Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

google hijack please help


  • Please log in to reply
12 replies to this topic

#1 gaber228

gaber228

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 17 May 2012 - 02:45 PM

Hello. As the topic title states, I believe I am infected with the google hijack. Please help.

TDSSKiller


15:40:10.0055 1320 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
15:40:10.0349 1320 ============================================================
15:40:10.0349 1320 Current date / time: 2012/05/17 15:40:10.0349
15:40:10.0349 1320 SystemInfo:
15:40:10.0349 1320
15:40:10.0349 1320 OS Version: 6.1.7600 ServicePack: 0.0
15:40:10.0349 1320 Product type: Workstation
15:40:10.0349 1320 ComputerName: PH2
15:40:10.0349 1320 UserName: Pharmacy
15:40:10.0349 1320 Windows directory: C:\Windows
15:40:10.0349 1320 System windows directory: C:\Windows
15:40:10.0349 1320 Processor architecture: Intel x86
15:40:10.0349 1320 Number of processors: 2
15:40:10.0349 1320 Page size: 0x1000
15:40:10.0349 1320 Boot type: Normal boot
15:40:10.0349 1320 ============================================================
15:40:28.0860 1320 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:40:29.0131 1320 Drive \Device\Harddisk2\DR2 - Size: 0x3C3D12000 (15.06 Gb), SectorSize: 0x200, Cylinders: 0x7AD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:40:29.0132 1320 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0B00000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:40:29.0132 1320 ============================================================
15:40:29.0132 1320 \Device\Harddisk0\DR0:
15:40:29.0142 1320 MBR partitions:
15:40:29.0142 1320 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
15:40:29.0142 1320 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x10CA5720
15:40:29.0142 1320 \Device\Harddisk2\DR2:
15:40:29.0142 1320 MBR partitions:
15:40:29.0142 1320 \Device\Harddisk3\DR3:
15:40:29.0142 1320 MBR partitions:
15:40:29.0142 1320 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
15:40:29.0142 1320 ============================================================
15:40:29.0314 1320 C: <-> \Device\Harddisk0\DR0\Partition1
15:40:29.0329 1320 I: <-> \Device\Harddisk3\DR3\Partition0
15:40:29.0329 1320 ============================================================
15:40:29.0329 1320 Initialize success
15:40:29.0329 1320 ============================================================
15:40:31.0161 5836 ============================================================
15:40:31.0161 5836 Scan started
15:40:31.0161 5836 Mode: Manual;
15:40:31.0161 5836 ============================================================
15:40:35.0115 5836 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
15:40:35.0135 5836 1394ohci - ok
15:40:35.0180 5836 acfva (78c1e6b8325c8537a59c547e38ae979d) C:\Windows\system32\DRIVERS\ACFVA32.sys
15:40:35.0190 5836 acfva - ok
15:40:35.0226 5836 AcfXAudioService (16fd88844fa33906034710c56130c7ab) C:\Windows\system32\ACFXAU32.dll
15:40:35.0228 5836 AcfXAudioService - ok
15:40:35.0264 5836 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
15:40:35.0266 5836 ACPI - ok
15:40:35.0284 5836 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
15:40:35.0292 5836 AcpiPmi - ok
15:40:35.0471 5836 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:40:35.0472 5836 AdobeARMservice - ok
15:40:35.0533 5836 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:40:35.0595 5836 AdobeFlashPlayerUpdateSvc - ok
15:40:35.0668 5836 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
15:40:35.0696 5836 adp94xx - ok
15:40:35.0814 5836 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
15:40:35.0827 5836 adpahci - ok
15:40:35.0847 5836 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
15:40:35.0859 5836 adpu320 - ok
15:40:35.0888 5836 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
15:40:35.0889 5836 AeLookupSvc - ok
15:40:35.0922 5836 AERTFilters (7a841462ad4749f8a07b27ae8e8947b8) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
15:40:35.0923 5836 AERTFilters - ok
15:40:35.0977 5836 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
15:40:35.0989 5836 AFD - ok
15:40:36.0048 5836 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
15:40:36.0057 5836 agp440 - ok
15:40:36.0075 5836 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
15:40:36.0086 5836 aic78xx - ok
