Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Trj/zlob.kh How do I remove?


  • Please log in to reply
12 replies to this topic

#1 raceware

raceware

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 27 March 2012 - 06:37 AM

I ran Panda Active scan after my computer which is running Windows Vista wouldn't let me burn CD's or copy to any media sources & Panda says I am infected with Trj/zlob.KH. Can anyone help me remove this virus?

Edited by raceware, 27 March 2012 - 06:37 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:09 AM

Posted 27 March 2012 - 01:43 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.

#3 raceware

raceware
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 29 March 2012 - 02:08 PM

Thanks, I will download & run all per your instructions & post the logs. I will get back to you as soon!

Thanks
Raceware

#4 raceware

raceware
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 29 March 2012 - 08:14 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Please advise a potential problem I attempted to download thru the site http://www2.gmer.net/download.php to download GMER like you directed. When I did a file 7p6rd4hz.exe was downloaded, I initally saved it in a wrong location so I downloaded it again & now it downloaded a file bqpdx07o.exe, I noticed the 2 names didn't match so I attempted a third download & now it downloaded ni075jmy.exe
all prompted that " They are potentially harmful to my system" so with that said are these indeed the file you wanted me to download or am I getting redirected by a the virus maybe . Please advise before I run the programs

Raceware


#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:09 AM

Posted 29 March 2012 - 08:32 PM

You're downloading legitimate files ,go ahead :thumbup2:

#6 raceware

raceware
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 01 April 2012 - 10:25 AM

Here are my TSSkiller & Gmer logs:

11:04:12.0944 5556 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
11:04:13.0436 5556 ============================================================
11:04:13.0436 5556 Current date / time: 2012/03/31 11:04:13.0436
11:04:13.0436 5556 SystemInfo:
11:04:13.0436 5556
11:04:13.0436 5556 OS Version: 6.0.6002 ServicePack: 2.0
11:04:13.0436 5556 Product type: Workstation
11:04:13.0436 5556 ComputerName: DON-PC
11:04:13.0437 5556 UserName: Don
11:04:13.0437 5556 Windows directory: C:\Windows
11:04:13.0437 5556 System windows directory: C:\Windows
11:04:13.0437 5556 Processor architecture: Intel x86
11:04:13.0437 5556 Number of processors: 2
11:04:13.0437 5556 Page size: 0x1000
11:04:13.0437 5556 Boot type: Normal boot
11:04:13.0437 5556 ============================================================
11:04:16.0830 5556 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:04:17.0050 5556 Drive \Device\Harddisk1\DR1 - Size: 0x1DE000000 (7.47 Gb), SectorSize: 0x200, Cylinders: 0x3CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:04:17.0078 5556 \Device\Harddisk0\DR0:
11:04:17.0088 5556 MBR used
11:04:17.0088 5556 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x139473F
11:04:17.0088 5556 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139477E, BlocksNum 0x24098F43
11:04:17.0088 5556 \Device\Harddisk1\DR1:
11:04:17.0089 5556 MBR used
11:04:17.0089 5556 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x50, BlocksNum 0xEEFFB0
11:04:17.0367 5556 Initialize success
11:04:17.0367 5556 ============================================================
11:04:44.0033 5868 ============================================================
11:04:44.0033 5868 Scan started
11:04:44.0033 5868 Mode: Manual; TDLFS;
11:04:44.0033 5868 ============================================================
11:04:45.0174 5868 ac97intc (4b56caafed0b0b996341d74ce0e76565) C:\Windows\system32\drivers\ac97intc.sys
11:04:45.0178 5868 ac97intc - ok
11:04:45.0253 5868 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:04:45.0261 5868 ACPI - ok
11:04:45.0307 5868 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
11:04:45.0317 5868 adp94xx - ok
11:04:45.0350 5868 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
11:04:45.0358 5868 adpahci - ok
11:04:45.0393 5868 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
11:04:45.0410 5868 adpu160m - ok
11:04:45.0453 5868 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
11:04:45.0458 5868 adpu320 - ok
11:04:45.0512 5868 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
11:04:45.0517 5868 AeLookupSvc - ok
11:04:45.0604 5868 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:04:45.0630 5868 AFD - ok
11:04:45.0699 5868 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
11:04:45.0702 5868 agp440 - ok
11:04:45.0748 5868 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:04:45.0751 5868 aic78xx - ok
11:04:45.0791 5868 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
11:04:45.0793 5868 ALG - ok
11:04:45.0829 5868 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
11:04:45.0831 5868 aliide - ok
11:04:45.0881 5868 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
11:04:45.0893 5868 amdagp - ok
11:04:45.0914 5868 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
11:04:45.0916 5868 amdide - ok
11:04:45.0938 5868 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
11:04:45.0941 5868 AmdK7 - ok
11:04:45.0963 5868 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
11:04:45.0966 5868 AmdK8 - ok
11:04:46.0029 5868 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
11:04:46.0032 5868 Appinfo - ok
11:04:46.0074 5868 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
11:04:46.0077 5868 arc - ok
11:04:46.0142 5868 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
11:04:46.0151 5868 arcsas - ok
11:04:46.0209 5868 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:04:46.0215 5868 AsyncMac - ok
11:04:46.0272 5868 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
11:04:46.0273 5868 atapi - ok
11:04:46.0354 5868 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:04:46.0384 5868 AudioEndpointBuilder - ok
11:04:46.0439 5868 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:04:46.0443 5868 Audiosrv - ok
11:04:46.0528 5868 Autodesk Licensing Service (ea2d28bbe98256654397cd1f6eaebdd8) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
11:04:46.0534 5868 Autodesk Licensing Service - ok
11:04:46.0769 5868 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
11:04:47.0113 5868 AVGIDSAgent - ok
11:04:47.0228 5868 AVGIDSDriver (4cbb56fbc9c0cbc517e6e3a6889ebddc) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
11:04:47.0241 5868 AVGIDSDriver - ok
11:04:47.0288 5868 AVGIDSEH (459bce188232e2fe6152423efef65d76) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
11:04:47.0292 5868 AVGIDSEH - ok
11:04:47.0320 5868 AVGIDSFilter (91d9abe7e88eac7c167cba4ed4d983bf) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
11:04:47.0324 5868 AVGIDSFilter - ok
11:04:47.0373 5868 AVGIDSShim (3fc2714e185c04308215d46730d41a94) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
11:04:47.0378 5868 AVGIDSShim - ok
11:04:47.0432 5868 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys
11:04:47.0456 5868 Avgldx86 - ok
11:04:47.0492 5868 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
11:04:47.0497 5868 Avgmfx86 - ok
11:04:47.0522 5868 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
11:04:47.0528 5868 Avgrkx86 - ok
11:04:47.0549 5868 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
11:04:47.0576 5868 Avgtdix - ok
11:04:47.0662 5868 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
11:04:47.0679 5868 avgwd - ok
11:04:47.0790 5868 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
11:04:47.0810 5868 BBSvc - ok
11:04:47.0911 5868 bcm4sbxp (08015d34f6fdd0b355805bad978497c3) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
11:04:47.0914 5868 bcm4sbxp - ok
11:04:47.0956 5868 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:04:47.0959 5868 Beep - ok
11:04:48.0060 5868 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
11:04:48.0068 5868 BFE - ok
11:04:48.0152 5868 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
11:04:48.0177 5868 BITS - ok
11:04:48.0228 5868 blbdrive - ok
11:04:48.0287 5868 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:04:48.0297 5868 bowser - ok
11:04:48.0362 5868 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:04:48.0364 5868 BrFiltLo - ok
11:04:48.0395 5868 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:04:48.0397 5868 BrFiltUp - ok
11:04:48.0432 5868 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
11:04:48.0444 5868 Browser - ok
11:04:48.0490 5868 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:04:48.0494 5868 Brserid - ok
11:04:48.0542 5868 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:04:48.0546 5868 BrSerWdm - ok
11:04:48.0573 5868 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:04:48.0575 5868 BrUsbMdm - ok
11:04:48.0604 5868 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:04:48.0606 5868 BrUsbSer - ok
11:04:48.0642 5868 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:04:48.0645 5868 BTHMODEM - ok
11:04:48.0702 5868 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:04:48.0711 5868 cdfs - ok
11:04:48.0750 5868 Cdr4_xp (814acb9b8a55804d9878248b3c79f862) C:\Windows\system32\drivers\Cdr4_xp.sys
11:04:48.0756 5868 Cdr4_xp - ok
11:04:48.0773 5868 Cdralw2k (bce7213f8aa1bc9d5c08f81cb05e10a7) C:\Windows\system32\drivers\Cdralw2k.sys
11:04:48.0779 5868 Cdralw2k - ok
11:04:48.0846 5868 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:04:48.0858 5868 cdrom - ok
11:04:48.0913 5868 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:04:48.0919 5868 CertPropSvc - ok
11:04:48.0959 5868 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
11:04:48.0963 5868 circlass - ok
11:04:49.0024 5868 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:04:49.0048 5868 CLFS - ok
11:04:49.0103 5868 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:04:49.0113 5868 clr_optimization_v2.0.50727_32 - ok
11:04:49.0217 5868 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:04:49.0246 5868 clr_optimization_v4.0.30319_32 - ok
11:04:49.0346 5868 CmBatt (0fed59edb4a83ff17f1778827b88ab1a) C:\Windows\system32\DRIVERS\CmBatt.sys
11:04:49.0355 5868 CmBatt - ok
11:04:49.0387 5868 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
11:04:49.0390 5868 cmdide - ok
11:04:49.0440 5868 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
11:04:49.0445 5868 Compbatt - ok
11:04:49.0455 5868 COMSysApp - ok
11:04:49.0480 5868 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
11:04:49.0485 5868 crcdisk - ok
11:04:49.0527 5868 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
11:04:49.0529 5868 Crusoe - ok
11:04:49.0642 5868 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
11:04:49.0655 5868 CryptSvc - ok
11:04:49.0746 5868 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:04:49.0793 5868 DcomLaunch - ok
11:04:49.0879 5868 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:04:49.0888 5868 DfsC - ok
11:04:50.0008 5868 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
11:04:50.0109 5868 DFSR - ok
11:04:50.0187 5868 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
11:04:50.0203 5868 Dhcp - ok
11:04:50.0332 5868 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:04:50.0337 5868 disk - ok
11:04:50.0454 5868 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
