORK SERVICES-1-5-20LocalHost (Using LRPC)

Error: (02/19/2012 00:03:53 AM) (Source: DCOM) (User: NETWORK SERVICE)
Description: machine-defaultLocalActivation{A4199E55-EBB9-49E5-AF1A-7A5408B2E206}NT AUTHORITYNETWORK SERVICES-1-5-20LocalHost (Using LRPC)

Error: (02/19/2012 00:03:53 AM) (Source: DCOM) (User: NETWORK SERVICE)
Description: machine-defaultLocalActivation{A4199E55-EBB9-49E5-AF1A-7A5408B2E206}NT AUTHORITYNETWORK SERVICES-1-5-20LocalHost (Using LRPC)

Error: (02/19/2012 00:03:53 AM) (Source: DCOM) (User: NETWORK SERVICE)
Description: machine-defaultLocalActivation{A4199E55-EBB9-49E5-AF1A-7A5408B2E206}NT AUTHORITYNETWORK SERVICES-1-5-20LocalHost (Using LRPC)

Error: (02/19/2012 00:03:34 AM) (Source: DCOM) (User: NETWORK SERVICE)
Description: machine-defaultLocalActivation{A4199E55-EBB9-49E5-AF1A-7A5408B2E206}NT AUTHORITYNETWORK SERVICES-1-5-20LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (02/19/2012 00:29:55 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/19/2012 00:29:53 AM) (Source: Windows Search Service)(User: )
Description: Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/19/2012 00:04:40 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/19/2012 00:04:40 AM) (Source: Windows Search Service)(User: )
Description: Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/19/2012 00:03:50 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (02/19/2012 00:03:18 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (02/18/2012 11:56:27 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 11:56:27 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 10:50:52 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)

Error: (02/18/2012 10:50:52 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)