15:40:36.0123 5836 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
15:40:36.0131 5836 ALG - ok
15:40:36.0162 5836 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
15:40:36.0171 5836 aliide - ok
15:40:36.0184 5836 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
15:40:36.0211 5836 amdagp - ok
15:40:36.0241 5836 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
15:40:36.0251 5836 amdide - ok
15:40:36.0270 5836 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
15:40:36.0279 5836 AmdK8 - ok
15:40:36.0293 5836 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
15:40:36.0303 5836 AmdPPM - ok
15:40:36.0359 5836 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
15:40:36.0369 5836 amdsata - ok
15:40:36.0400 5836 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
15:40:36.0420 5836 amdsbs - ok
15:40:36.0462 5836 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
15:40:36.0463 5836 amdxata - ok
15:40:36.0491 5836 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
15:40:36.0500 5836 AppID - ok
15:40:36.0532 5836 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
15:40:36.0539 5836 AppIDSvc - ok
15:40:36.0566 5836 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll
15:40:36.0573 5836 Appinfo - ok
15:40:36.0782 5836 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:40:36.0782 5836 Apple Mobile Device - ok
15:40:36.0891 5836 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
15:40:36.0891 5836 AppMgmt - ok
15:40:36.0938 5836 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
15:40:36.0953 5836 arc - ok
15:40:36.0969 5836 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
15:40:36.0985 5836 arcsas - ok
15:40:37.0047 5836 aspnet_state (39cdcb109bf200cc8a05b9c7e6272d11) C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:40:37.0047 5836 aspnet_state - ok
15:40:37.0063 5836 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
15:40:37.0078 5836 AsyncMac - ok
15:40:37.0109 5836 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
15:40:37.0109 5836 atapi - ok
15:40:37.0172 5836 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
15:40:37.0172 5836 AudioEndpointBuilder - ok
15:40:37.0172 5836 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
15:40:37.0172 5836 Audiosrv - ok
15:40:37.0546 5836 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
15:40:37.0577 5836 AVGIDSAgent - ok
15:40:37.0843 5836 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\Windows\system32\DRIVERS\avgidsdriverx.sys
15:40:37.0843 5836 AVGIDSDriver - ok
15:40:37.0889 5836 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\Windows\system32\DRIVERS\avgidsfilterx.sys
15:40:37.0889 5836 AVGIDSFilter - ok
15:40:37.0936 5836 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\Windows\system32\DRIVERS\avgidshx.sys
15:40:37.0936 5836 AVGIDSHX - ok
15:40:37.0967 5836 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\Windows\system32\DRIVERS\avgidsshimx.sys
15:40:37.0967 5836 AVGIDSShim - ok
15:40:38.0030 5836 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\Windows\system32\DRIVERS\avgldx86.sys
15:40:38.0030 5836 Avgldx86 - ok
15:40:38.0092 5836 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\Windows\system32\DRIVERS\avgmfx86.sys
15:40:38.0092 5836 Avgmfx86 - ok
15:40:38.0108 5836 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\Windows\system32\DRIVERS\avgrkx86.sys
15:40:38.0108 5836 Avgrkx86 - ok
15:40:38.0170 5836 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\Windows\system32\DRIVERS\avgtdix.sys
15:40:38.0186 5836 Avgtdix - ok
15:40:38.0355 5836 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
15:40:38.0356 5836 avgwd - ok
15:40:38.0394 5836 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll
15:40:38.0403 5836 AxInstSV - ok
15:40:38.0471 5836 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
15:40:38.0485 5836 b06bdrv - ok
15:40:38.0533 5836 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
15:40:38.0551 5836 b57nd60x - ok
15:40:38.0580 5836 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
15:40:38.0587 5836 BDESVC - ok
15:40:38.0610 5836 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
15:40:38.0618 5836 Beep - ok
15:40:38.0657 5836 BFE (85ac71c045ceb054ed48a7841aae0c11) C:\Windows\System32\bfe.dll
15:40:38.0662 5836 BFE - ok
15:40:38.0750 5836 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\system32\qmgr.dll