11:04:50.0472 5868 Dnscache - ok
11:04:50.0552 5868 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
11:04:50.0557 5868 dot3svc - ok
11:04:50.0633 5868 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
11:04:50.0638 5868 DPS - ok
11:04:50.0684 5868 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:04:50.0691 5868 drmkaud - ok
11:04:50.0772 5868 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:04:50.0832 5868 DXGKrnl - ok
11:04:50.0885 5868 E100B (5c940a174dfb2c42b9f6ba6edc2baa0b) C:\Windows\system32\DRIVERS\e100b325.sys
11:04:50.0901 5868 E100B - ok
11:04:50.0937 5868 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:04:50.0941 5868 E1G60 - ok
11:04:50.0986 5868 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
11:04:50.0990 5868 EapHost - ok
11:04:51.0054 5868 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:04:51.0069 5868 Ecache - ok
11:04:51.0153 5868 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
11:04:51.0187 5868 ehRecvr - ok
11:04:51.0248 5868 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
11:04:51.0259 5868 ehSched - ok
11:04:51.0305 5868 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
11:04:51.0309 5868 ehstart - ok
11:04:51.0390 5868 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
11:04:51.0399 5868 elxstor - ok
11:04:51.0508 5868 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
11:04:51.0548 5868 EMDMgmt - ok
11:04:51.0594 5868 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
11:04:51.0619 5868 EventSystem - ok
11:04:51.0697 5868 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:04:51.0701 5868 exfat - ok
11:04:51.0751 5868 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:04:51.0766 5868 fastfat - ok
11:04:51.0820 5868 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
11:04:51.0822 5868 fdc - ok
11:04:51.0881 5868 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
11:04:51.0885 5868 fdPHost - ok
11:04:51.0929 5868 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
11:04:51.0934 5868 FDResPub - ok
11:04:51.0985 5868 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:04:51.0993 5868 FileInfo - ok
11:04:52.0049 5868 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:04:52.0053 5868 Filetrace - ok
11:04:52.0155 5868 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:04:52.0214 5868 FLEXnet Licensing Service - ok
11:04:52.0254 5868 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
11:04:52.0258 5868 flpydisk - ok
11:04:52.0308 5868 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:04:52.0326 5868 FltMgr - ok
11:04:52.0436 5868 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
11:04:52.0462 5868 FontCache - ok
11:04:52.0551 5868 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:04:52.0555 5868 FontCache3.0.0.0 - ok
11:04:52.0610 5868 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
11:04:52.0622 5868 fssfltr - ok
11:04:52.0730 5868 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
11:04:52.0772 5868 fsssvc - ok
11:04:52.0809 5868 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
11:04:52.0812 5868 Fs_Rec - ok
11:04:52.0880 5868 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
11:04:52.0883 5868 gagp30kx - ok
11:04:52.0975 5868 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files\WildTangent Games\App\GamesAppService.exe
11:04:52.0985 5868 GamesAppService - ok
11:04:53.0049 5868 GoogleDesktopManager-061008-081103 (6542dc2e93bce4d4289fa70a4d367dc2) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
11:04:53.0059 5868 GoogleDesktopManager-061008-081103 - ok
11:04:53.0189 5868 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
11:04:53.0237 5868 gpsvc - ok
11:04:53.0374 5868 gupdate1c96ae5de2f2c34 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
11:04:53.0386 5868 gupdate1c96ae5de2f2c34 - ok
11:04:53.0448 5868 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
11:04:53.0450 5868 gupdatem - ok
11:04:53.0548 5868 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:04:53.0555 5868 gusvc - ok
11:04:53.0650 5868 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
11:04:53.0657 5868 HdAudAddService - ok
11:04:53.0737 5868 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:04:53.0755 5868 HDAudBus - ok
11:04:53.0816 5868 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:04:53.0820 5868 HidBth - ok
11:04:53.0838 5868 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:04:53.0840 5868 HidIr - ok
11:04:53.0881 5868 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
11:04:53.0903 5868 hidserv - ok
11:04:53.0949 5868 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:04:53.0979 5868 HidUsb - ok
11:04:54.0015 5868 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
11:04:54.0024 5868 hkmsvc - ok
11:04:54.0058 5868 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
11:04:54.0061 5868 HpCISSs - ok
11:04:54.0136 5868 HSF_DPV (1882827f41dee51c70e24c567c35bfb5) C:\Windows\system32\DRIVERS\HSX_DPV.sys
11:04:54.0169 5868 HSF_DPV - ok
11:04:54.0230 5868 HSXHWBS2 (5f60f0ad32d43b9ab9ac9373117d8e54) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
11:04:54.0255 5868 HSXHWBS2 - ok
11:04:54.0304 5868 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
11:04:54.0342 5868 HTTP - ok
11:04:54.0398 5868 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
11:04:54.0402 5868 i2omp - ok
11:04:54.0461 5868 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:04:54.0468 5868 i8042prt - ok
11:04:54.0584 5868 ialm (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:04:54.0683 5868 ialm - ok
11:04:54.0791 5868 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
11:04:54.0823 5868 iaStorV - ok
11:04:54.0986 5868 ICAM3NT5 (7e9dce459be666ab54f67e77cb7d1297) C:\Windows\system32\Drivers\Icam3.sys
11:04:54.0991 5868 ICAM3NT5 - ok
11:04:55.0064 5868 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:04:55.0089 5868 idsvc - ok
11:04:55.0259 5868 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:04:55.0285 5868 igfx - ok
11:04:55.0374 5868 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:04:55.0377 5868 iirsp - ok
11:04:55.0455 5868 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
11:04:55.0472 5868 IKEEXT - ok
11:04:55.0589 5868 IntcAzAudAddService (04bef1c4aa990e0d5851c7532fc8642c) C:\Windows\system32\drivers\RTKVHDA.sys
11:04:55.0631 5868 IntcAzAudAddService - ok
11:04:55.0671 5868 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
11:04:55.0676 5868 intelide - ok
11:04:55.0721 5868 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:04:55.0727 5868 intelppm - ok
11:04:55.0779 5868 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
11:04:55.0788 5868 IPBusEnum - ok
11:04:55.0836 5868 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:04:55.0840 5868 IpFilterDriver - ok
11:04:55.0901 5868 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
11:04:55.0926 5868 iphlpsvc - ok
11:04:55.0942 5868 IpInIp - ok
11:04:55.0992 5868 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
11:04:55.0995 5868 IPMIDRV - ok
11:04:56.0038 5868 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:04:56.0043 5868 IPNAT - ok
11:04:56.0075 5868 IPVNMon - ok
11:04:56.0125 5868 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:04:56.0128 5868 IRENUM - ok
11:04:56.0153 5868 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
11:04:56.0156 5868 isapnp - ok
11:04:56.0208 5868 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
11:04:56.0227 5868 iScsiPrt - ok
11:04:56.0265 5868 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:04:56.0273 5868 iteatapi - ok
11:04:56.0312 5868 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:04:56.0315 5868 iteraid - ok
11:04:56.0356 5868 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:04:56.0360 5868 kbdclass - ok
11:04:56.0393 5868 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
11:04:56.0395 5868 kbdhid - ok
11:04:56.0455 5868 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:04:56.0459 5868 KeyIso - ok
11:04:56.0508 5868 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
11:04:56.0524 5868 KSecDD - ok
11:04:56.0631 5868 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
11:04:56.0647 5868 KtmRm - ok
11:04:56.0691 5868 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
11:04:56.0699 5868 LanmanServer - ok
11:04:56.0745 5868 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
11:04:56.0754 5868 LanmanWorkstation - ok
11:04:56.0825 5868 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:04:56.0828 5868 lltdio - ok
11:04:56.0881 5868 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
11:04:56.0888 5868 lltdsvc - ok
11:04:56.0932 5868 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
11:04:56.0938 5868 lmhosts - ok
11:04:57.0002 5868 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
11:04:57.0005 5868 LSI_FC - ok
11:04:57.0036 5868 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
11:04:57.0039 5868 LSI_SAS - ok
11:04:57.0088 5868 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
11:04:57.0091 5868 LSI_SCSI - ok
11:04:57.0137 5868 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:04:57.0146 5868 luafv - ok
11:04:57.0209 5868 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
11:04:57.0214 5868 MBAMProtector - ok
11:04:57.0349 5868 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:04:57.0412 5868 MBAMService - ok
11:04:57.0440 5868 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
11:04:57.0445 5868 Mcx2Svc - ok
11:04:57.0486 5868 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