=========================== Installed Programs ============================

ABBYY FineReader 6.0 Sprint (Version: 6.00.1990.41618)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Reader 9.5.0 (Version: 9.5.0)
Advanced Audio FX Engine
Advanced Video FX Engine
AOL Install (Version: 1.0.0)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Avery Wizard 3.1 (Version: 3.1.9)
Bid Whist for Windows
Bid Whist for Windows - DEMO
Bonjour (Version: 3.0.0.10)
Browser Address Error Redirector (Version: 1.00.0000)
CCleaner (Version: 3.15)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Consumer Complete Care Services Agreement (Version: 1.10.0000)
Corel Paint Shop Pro Photo X2 (Version: 12.010.0000)
Corel Snapfire muvee autoProducer add-on (Version: 1.00.0000)
Corel Snapfire Plus (Version: 1.30.0000)
Coupon Printer for Windows (Version: 5.0.0.1)
Creative MediaSource 5 (Version: 5.00)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Online (Version: 1.0.21)
Dell Driver Download Manager (Version: 2.1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Touchpad (Version: 7.1.102.7)
Dell Webcam Center
Dell Webcam Manager
DellSupport (Version: 6.0.3075)
DeLorme Phone Data 2009 (Version: 2.00.2009)
DeLorme Street Atlas USA 2009 Plus (Version: 9.01.0000)
DHTML Editing Component (Version: 6.02.0001)
DivX Setup (Version: 2.6.1.5)
DrawPlus 3.0
EarthLink Setup Files (Version: 2005.2.178.0.2.2)
Fingerprint Reader Suite 5.6 (Version: 5.6.2.3476)
Google Chrome (Version: 17.0.963.56)
Google Desktop (Version: 5.9.1005.12335)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.99)
Hoyle Card Games Classic
Intel® Matrix Storage Manager
Intel® PROSet/Wireless Software (Version: 11.01.0000)
Internet Service Offers Launcher (Version: 1.00.0000)
iSEEK AnswerWorks English Runtime (Version: 009.000.0002)
iTunes (Version: 10.5.1.42)
Java Auto Updater (Version: 2.0.1.2)
Java™ 6 Update 18 (Version: 6.0.180)
Java™ SE Runtime Environment 6 (Version: 1.6.0.0)
Laptop Integrated Webcam Driver (1.04.01.1011)
Lexmark Pro200-S500 Series
Lexmark Toolbar (Version: 4.13.37.0)
Live! Cam Avatar Creator (Version: 4.6.0817.1)
Live! Cam Avatar v1.0 (Version: 1.0)
Logitech Vid (Version: 1.50.1043)
Logitech Webcam Software (Version: 12.10.1113)
Logitech Webcam Software Driver Package (Version: 12.10.1110)
MagicfeaturesPlugin Release 2.08
magicJack (Version: 2.0.6073.4252)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
McAfee SecurityCenter (Version: 11.0.654)
McAfee Virtual Technician (Version: 5.5.2.0)
mCore (Version: 9.24.0000)
MediaDirect (Version: 4.7)
mHelp (Version: 9.24.0000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Automated Troubleshooting Services Shim
Microsoft Fix it Center (Version: 1.0.0080)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Web Publishing Wizard 1.52
Microsoft Works (Version: 9.7.0621)
mMHouse (Version: 9.24.0000)
Mozilla Maintenance Service (Version: 12.0a2)
mPfMgr (Version: 9.24.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music, Photos & Videos Launcher (Version: 1.00.0000)
muvee autoProducer 5.0 (Version: 5.00.050)
mWMI (Version: 9.24.0000)
NetZeroInstallers (Version: 1.0.0)
NirSoft BlueScreenView
Nokia Connectivity Cable Driver (Version: 6.80.5.1)
NVIDIA Drivers (Version: 1.3)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenOffice.org 3.1 (Version: 3.1.9420)
OutlookAddinSetup (Version: 1.0.0)
Picasa 3 (Version: 3.8)
Product Documentation Launcher (Version: 1.00.0000)
Punch! ViaCAD 2D v6 (Version: 6.0.0 build 852)
QualxServ Service Agreement (Version: 1.11.0000)
QuickSet (Version: 8.2.17)
QuickTime (Version: 7.71.80.42)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator BDAV Plugin (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator Premier (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio EasyArchive (Version: 3.3.0)
Roxio MyDVD Premier (Version: 9.0.116)
Roxio Update Manager (Version: 3.0.0)
Seagate Manager Installer (Version: 2.01.0600)
Shockwave
Sonic Activation Module (Version: 1.0)
Sound Blaster Audigy ADVANCED MB (Version: 1.0)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy (Version: 1.6.2)
System Requirements Lab
The Print Shop
Total 3D Home, Landscape & Deck Premium Suite (Version: 9.1)
TurboTax 2009
TurboTax 2009 wgaiper (Version: 009.000.0913)
TurboTax 2009 WinPerFedFormset (Version: 009.000.2881)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0245)
TurboTax 2009 wrapper (Version: 009.000.0145)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
User's Guides
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Webshots Daily Features (Version: 1.0)
Webshots Desktop (Version: 3.1.5.7619)
WIDCOMM Bluetooth Software 6.0.1.3100 (Version: 6.0.1.3100)
Windows Live OneCare safety scanner (Version: 1.0.0.0)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)
WinZip 15.5 (Version: 15.5.9510)
Yahoo! BrowserPlus 2.9.8
Yahoo! Install Manager
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 3069.33 MB
Available physical RAM: 1484.57 MB
Total Pagefile: 6339.68 MB
Available Pagefile: 4715.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.03 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:173.73 GB) (Free:95.8 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.12 GB) NTFS
3 Drive e: (FreeAgent Drive) (Fixed) (Total:465.76 GB) (Free:449.93 GB) NTFS

========================= Users: ========================================

User accounts for \\LARRY-PC

Administrator Guest larry


**** End of log ****



Discouraging the extent of the malignacy.

Joyce

Edited by joyceingle, 19 February 2012 - 12:39 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users