15:40:38.0763 5836 BITS - ok
15:40:38.0849 5836 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
15:40:38.0870 5836 blbdrive - ok
15:40:39.0267 5836 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
15:40:39.0269 5836 Bonjour Service - ok
15:40:39.0348 5836 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
15:40:39.0349 5836 bowser - ok
15:40:39.0430 5836 BPowMon (104c980400850ea84f86cd31ae2eeece) C:\Program Files\Broadcom\BPowMon\BPowMon.exe
15:40:39.0431 5836 BPowMon - ok
15:40:39.0444 5836 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:40:39.0454 5836 BrFiltLo - ok
15:40:39.0483 5836 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:40:39.0498 5836 BrFiltUp - ok
15:40:39.0537 5836 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
15:40:39.0547 5836 BridgeMP - ok
15:40:39.0615 5836 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll
15:40:39.0616 5836 Browser - ok
15:40:39.0780 5836 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
15:40:39.0801 5836 Brserid - ok
15:40:39.0820 5836 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
15:40:39.0829 5836 BrSerWdm - ok
15:40:39.0849 5836 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:40:39.0858 5836 BrUsbMdm - ok
15:40:39.0872 5836 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
15:40:39.0881 5836 BrUsbSer - ok
15:40:39.0897 5836 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
15:40:39.0907 5836 BTHMODEM - ok
15:40:40.0029 5836 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
15:40:40.0039 5836 bthserv - ok
15:40:40.0227 5836 catchme - ok
15:40:40.0546 5836 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
15:40:40.0607 5836 cdfs - ok
15:40:40.0865 5836 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
15:40:40.0877 5836 cdrom - ok
15:40:41.0000 5836 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
15:40:41.0013 5836 CertPropSvc - ok
15:40:41.0160 5836 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
15:40:41.0179 5836 circlass - ok
15:40:41.0261 5836 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
15:40:41.0263 5836 CLFS - ok
15:40:41.0532 5836 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:40:41.0570 5836 clr_optimization_v2.0.50727_32 - ok
15:40:41.0955 5836 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:40:41.0999 5836 clr_optimization_v4.0.30319_32 - ok
15:40:42.0056 5836 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
15:40:42.0066 5836 CmBatt - ok
15:40:42.0093 5836 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
15:40:42.0102 5836 cmdide - ok
15:40:42.0185 5836 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys
15:40:42.0187 5836 CNG - ok
15:40:42.0259 5836 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
15:40:42.0268 5836 Compbatt - ok
15:40:42.0304 5836 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:40:42.0313 5836 CompositeBus - ok
15:40:42.0324 5836 COMSysApp - ok
15:40:42.0338 5836 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
15:40:42.0348 5836 crcdisk - ok
15:40:42.0388 5836 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll
15:40:42.0389 5836 CryptSvc - ok
15:40:42.0435 5836 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
15:40:42.0457 5836 CSC - ok
15:40:42.0483 5836 CscService (56fb5f222ea30d3d3fc459879772cb73) C:\Windows\System32\cscsvc.dll
15:40:42.0486 5836 CscService - ok
15:40:42.0956 5836 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
15:40:42.0961 5836 DcomLaunch - ok
15:40:43.0053 5836 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
15:40:43.0060 5836 defragsvc - ok
15:40:43.0195 5836 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
15:40:43.0205 5836 DfsC - ok
15:40:43.0271 5836 dgcfltr (68f0095b4214fccb52002dadca322d85) C:\Windows\system32\DRIVERS\ACFDCP32.sys
15:40:43.0280 5836 dgcfltr - ok
15:40:43.0339 5836 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll
15:40:43.0341 5836 Dhcp - ok
15:40:43.0368 5836 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
15:40:43.0370 5836 discache - ok
15:40:43.0400 5836 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
15:40:43.0401 5836 Disk - ok
15:40:43.0451 5836 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\Windows\System32\dnsrslvr.dll
15:40:43.0453 5836 Dnscache - ok
15:40:43.0478 5836 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll
15:40:43.0501 5836 dot3svc - ok