11:04:57.0493 5868 mdmxsdk - ok
11:04:57.0535 5868 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
11:04:57.0539 5868 megasas - ok
11:04:57.0611 5868 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
11:04:57.0614 5868 Microsoft Office Groove Audit Service - ok
11:04:57.0646 5868 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:04:57.0649 5868 MMCSS - ok
11:04:57.0712 5868 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:04:57.0717 5868 Modem - ok
11:04:57.0767 5868 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:04:57.0777 5868 monitor - ok
11:04:57.0813 5868 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:04:57.0819 5868 mouclass - ok
11:04:57.0874 5868 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:04:57.0877 5868 mouhid - ok
11:04:57.0933 5868 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:04:57.0940 5868 MountMgr - ok
11:04:57.0972 5868 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
11:04:57.0975 5868 mpio - ok
11:04:58.0035 5868 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:04:58.0044 5868 mpsdrv - ok
11:04:58.0096 5868 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
11:04:58.0134 5868 MpsSvc - ok
11:04:58.0182 5868 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:04:58.0184 5868 Mraid35x - ok
11:04:58.0225 5868 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
11:04:58.0237 5868 MRxDAV - ok
11:04:58.0317 5868 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:04:58.0329 5868 mrxsmb - ok
11:04:58.0404 5868 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:04:58.0427 5868 mrxsmb10 - ok
11:04:58.0467 5868 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:04:58.0477 5868 mrxsmb20 - ok
11:04:58.0528 5868 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
11:04:58.0531 5868 msahci - ok
11:04:58.0558 5868 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
11:04:58.0562 5868 msdsm - ok
11:04:58.0600 5868 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
11:04:58.0617 5868 MSDTC - ok
11:04:58.0679 5868 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:04:58.0684 5868 Msfs - ok
11:04:58.0739 5868 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
11:04:58.0750 5868 msisadrv - ok
11:04:58.0813 5868 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
11:04:58.0818 5868 MSiSCSI - ok
11:04:58.0842 5868 msiserver - ok
11:04:58.0885 5868 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:04:58.0892 5868 MSKSSRV - ok
11:04:58.0933 5868 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:04:58.0935 5868 MSPCLOCK - ok
11:04:58.0976 5868 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:04:58.0979 5868 MSPQM - ok
11:04:59.0036 5868 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
11:04:59.0102 5868 MsRPC - ok
11:04:59.0152 5868 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:04:59.0161 5868 mssmbios - ok
11:04:59.0208 5868 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:04:59.0212 5868 MSTEE - ok
11:04:59.0254 5868 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
11:04:59.0261 5868 Mup - ok
11:04:59.0323 5868 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
11:04:59.0339 5868 napagent - ok
11:04:59.0427 5868 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
11:04:59.0431 5868 NativeWifiP - ok
11:04:59.0505 5868 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
11:04:59.0518 5868 NDIS - ok
11:04:59.0549 5868 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:04:59.0551 5868 NdisTapi - ok
11:04:59.0601 5868 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:04:59.0605 5868 Ndisuio - ok
11:04:59.0645 5868 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:04:59.0649 5868 NdisWan - ok
11:04:59.0769 5868 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:04:59.0772 5868 NDProxy - ok
11:04:59.0822 5868 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:04:59.0828 5868 NetBIOS - ok
11:04:59.0894 5868 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
11:04:59.0917 5868 netbt - ok
11:04:59.0963 5868 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:04:59.0966 5868 Netlogon - ok
11:05:00.0087 5868 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
11:05:00.0118 5868 Netman - ok
11:05:00.0164 5868 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
11:05:00.0187 5868 netprofm - ok
11:05:00.0269 5868 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:05:00.0286 5868 NetTcpPortSharing - ok
11:05:00.0694 5868 NETw2v32 (6e9edc1020b319e7676387b8cdf2398c) C:\Windows\system32\DRIVERS\NETw2v32.sys
11:05:00.0777 5868 NETw2v32 - ok
11:05:00.0870 5868 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:05:00.0873 5868 nfrd960 - ok
11:05:00.0975 5868 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
11:05:00.0995 5868 NlaSvc - ok
11:05:01.0072 5868 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
11:05:01.0078 5868 Npfs - ok
11:05:01.0127 5868 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
11:05:01.0133 5868 nsi - ok
11:05:01.0175 5868 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:05:01.0179 5868 nsiproxy - ok
11:05:01.0263 5868 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
11:05:01.0308 5868 Ntfs - ok
11:05:01.0350 5868 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:05:01.0352 5868 ntrigdigi - ok
11:05:01.0408 5868 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
11:05:01.0413 5868 NuidFltr - ok
11:05:01.0454 5868 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:05:01.0457 5868 Null - ok
11:05:01.0492 5868 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
11:05:01.0496 5868 nvraid - ok
11:05:01.0529 5868 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
11:05:01.0532 5868 nvstor - ok
11:05:01.0575 5868 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
11:05:01.0579 5868 nv_agp - ok
11:05:01.0591 5868 NwlnkFlt - ok
11:05:01.0608 5868 NwlnkFwd - ok
11:05:01.0703 5868 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:05:01.0717 5868 odserv - ok
11:05:01.0783 5868 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
11:05:01.0786 5868 ohci1394 - ok
11:05:01.0815 5868 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:05:01.0823 5868 ose - ok
11:05:01.0910 5868 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:05:01.0936 5868 p2pimsvc - ok
11:05:01.0954 5868 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:05:01.0965 5868 p2psvc - ok
11:05:02.0020 5868 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
11:05:02.0024 5868 Parport - ok
11:05:02.0089 5868 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
11:05:02.0092 5868 partmgr - ok
11:05:02.0139 5868 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
11:05:02.0141 5868 Parvdm - ok
11:05:02.0177 5868 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\Windows\system32\drivers\pavboot.sys
11:05:02.0180 5868 pavboot - ok
11:05:02.0219 5868 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
11:05:02.0224 5868 PcaSvc - ok
11:05:02.0320 5868 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
11:05:02.0325 5868 pci - ok
11:05:02.0394 5868 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\DRIVERS\pciide.sys
11:05:02.0402 5868 pciide - ok
11:05:02.0478 5868 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\DRIVERS\pcmcia.sys
11:05:02.0483 5868 pcmcia - ok
11:05:02.0563 5868 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:05:02.0589 5868 PEAUTH - ok
11:05:02.0688 5868 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
11:05:02.0727 5868 pla - ok
11:05:02.0775 5868 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
11:05:02.0784 5868 PlugPlay - ok
11:05:02.0869 5868 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:05:02.0880 5868 PNRPAutoReg - ok
11:05:02.0936 5868 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:05:02.0945 5868 PNRPsvc - ok
11:05:03.0020 5868 Point32 (04df0452fbededf9297fd2e5440cb3c9) C:\Windows\system32\DRIVERS\point32k.sys
11:05:03.0023 5868 Point32 - ok
11:05:03.0080 5868 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
11:05:03.0091 5868 PolicyAgent - ok
11:05:03.0137 5868 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:05:03.0146 5868 PptpMiniport - ok
11:05:03.0249 5868 PrismXL (6135b976e16f80c1b1363be882344785) C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
11:05:03.0252 5868 PrismXL - ok
11:05:03.0297 5868 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
11:05:03.0301 5868 Processor - ok
11:05:03.0348 5868 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
11:05:03.0370 5868 ProfSvc - ok
11:05:03.0429 5868 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:05:03.0434 5868 ProtectedStorage - ok
11:05:03.0483 5868 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
11:05:03.0491 5868 PSched - ok
11:05:03.0572 5868 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
11:05:03.0599 5868 ql2300 - ok
11:05:03.0642 5868 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:05:03.0646 5868 ql40xx - ok
11:05:03.0699 5868 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
11:05:03.0725 5868 QWAVE - ok
11:05:03.0769 5868 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:05:03.0771 5868 QWAVEdrv - ok
11:05:03.0857 5868 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:05:03.0860 5868 RasAcd - ok
11:05:03.0923 5868 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
11:05:03.0930 5868 RasAuto - ok
11:05:04.0052 5868 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:05:04.0068 5868 Rasl2tp - ok