15:40:43.0570 5836 dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
15:40:43.0591 5836 dot4 - ok
15:40:43.0608 5836 Dot4Print (c25fea07a8e7767e8b89ab96a3b96519) C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:40:43.0619 5836 Dot4Print - ok
15:40:43.0652 5836 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
15:40:43.0670 5836 dot4usb - ok
15:40:43.0723 5836 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll
15:40:43.0725 5836 DPS - ok
15:40:43.0762 5836 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
15:40:43.0772 5836 drmkaud - ok
15:40:43.0874 5836 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
15:40:43.0893 5836 DXGKrnl - ok
15:40:44.0002 5836 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
15:40:44.0011 5836 EapHost - ok
15:40:44.0856 5836 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
15:40:44.0956 5836 ebdrv - ok
15:40:45.0268 5836 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\System32\lsass.exe
15:40:45.0270 5836 EFS - ok
15:40:45.0574 5836 ehRecvr (1697c39978cd69f6fbc15302edcece1f) C:\Windows\ehome\ehRecvr.exe
15:40:45.0590 5836 ehRecvr - ok
15:40:45.0626 5836 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
15:40:45.0633 5836 ehSched - ok
15:40:45.0867 5836 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
15:40:45.0888 5836 elxstor - ok
15:40:45.0907 5836 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
15:40:45.0915 5836 ErrDev - ok
15:40:45.0962 5836 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
15:40:45.0964 5836 EventSystem - ok
15:40:46.0003 5836 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
15:40:46.0022 5836 exfat - ok
15:40:46.0045 5836 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
15:40:46.0046 5836 fastfat - ok
15:40:46.0098 5836 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe
15:40:46.0106 5836 Fax - ok
15:40:46.0120 5836 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
15:40:46.0128 5836 fdc - ok
15:40:46.0207 5836 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
15:40:46.0208 5836 fdPHost - ok
15:40:46.0300 5836 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
15:40:46.0302 5836 FDResPub - ok
15:40:46.0520 5836 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
15:40:46.0521 5836 FileInfo - ok
15:40:46.0547 5836 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
15:40:46.0555 5836 Filetrace - ok
15:40:46.0726 5836 FileZilla Server (e3a0cc636f313cb34867123539691dd5) C:\Program Files\FileZilla Server\FileZilla Server.exe
15:40:46.0732 5836 FileZilla Server - ok
15:40:46.0775 5836 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
15:40:46.0784 5836 flpydisk - ok
15:40:46.0808 5836 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
15:40:46.0809 5836 FltMgr - ok
15:40:47.0204 5836 FontCache (7fe4995528a7529a761875151ee3d512) C:\Windows\system32\FntCache.dll
15:40:47.0217 5836 FontCache - ok
15:40:47.0436 5836 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:40:47.0456 5836 FontCache3.0.0.0 - ok
15:40:47.0476 5836 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
15:40:47.0486 5836 FsDepends - ok
15:40:47.0629 5836 Fs_Rec (500a9814fd9446a8126858a5a7f7d273) C:\Windows\system32\drivers\Fs_Rec.sys
15:40:47.0630 5836 Fs_Rec - ok
15:40:47.0674 5836 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
15:40:47.0676 5836 fvevol - ok
15:40:47.0734 5836 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:40:47.0792 5836 gagp30kx - ok
15:40:47.0878 5836 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:40:47.0887 5836 GEARAspiWDM - ok
15:40:48.0240 5836 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll
15:40:48.0244 5836 gpsvc - ok
15:40:48.0408 5836 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
15:40:48.0426 5836 hcw85cir - ok
15:40:48.0500 5836 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:40:48.0501 5836 HDAudBus - ok
15:40:48.0515 5836 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
15:40:48.0538 5836 HidBatt - ok
15:40:48.0602 5836 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
15:40:48.0626 5836 HidBth - ok
15:40:48.0679 5836 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
15:40:48.0687 5836 HidIr - ok
15:40:48.0717 5836 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
15:40:48.0724 5836 hidserv - ok
15:40:48.0833 5836 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
15:40:48.0841 5836 HidUsb - ok
15:40:48.0949 5836 hitmanpro35 (47eece68857817f39c8c6f33a7e5e76c) C:\Windows\system32\drivers\hitmanpro36.sys
15:40:48.0983 5836 hitmanpro35 - ok
15:40:49.0103 5836 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll
15:40:49.0142 5836 hkmsvc - ok
15:40:49.0373 5836 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll
15:40:49.0376 5836 HomeGroupListener - ok
15:40:49.0423 5836 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll
15:40:49.0426 5836 HomeGroupProvider - ok
15:40:49.0545 5836 HP LaserJet Service (32e83b28af9c98ff3013c4546b5e5b6d) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
15:40:49.0546 5836 HP LaserJet Service - ok
15:40:49.0616 5836 HPFXBULK (299683d4c8aaa3f6f5d5d226a1782a6e) C:\Windows\system32\drivers\hpfxbulk.sys
15:40:49.0625 5836 HPFXBULK - ok
15:40:49.0662 5836 HPFXFAX (f728db73a87231e27b6ba34d71ce2edb) C:\Windows\system32\drivers\hpfxfax.sys
15:40:49.0671 5836 HPFXFAX - ok
15:40:49.0819 5836 hpqcxs08 (58d4765ab87347db835d5693adf652c1) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
15:40:49.0821 5836 hpqcxs08 - ok
15:40:49.0850 5836 hpqddsvc (99ed733f614660eb32199bf889dfb7e2) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
15:40:49.0851 5836 hpqddsvc - ok
15:40:49.0901 5836 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
15:40:49.0919 5836 HpSAMD - ok
15:40:49.0972 5836 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
15:40:49.0975 5836 HTTP - ok
15:40:49.0994 5836 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
15:40:49.0995 5836 hwpolicy - ok
15:40:50.0047 5836 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
15:40:50.0069 5836 i8042prt - ok
15:40:50.0237 5836 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
15:40:50.0250 5836 iaStorV - ok
15:40:50.0632 5836 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:40:50.0684 5836 idsvc - ok
15:40:51.0666 5836 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
15:40:52.0017 5836 igfx - ok
15:40:52.0245 5836 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
15:40:52.0283 5836 iirsp - ok
15:40:52.0412 5836 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll
15:40:52.0419 5836 IKEEXT - ok
15:40:52.0895 5836 IntcAzAudAddService (94b1ff5d243d34b31380a2f79fc48959) C:\Windows\system32\drivers\RTKVHDA.sys
15:40:52.0918 5836 IntcAzAudAddService - ok
15:40:53.0710 5836 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
15:40:53.0711 5836 intelide - ok
15:40:53.0759 5836 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
15:40:53.0760 5836 intelppm - ok
15:40:53.0882 5836 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
15:40:53.0889 5836 IPBusEnum - ok
15:40:54.0060 5836 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:40:54.0088 5836 IpFilterDriver - ok
15:40:54.0140 5836 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) C:\Windows\System32\iphlpsvc.dll
15:40:54.0143 5836 iphlpsvc - ok
15:40:54.0197 5836 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:40:54.0212 5836 IPMIDRV - ok
15:40:54.0383 5836 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
15:40:54.0437 5836 IPNAT - ok
15:40:54.0571 5836 iPod Service (178fe38b7740f598391eb2f51ae4ccac) C:\Program Files\iPod\bin\iPodService.exe
15:40:54.0575 5836 iPod Service - ok
15:40:54.0599 5836 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
15:40:54.0606 5836 IRENUM - ok
15:40:54.0647 5836 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
15:40:54.0657 5836 isapnp - ok
15:40:54.0715 5836 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
15:40:54.0734 5836 iScsiPrt - ok
15:40:54.0762 5836 k57nd60x (7ea81534e80570bdf6ee4a4248bba4d6) C:\Windows\system32\DRIVERS\k57nd60x.sys
15:40:54.0763 5836 k57nd60x - ok
15:40:54.0796 5836 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:40:54.0805 5836 kbdclass - ok
15:40:54.0828 5836 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
15:40:54.0839 5836 kbdhid - ok
15:40:54.0892 5836 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
15:40:54.0893 5836 KeyIso - ok
15:40:54.0914 5836 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys
15:40:54.0915 5836 KSecDD - ok
15:40:55.0010 5836 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys
15:40:55.0012 5836 KSecPkg - ok
15:40:55.0138 5836 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
15:40:55.0156 5836 KtmRm - ok
15:40:55.0218 5836 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\Windows\System32\srvsvc.dll