11:05:04.0135 5868 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
11:05:04.0145 5868 RasMan - ok
11:05:04.0193 5868 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
11:05:04.0197 5868 RasPppoe - ok
11:05:04.0254 5868 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
11:05:04.0265 5868 RasSstp - ok
11:05:04.0333 5868 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
11:05:04.0358 5868 rdbss - ok
11:05:04.0404 5868 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:05:04.0407 5868 RDPCDD - ok
11:05:04.0483 5868 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
11:05:04.0489 5868 rdpdr - ok
11:05:04.0505 5868 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:05:04.0509 5868 RDPENCDD - ok
11:05:04.0558 5868 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
11:05:04.0563 5868 RDPWD - ok
11:05:04.0625 5868 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
11:05:04.0635 5868 RemoteAccess - ok
11:05:04.0694 5868 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
11:05:04.0707 5868 RemoteRegistry - ok
11:05:04.0766 5868 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
11:05:04.0770 5868 RpcLocator - ok
11:05:04.0887 5868 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:05:04.0896 5868 RpcSs - ok
11:05:04.0978 5868 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:05:04.0981 5868 rspndr - ok
11:05:05.0073 5868 RTL8187 (99c27fceb21347daf3ee9e8c205314d6) C:\Windows\system32\DRIVERS\wg111v2.sys
11:05:05.0081 5868 RTL8187 - ok
11:05:05.0154 5868 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:05:05.0157 5868 SamSs - ok
11:05:05.0197 5868 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:05:05.0201 5868 sbp2port - ok
11:05:05.0261 5868 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
11:05:05.0273 5868 SCardSvr - ok
11:05:05.0358 5868 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
11:05:05.0408 5868 Schedule - ok
11:05:05.0454 5868 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:05:05.0455 5868 SCPolicySvc - ok
11:05:05.0500 5868 sdbus (4339a2585708c7d9b0c0ce5aad3dd6ff) C:\Windows\system32\DRIVERS\sdbus.sys
11:05:05.0504 5868 sdbus - ok
11:05:05.0554 5868 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
11:05:05.0567 5868 SDRSVC - ok
11:05:05.0704 5868 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
11:05:05.0740 5868 SeaPort - ok
11:05:05.0786 5868 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:05:05.0790 5868 secdrv - ok
11:05:05.0841 5868 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
11:05:05.0849 5868 seclogon - ok
11:05:05.0896 5868 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
11:05:05.0902 5868 SENS - ok
11:05:05.0946 5868 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
11:05:05.0950 5868 Serenum - ok
11:05:05.0984 5868 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
11:05:05.0993 5868 Serial - ok
11:05:06.0088 5868 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:05:06.0091 5868 sermouse - ok
11:05:06.0271 5868 ServicepointService (b041aae7a14a0db47583f9c866b8b2ea) C:\Program Files\Verizon\VSP\ServicepointService.exe
11:05:06.0331 5868 ServicepointService - ok
11:05:06.0415 5868 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
11:05:06.0427 5868 SessionEnv - ok
11:05:06.0503 5868 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
11:05:06.0506 5868 sffdisk - ok
11:05:06.0544 5868 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
11:05:06.0547 5868 sffp_mmc - ok
11:05:06.0593 5868 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
11:05:06.0596 5868 sffp_sd - ok
11:05:06.0639 5868 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:05:06.0641 5868 sfloppy - ok
11:05:06.0715 5868 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
11:05:06.0741 5868 SharedAccess - ok
11:05:06.0792 5868 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
11:05:06.0815 5868 ShellHWDetection - ok
11:05:06.0850 5868 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
11:05:06.0853 5868 sisagp - ok
11:05:06.0879 5868 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
11:05:06.0883 5868 SiSRaid2 - ok
11:05:06.0920 5868 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
11:05:06.0923 5868 SiSRaid4 - ok
11:05:07.0097 5868 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
11:05:07.0230 5868 slsvc - ok
11:05:07.0330 5868 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
11:05:07.0335 5868 SLUINotify - ok
11:05:07.0449 5868 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
11:05:07.0453 5868 Smb - ok
11:05:07.0513 5868 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
11:05:07.0519 5868 SNMPTRAP - ok
11:05:07.0588 5868 SolidWorks Licensing Service (4945020bc094c322571184a6e8056b3a) C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
11:05:07.0597 5868 SolidWorks Licensing Service - ok
11:05:07.0654 5868 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:05:07.0659 5868 spldr - ok
11:05:07.0721 5868 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
11:05:07.0736 5868 Spooler - ok
11:05:07.0803 5868 sprtsvc_ncnetworksdm - ok
11:05:07.0864 5868 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
11:05:07.0894 5868 srv - ok
11:05:07.0940 5868 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
11:05:07.0955 5868 srv2 - ok
11:05:08.0039 5868 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
11:05:08.0055 5868 srvnet - ok
11:05:08.0131 5868 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
11:05:08.0157 5868 SSDPSRV - ok
11:05:08.0243 5868 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
11:05:08.0258 5868 SstpSvc - ok
11:05:08.0325 5868 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
11:05:08.0387 5868 stisvc - ok
11:05:08.0511 5868 SupportSoft RemoteAssist (2e5586392cdfbd1d73badb20e9ed6386) C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
11:05:08.0528 5868 SupportSoft RemoteAssist - ok
11:05:08.0657 5868 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:05:08.0661 5868 swenum - ok
11:05:08.0720 5868 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
11:05:08.0749 5868 swprv - ok
11:05:08.0801 5868 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:05:08.0804 5868 Symc8xx - ok
11:05:08.0827 5868 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:05:08.0830 5868 Sym_hi - ok
11:05:08.0849 5868 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:05:08.0854 5868 Sym_u3 - ok
11:05:08.0913 5868 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
11:05:08.0973 5868 SysMain - ok
11:05:09.0013 5868 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
11:05:09.0024 5868 TabletInputService - ok
11:05:09.0093 5868 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
11:05:09.0121 5868 TapiSrv - ok
11:05:09.0173 5868 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
11:05:09.0184 5868 TBS - ok
11:05:09.0273 5868 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
11:05:09.0298 5868 Tcpip - ok
11:05:09.0372 5868 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
11:05:09.0383 5868 Tcpip6 - ok
11:05:09.0426 5868 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
11:05:09.0429 5868 tcpipreg - ok
11:05:09.0500 5868 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:05:09.0503 5868 TDPIPE - ok
11:05:09.0545 5868 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:05:09.0548 5868 TDTCP - ok
11:05:09.0610 5868 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
11:05:09.0614 5868 tdx - ok
11:05:09.0671 5868 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
11:05:09.0674 5868 TermDD - ok
11:05:09.0737 5868 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
11:05:09.0754 5868 TermService - ok
11:05:09.0836 5868 tgsrvc_ncnetworksdm - ok
11:05:09.0892 5868 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
11:05:09.0898 5868 Themes - ok
11:05:09.0944 5868 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:05:09.0955 5868 THREADORDER - ok
11:05:09.0995 5868 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
11:05:10.0008 5868 TrkWks - ok
11:05:10.0055 5868 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
11:05:10.0057 5868 TrustedInstaller - ok
11:05:10.0154 5868 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:05:10.0157 5868 tssecsrv - ok
11:05:10.0228 5868 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:05:10.0232 5868 tunmp - ok
11:05:10.0281 5868 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
11:05:10.0285 5868 tunnel - ok
11:05:10.0315 5868 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
11:05:10.0318 5868 uagp35 - ok
11:05:10.0371 5868 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
11:05:10.0378 5868 udfs - ok
11:05:10.0437 5868 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
11:05:10.0446 5868 UI0Detect - ok
11:05:10.0486 5868 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
11:05:10.0489 5868 uliagpkx - ok
11:05:10.0527 5868 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
11:05:10.0534 5868 uliahci - ok
11:05:10.0573 5868 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:05:10.0578 5868 UlSata - ok
11:05:10.0623 5868 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:05:10.0627 5868 ulsata2 - ok
11:05:10.0666 5868 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:05:10.0669 5868 umbus - ok
11:05:10.0723 5868 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
11:05:10.0740 5868 upnphost - ok
11:05:10.0827 5868 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
11:05:10.0847 5868 usbccgp - ok
11:05:10.0871 5868 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:05:10.0875 5868 usbcir - ok
11:05:10.0925 5868 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
11:05:10.0929 5868 usbehci - ok
11:05:10.0975 5868 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
11:05:11.0001 5868 usbhub - ok
11:05:11.0042 5868 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
11:05:11.0048 5868 usbohci - ok
11:05:11.0115 5868 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
11:05:11.0129 5868 usbprint - ok
11:05:11.0186 5868 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:05:11.0189 5868 USBSTOR - ok
11:05:11.0244 5868 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:05:11.0249 5868 usbuhci - ok
11:05:11.0321 5868 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
11:05:11.0330 5868 UxSms - ok
11:05:11.0416 5868 VBoxDrv (f6d4e8be72d03a6b1a72c12790c51c48) C:\Windows\system32\DRIVERS\VBoxDrv.sys
11:05:11.0432 5868 VBoxDrv - ok
11:05:11.0506 5868 VBoxNetAdp (42934f05ba89f589a34a11e0661c233b) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
11:05:11.0514 5868 VBoxNetAdp - ok
11:05:11.0585 5868 VBoxNetFlt (cbb6f6d2f9a90853f830876967e514c6) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
11:05:11.0589 5868 VBoxNetFlt - ok
11:05:11.0644 5868 VBoxUSB (91981259f50fcb7b19805592429145c3) C:\Windows\system32\Drivers\VBoxUSB.sys
11:05:11.0646 5868 VBoxUSB - ok
11:05:11.0729 5868 VBoxUSBMon (0115e38f398dd71830b522ba28c1b2c5) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
11:05:11.0736 5868 VBoxUSBMon - ok
11:05:11.0797 5868 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
11:05:11.0830 5868 vds - ok
11:05:11.0882 5868 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
11:05:11.0885 5868 vga - ok
11:05:11.0924 5868 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:05:11.0930 5868 VgaSave - ok
11:05:11.0970 5868 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
11:05:11.0973 5868 viaagp - ok
11:05:12.0009 5868 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
11:05:12.0013 5868 ViaC7 - ok
11:05:12.0057 5868 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
11:05:12.0061 5868 viaide - ok
11:05:12.0115 5868 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:05:12.0123 5868 volmgr - ok
11:05:12.0187 5868 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
11:05:12.0215 5868 volmgrx - ok
11:05:12.0251 5868 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
11:05:12.0274 5868 volsnap - ok
11:05:12.0312 5868 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
11:05:12.0316 5868 vsmraid - ok
11:05:12.0398 5868 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
11:05:12.0481 5868 VSS - ok
11:05:12.0526 5868 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
11:05:12.0559 5868 W32Time - ok
11:05:12.0597 5868 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:05:12.0599 5868 WacomPen - ok
11:05:12.0652 5868 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:05:12.0660 5868 Wanarp - ok
11:05:12.0666 5868 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:05:12.0668 5868 Wanarpv6 - ok
11:05:12.0719 5868 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
11:05:12.0758 5868 wcncsvc - ok
11:05:12.0805 5868 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
11:05:12.0813 5868 WcsPlugInService - ok
11:05:12.0831 5868 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
11:05:12.0833 5868 Wd - ok
11:05:12.0903 5868 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
11:05:12.0942 5868 Wdf01000 - ok
11:05:13.0005 5868 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:05:13.0018 5868 WdiServiceHost - ok
11:05:13.0025 5868 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:05:13.0032 5868 WdiSystemHost - ok
11:05:13.0095 5868 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
11:05:13.0118 5868 WebClient - ok
11:05:13.0174 5868 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
11:05:13.0191 5868 Wecsvc - ok
11:05:13.0264 5868 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
11:05:13.0275 5868 wercplsupport - ok
11:05:13.0331 5868 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
11:05:13.0346 5868 WerSvc - ok
11:05:13.0434 5868 winachsf (e096ffb754f1e45ae1bddac1275ae2c5) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
11:05:13.0460 5868 winachsf - ok
11:05:13.0589 5868 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
11:05:13.0602 5868 WinDefend - ok
11:05:13.0613 5868 WinHttpAutoProxySvc - ok
11:05:13.0841 5868 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
11:05:13.0853 5868 Winmgmt - ok
11:05:14.0010 5868 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
11:05:14.0077 5868 WinRM - ok
11:05:14.0166 5868 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.SYS
11:05:14.0170 5868 winusb - ok
11:05:14.0234 5868 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
11:05:14.0281 5868 Wlansvc - ok
11:05:14.0372 5868 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:05:14.0380 5868 wlcrasvc - ok
11:05:14.0529 5868 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:05:14.0642 5868 wlidsvc - ok
11:05:14.0728 5868 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
11:05:14.0733 5868 WmiAcpi - ok
11:05:14.0842 5868 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
11:05:14.0857 5868 wmiApSrv - ok
11:05:14.0977 5868 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
11:05:15.0052 5868 WMPNetworkSvc - ok
11:05:15.0074 5868 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
11:05:15.0091 5868 WPCSvc - ok
11:05:15.0150 5868 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
11:05:15.0163 5868 WPDBusEnum - ok
11:05:15.0370 5868 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:05:15.0462 5868 WPFFontCache_v0400 - ok
11:05:15.0511 5868 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:05:15.0516 5868 ws2ifsl - ok
11:05:15.0568 5868 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
11:05:15.0578 5868 wscsvc - ok
11:05:15.0594 5868 WSearch - ok
11:05:15.0715 5868 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
11:05:15.0832 5868 wuauserv - ok
11:05:15.0892 5868 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:05:15.0902 5868 WUDFRd - ok
11:05:15.0950 5868 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
11:05:15.0956 5868 wudfsvc - ok
11:05:16.0005 5868 XAudio (e3fcf2870b5d7979b3bf10e98a71c847) C:\Windows\system32\DRIVERS\xaudio.sys
11:05:16.0009 5868 XAudio - ok
11:05:16.0058 5868 XAudioService (96db5621857e1fddd1aa60733748bf17) C:\Windows\system32\DRIVERS\xaudio.exe
11:05:16.0095 5868 XAudioService - ok
11:05:16.0141 5868 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
11:05:16.0299 5868 \Device\Harddisk0\DR0 - ok
11:05:16.0306 5868 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
11:05:19.0866 5868 \Device\Harddisk1\DR1 - ok
11:05:19.0883 5868 Boot (0x1200) (8f1473aade69fa8015313f2eb88db7f7) \Device\Harddisk0\DR0\Partition0
11:05:19.0900 5868 \Device\Harddisk0\DR0\Partition0 - ok
11:05:19.0913 5868 Boot (0x1200) (b7415934f5a9632509743519f9577bbd) \Device\Harddisk0\DR0\Partition1
11:05:19.0915 5868 \Device\Harddisk0\DR0\Partition1 - ok
11:05:19.0921 5868 Boot (0x1200) (fe6998923551e3fb543a51a73148edbb) \Device\Harddisk1\DR1\Partition0
11:05:19.0922 5868 \Device\Harddisk1\DR1\Partition0 - ok
11:05:19.0924 5868 ============================================================
11:05:19.0924 5868 Scan finished
11:05:19.0924 5868 ============================================================
11:05:19.0940 5856 Detected object count: 0
11:05:19.0941 5856 Actual detected object count: 0
11:05:50.0999 5508 Deinitialize success
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-03-31 19:29:34
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 WDC_WD3200AAJS-22RYA0 rev.12.01B01
Running: 7p6rd4hz.exe; Driver: C:\Users\Don\AppData\Local\Temp\uwldapow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xAA1D0F3C]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xAA1D0FE4]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xAA1D1080]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xAA1D111C]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 3F1 81EBCB74 1 Byte [3C]
.text ntkrnlpa.exe!KeSetEvent + 3F1 81EBCB74 4 Bytes [3C, 0F, 1D, AA]
.text ntkrnlpa.exe!KeSetEvent + 621 81EBCDA4 8 Bytes [E4, 0F, 1D, AA, 80, 10, 1D, ...] {IN AL, 0xf; SBB EAX, 0x1d1080aa; STOSB }
.text ntkrnlpa.exe!KeSetEvent + 681 81EBCE04 4 Bytes [1C, 11, 1D, AA]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73B47817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73B9A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73B4BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73B3F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73B475E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73B3E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73B78395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [73B4DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73B3FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73B3FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73B371CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [73BCCAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [73B6C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73B3D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73B36853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73B3687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2072] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73B42AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----