15:40:55.0221 5836 LanmanServer - ok
15:40:55.0262 5836 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll
15:40:55.0265 5836 LanmanWorkstation - ok
15:40:55.0700 5836 Lavasoft Ad-Aware Service (93b3ef77866490c7daba054f6cbfcd51) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
15:40:55.0710 5836 Lavasoft Ad-Aware Service - ok
15:40:55.0935 5836 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
15:40:55.0945 5836 Lavasoft Kernexplorer - ok
15:40:56.0184 5836 Lbd (336abe8721cbc3110f1c6426da633417) C:\Windows\system32\DRIVERS\Lbd.sys
15:40:56.0185 5836 Lbd - ok
15:40:56.0224 5836 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
15:40:56.0224 5836 lltdio - ok
15:40:56.0272 5836 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
15:40:56.0295 5836 lltdsvc - ok
15:40:56.0314 5836 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
15:40:56.0316 5836 lmhosts - ok
15:40:56.0369 5836 LMIGuardianSvc - ok
15:40:56.0381 5836 LMIInfo - ok
15:40:56.0424 5836 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
15:40:56.0434 5836 lmimirr - ok
15:40:56.0466 5836 LMIRfsClientNP - ok
15:40:56.0485 5836 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
15:40:56.0485 5836 LMIRfsDriver - ok
15:40:56.0512 5836 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:40:56.0526 5836 LSI_FC - ok
15:40:56.0588 5836 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:40:56.0599 5836 LSI_SAS - ok
15:40:56.0612 5836 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:40:56.0621 5836 LSI_SAS2 - ok
15:40:56.0634 5836 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:40:56.0651 5836 LSI_SCSI - ok
15:40:56.0661 5836 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
15:40:56.0662 5836 luafv - ok
15:40:56.0754 5836 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files\Common Files\Motive\McciCMService.exe
15:40:56.0757 5836 McciCMService - ok
15:40:56.0805 5836 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
15:40:56.0824 5836 mcdbus - ok
15:40:56.0861 5836 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
15:40:56.0883 5836 Mcx2Svc - ok
15:40:56.0905 5836 mdmxsdk (1968508adb20192a03a30c25f16db506) C:\Windows\system32\DRIVERS\ACFSDK32.sys
15:40:56.0906 5836 mdmxsdk - ok
15:40:56.0985 5836 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
15:40:56.0994 5836 megasas - ok
15:40:57.0035 5836 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
15:40:57.0047 5836 MegaSR - ok
15:40:57.0136 5836 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
15:40:57.0146 5836 Microsoft Office Groove Audit Service - ok
15:40:57.0206 5836 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:40:57.0207 5836 MMCSS - ok
15:40:57.0219 5836 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
15:40:57.0220 5836 Modem - ok
15:40:57.0255 5836 MODEMCSA (25483f9d590d5f00bd951e1181453ec2) C:\Windows\system32\drivers\MODEMCSA.sys
15:40:57.0263 5836 MODEMCSA - ok
15:40:57.0287 5836 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
15:40:57.0288 5836 monitor - ok
15:40:57.0312 5836 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
15:40:57.0321 5836 mouclass - ok
15:40:57.0357 5836 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
15:40:57.0366 5836 mouhid - ok
15:40:57.0376 5836 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
15:40:57.0377 5836 mountmgr - ok
15:40:57.0413 5836 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
15:40:57.0423 5836 mpio - ok
15:40:57.0444 5836 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
15:40:57.0445 5836 mpsdrv - ok
15:40:57.0547 5836 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) C:\Windows\system32\mpssvc.dll
15:40:57.0551 5836 MpsSvc - ok
15:40:57.0667 5836 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
15:40:57.0676 5836 MREMP50 - ok
15:40:57.0678 5836 MREMPR5 - ok
15:40:57.0681 5836 MRENDIS5 - ok
15:40:57.0738 5836 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
15:40:57.0748 5836 MRESP50 - ok
15:40:57.0815 5836 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
15:40:57.0825 5836 MRxDAV - ok
15:40:57.0948 5836 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:40:57.0949 5836 mrxsmb - ok
15:40:57.0986 5836 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:40:57.0987 5836 mrxsmb10 - ok
15:40:58.0020 5836 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:40:58.0021 5836 mrxsmb20 - ok