Also Anti Malware didn't find anything. Please advise what to do if you find anything?

Thanks
Raceware

Edited by raceware, 01 April 2012 - 10:28 AM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:09 AM

Posted 01 April 2012 - 11:05 AM

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#8 raceware

raceware
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 03 April 2012 - 08:06 PM

Here is the MiniBox Log, also the Scanner didn't find anything to post. Please advise.

Thanks
Raceware

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
MiniToolBox by Farbar Version: 18-01-2012
Ran by Don (administrator) on 03-04-2012 at 21:02:16
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: http=localhost:8080

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

VirtualBox Host-Only Ethernet Adapter = Local Area Connection 2 (Disconnected)
Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Local Area Connection 2" address=192.168.56.1


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Don-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : westell.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-19-D1-6C-09-42
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ed67:8b73:e86d:52d3%8(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.24(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, April 03, 2012 8:46:03 PM
Lease Expires . . . . . . . . . . : Wednesday, April 04, 2012 8:46:03 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 201333201
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0D-E1-6C-FF-00-19-D1-68-81-D3
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 25:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : isatap.westell.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:343b:376b:3f57:fee7(Preferred)
Link-local IPv6 Address . . . . . : fe80::343b:376b:3f57:fee7%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 20:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{0686B074-E180-45B1-A7BF-2BA3AC0F498A}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 21:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 22:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{0686B074-E180-45B1-A7BF-2BA3AC0F498A}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 23:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{0686B074-E180-45B1-A7BF-2BA3AC0F498A}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 24:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{0686B074-E180-45B1-A7BF-2BA3AC0F498A}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.225.0
74.125.225.1
74.125.225.3
74.125.225.4
74.125.225.5
74.125.225.7
74.125.225.6
74.125.225.2
74.125.225.9
74.125.225.8
74.125.225.14



Pinging google.com [74.125.225.14] with 32 bytes of data:

Reply from 74.125.225.14: bytes=32 time=67ms TTL=56

Reply from 74.125.225.14: bytes=32 time=55ms TTL=56



Ping statistics for 74.125.225.14:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 55ms, Maximum = 67ms, Average = 61ms

Server: dslrouter.westell.com
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=80ms TTL=54

Reply from 209.191.122.70: bytes=32 time=81ms TTL=54



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 80ms, Maximum = 81ms, Average = 80ms

Server: dslrouter.westell.com
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=14ms TTL=128

Reply from 127.0.0.1: bytes=32 time=4ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 4ms, Maximum = 14ms, Average = 9ms

===========================================================================
Interface List
8 ...00 19 d1 6c 09 42 ...... Intel® PRO/100 VE Network Connection
1 ........................... Software Loopback Interface 1
30 ...00 00 00 00 00 00 00 e0 isatap.westell.com
9 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
11 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
15 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
20 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
21 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
18 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
23 ...00 00 00 00 00 00 00 e0 isatap.{0686B074-E180-45B1-A7BF-2BA3AC0F498A}
22 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
24 ...00 00 00 00 00 00 00 e0 isatap.{0686B074-E180-45B1-A7BF-2BA3AC0F498A}
25 ...00 00 00 00 00 00 00 e0 isatap.{0686B074-E180-45B1-A7BF-2BA3AC0F498A}
26 ...00 00 00 00 00 00 00 e0 isatap.{0686B074-E180-45B1-A7BF-2BA3AC0F498A}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.24 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.24 276
192.168.1.24 255.255.255.255 On-link 192.168.1.24 276
192.168.1.255 255.255.255.255 On-link 192.168.1.24 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.24 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.24 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 18 ::/0 On-link
1 306 ::1/128 On-link
18 18 2001::/32 On-link
18 266 2001:0:4137:9e76:343b:376b:3f57:fee7/128
On-link
8 276 fe80::/64 On-link
18 266 fe80::/64 On-link
18 266 fe80::343b:376b:3f57:fee7/128
On-link
8 276 fe80::ed67:8b73:e86d:52d3/128
On-link
1 306 ff00::/8 On-link
18 266 ff00::/8 On-link
8 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/31/2012 00:26:34 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (03/31/2012 00:26:25 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (03/18/2012 09:38:18 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (03/18/2012 09:34:30 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.0.6002.18005 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: e30
Start Time: 01cd053c3995f867
Termination Time: 2824

Error: (03/15/2012 10:06:39 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context: Application, SystemIndex Catalog

Error: (03/15/2012 10:06:38 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Error: (03/14/2012 09:32:34 PM) (Source: Application Error) (User: )
Description: Faulting application acad.exe, version 23.1.51.0, time stamp 0x45cffe3b, faulting module adlmdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000142, fault offset 0x00009f5d,
process id 0x150c, application start time 0xacad.exe0.

Error: (03/14/2012 09:32:14 PM) (Source: Autodesk SC) (User: )
Description: 98-164

Error: (03/13/2012 05:51:27 PM) (Source: RasClient) (User: )
Description: CoId={6D6E3193-D892-47FB-B717-330890BEB86F}: The user Don-PC\Don dialed a connection named Dial-up Connection which has failed. The error code returned on failure is 0.

Error: (03/13/2012 05:51:27 PM) (Source: RasClient) (User: )
Description: CoId={6D6E3193-D892-47FB-B717-330890BEB86F}: The user Don-PC\Don dialed a connection named Dial-up Connection which has failed. The error code returned on failure is 0.


System errors:
=============
Error: (04/03/2012 08:57:07 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (04/03/2012 08:55:03 PM) (Source: Service Control Manager) (User: )
Description: Security Center

Error: (04/03/2012 08:53:51 PM) (Source: DCOM) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}

Error: (04/03/2012 08:45:52 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:12:49 AM on 4/3/2012 was unexpected.

Error: (04/02/2012 07:36:30 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:05:23 PM on 4/1/2012 was unexpected.

Error: (04/01/2012 10:55:40 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:15:25 AM on 4/1/2012 was unexpected.

Error: (03/31/2012 01:04:57 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (03/31/2012 00:59:12 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:57:34 PM on 3/31/2012 was unexpected.

Error: (03/31/2012 00:51:41 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:49:53 PM on 3/31/2012 was unexpected.

Error: (03/31/2012 00:46:05 PM) (Source: Service Control Manager) (User: )
Description: 30000avgwd


Microsoft Office Sessions:
=========================
Error: (04/05/2011 07:41:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 112 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/05/2011 07:39:23 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 801 seconds with 120 seconds of active time. This session ended with a crash.

Error: (12/11/2010 00:36:28 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 924 seconds with 240 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe Acrobat 8 Standard - English, Français, Deutsch (Version: 8.1.4)
Adobe Acrobat 8.1.4 Standard (Version: 8.1.4)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.16)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader 8.1.3 (Version: 8.1.3)
AnswerWorks 5.0 English Runtime (Version: 5.0.6)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
AutoCAD 2000
AutoCAD 2004 (Version: 16.0.0.086)
AutoCAD 2006 - English (Version: 16.2.54.10)
AutoCAD 2008 - English (Version: 17.1.51.0)
Autodesk DWF Viewer 7 (Version: 7.2.0)
Autodesk Express Viewer (Version: 3.1)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2114)
AVG 2012 (Version: 2012.0.1913)
Bejeweled 2 Deluxe (Version: WT021888)
Bing Bar (Version: 7.0.609.0)
Blackhawk Striker 2 (Version: WT021890)
Blasterball 3 (Version: WT021892)
BobCAD-CAM 2007 (Version: 22.00)
BobCAD-CAM V22 (Version: 22.70.002)
BobCAD-CAM V23 (Version: 23.02.001)
Browser Address Error Redirector
CamStudio
D3DX10 (Version: 15.4.2368.0902)
Deal Info (Version: 2008.1.22.0)
Digital Media Reader (Version: 2.01.03.01)
Diner Dash - Flo on the Go (Version: WT021894)
DWG TrueView 2009 (Version: 17.2.56.0)
EarthLink Common Authentication (Version: 1.0.86.0)
EarthLink FastLane (Version: 5.8.0.13)
EarthLink Software (Version: 2008.1.22.0)
EarthLink Toolbar
ESET Online Scanner v3
Eusing Free Registry Cleaner
Family Feud 2 (Version: WT021896)
FATE (Version: WT021682)
Gateway Connect (Version: 1.1.0)
Gateway Recovery Center Installer (Version: 1.01.025)
Google Chrome (Version: 18.0.1025.142)
Google Desktop (Version: 5.7.0806.10245)
Google Earth (Version: 4.3.7284.3916)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
Google Updater (Version: 2.4.1536.6592)
HijackThis 2.0.2 (Version: 2.0.2)
ieSpell (Version: 2.6.4 (build 573))
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
Junk Mail filter update (Version: 15.4.3502.0922)
Linkit_eBay (Version: 1.0.0)
Macromedia Contribute 3.11 (Version: 3.11.0.2419)
Macromedia Dreamweaver 8 (Version: 8.0.0.2734)
Macromedia Extension Manager (Version: 1.7.240)
Macromedia Fireworks 8 (Version: 8.0.0.777)
Macromedia Flash 8 (Version: 8.00.0000)
Macromedia Flash 8 Video Encoder (Version: 1.00.0000)
Macromedia Flash Player 8 Plugin (Version: 8.0.22.0)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Compatibility Toolkit 5.0 (Version: 5.0.5428.935)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000)
Microsoft Digital Image Starter Edition 2006 (Version: 11.0.2018)
Microsoft Digital Image Starter Edition 2006 Editor (Version: 11.0.2018)
Microsoft Digital Image Starter Edition 2006 Library (Version: 11.0.2018)
Microsoft IntelliPoint 7.1 (Version: 7.10.344.0)
Microsoft IntelliType Pro 7.1 (Version: 7.10.344.0)
Microsoft Money 2006 (Version: 15)
Microsoft Office 2003 Web Components (Version: 12.0.6213.1000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.05.0818)
Microsoft XML Parser (Version: 8.20.8730.4)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Napster (Version: 3.7.3.3)
Napster Burn Engine (Version: 3.5.0000)
Oracle VM VirtualBox 4.0.4 (Version: 4.0.4)
Panda ActiveScan 2.0 (Version: 01.04.01.0014)
PCsync (Version: 5.01.1700)
Penguins! (Version: WT021900)
Polar Bowler (Version: WT021902)
Polar Golfer (Version: WT021904)
Power2Go 5.0
Predator CNC Editor 2005 for BobCAD (Version: 7.00)
Predator Virtual CNC 2005 for BobCAD (Version: 7.00)
PS2 Multimedia Keyboard Driver
Quicken 2008 (Version: 17.1.1.24)
QuickTime (Version: 7.71.80.42)
Realtek High Definition Audio Driver (Version: 6.0.1.5334)
Redistributed Files (Version: 2.0.46.0)
Segoe UI (Version: 15.4.2271.0615)
Simple Webcam Capture v1.2 (remove only)
SIW version 2011.10.29 (Version: 2011.10.29)
Smart Installer
Soft Data Fax Modem with SmartCP
Solid Edge 2D Drafting ST4 (Version: 104.00.00082)
SolidWorks 2008 SP0 (Version: 16.1.0003)
Sony USB Driver
Spinco Download Manager (Version: 1.0.0)
TotalAccess Core Applications (Version: 2008.1.22.0)
Tradewinds (Version: WT022436)
TWC Customer Controls (Version: 7)
Unix Utilities for Yahoo! Widgets
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
VBA (2627.01) (Version: 6.03.00.9402)
Verizon Broadband Toolbar (IE only)
Verizon Servicepoint 3.7.44 (Version: 3.7.44)
Video Caster 3.4
Vz In Home Agent (Version: 7.06.04)
Vz In Home Agent (Version: 8.02.23)
WildTangent Games App (Gateway Games) (Version: 4.0.5.36)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Wise Registry Cleaner 5.9.4 (Version: 5.9.4)
Yahoo! Widgets (Version: 4.5.2.0)

========================= Memory info: ===================================

Percentage of memory in use: 71%
Total physical RAM: 1012.6 MB
Available physical RAM: 292.07 MB
Total Pagefile: 2285.53 MB
Available Pagefile: 705.62 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.31 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:288.3 GB) (Free:178.7 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:9.79 GB) (Free:4.27 GB) NTFS
8 Drive j: (Lexar) (Removable) (Total:7.45 GB) (Free:0.51 GB) FAT32

========================= Users: ========================================

User accounts for \\DON-PC

Administrator ASPNET Don
Guest


**** End of log ****

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:09 AM

Posted 05 April 2012 - 04:54 AM

That looks good

Does panda still shows warning? If yes can you post the log?

Thanks

#10 raceware

raceware
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 05 April 2012 - 12:30 PM

I will run again & Post results.

Thanks

raceware

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:09 AM

Posted 05 April 2012 - 11:29 PM

:thumbup2:

#12 raceware

raceware
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 11 April 2012 - 06:26 AM

I ran Panda again, & Low & behold after reading throughly probably what I failed to do the first time I noticed that the virus we were trying to eradicate was on a thumb drive I had plugged in on a file I had downloaded not on my C: drive so I seem to not have a virus on my system & my problem with not being able to burn any media must be related to another problem. I am sorry that I have wasted your time because you certainly were trying to help and I certainly don't want to cause any problem any person you may help in the future because of me not being able to read throughly. I have since deleted the file on the thumb drive for FYI. I do want to thank you for your help it is gratefully appreciated.

Sincerely
Raceware

Edited by raceware, 11 April 2012 - 06:28 AM.


#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:09 AM

Posted 11 April 2012 - 06:35 AM

No issues,i'm happy that you're PC is clean now.

Be careful with thumb drive.Always scan thumb drives before copying files.

good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users