15:40:58.0091 5836 msahci (cb5d37e91135b0f15cee64d1f1ba5de5) C:\Windows\system32\DRIVERS\msahci.sys
15:40:58.0110 5836 msahci - ok
15:40:58.0140 5836 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
15:40:58.0154 5836 msdsm - ok
15:40:58.0519 5836 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
15:40:58.0533 5836 MSDTC - ok
15:40:58.0574 5836 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
15:40:58.0602 5836 Msfs - ok
15:40:58.0621 5836 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
15:40:58.0629 5836 mshidkmdf - ok
15:40:58.0669 5836 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
15:40:58.0669 5836 msisadrv - ok
15:40:58.0777 5836 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
15:40:58.0787 5836 MSiSCSI - ok
15:40:58.0789 5836 msiserver - ok
15:40:58.0813 5836 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
15:40:58.0822 5836 MSKSSRV - ok
15:40:58.0833 5836 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
15:40:58.0842 5836 MSPCLOCK - ok
15:40:58.0845 5836 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
15:40:58.0854 5836 MSPQM - ok
15:40:58.0884 5836 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
15:40:58.0885 5836 MsRPC - ok
15:40:58.0908 5836 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
15:40:58.0909 5836 mssmbios - ok
15:40:58.0917 5836 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
15:40:58.0926 5836 MSTEE - ok
15:40:58.0936 5836 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
15:40:58.0945 5836 MTConfig - ok
15:40:58.0952 5836 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
15:40:58.0953 5836 Mup - ok
15:40:59.0003 5836 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll
15:40:59.0008 5836 napagent - ok
15:40:59.0068 5836 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
15:40:59.0085 5836 NativeWifiP - ok
15:40:59.0154 5836 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
15:40:59.0157 5836 NDIS - ok
15:40:59.0188 5836 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
15:40:59.0196 5836 NdisCap - ok
15:40:59.0223 5836 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
15:40:59.0232 5836 NdisTapi - ok
15:40:59.0246 5836 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
15:40:59.0255 5836 Ndisuio - ok
15:40:59.0272 5836 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
15:40:59.0282 5836 NdisWan - ok
15:40:59.0295 5836 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
15:40:59.0304 5836 NDProxy - ok
15:40:59.0346 5836 Net Driver HPZ12 (69c503c004f49aee8b8e3067cc047ba7) C:\Windows\system32\HPZinw12.dll
15:40:59.0347 5836 Net Driver HPZ12 - ok
15:40:59.0364 5836 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
15:40:59.0373 5836 NetBIOS - ok
15:40:59.0476 5836 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
15:40:59.0485 5836 NetBT - ok
15:40:59.0528 5836 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
15:40:59.0530 5836 Netlogon - ok
15:40:59.0715 5836 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
15:40:59.0718 5836 Netman - ok
15:40:59.0815 5836 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
15:40:59.0819 5836 netprofm - ok
15:41:00.0030 5836 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:41:00.0042 5836 NetTcpPortSharing - ok
15:41:00.0100 5836 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
15:41:00.0110 5836 nfrd960 - ok
15:41:00.0133 5836 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll
15:41:00.0136 5836 NlaSvc - ok
15:41:00.0160 5836 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
15:41:00.0168 5836 Npfs - ok
15:41:00.0177 5836 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
15:41:00.0179 5836 nsi - ok
15:41:00.0230 5836 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
15:41:00.0237 5836 nsiproxy - ok
15:41:00.0634 5836 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
15:41:00.0640 5836 Ntfs - ok
15:41:00.0681 5836 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
15:41:00.0691 5836 Null - ok
15:41:00.0733 5836 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
15:41:00.0755 5836 nvraid - ok
15:41:00.0779 5836 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
15:41:00.0791 5836 nvstor - ok
15:41:00.0808 5836 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
15:41:00.0819 5836 nv_agp - ok
15:41:00.0937 5836 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:41:00.0989 5836 odserv - ok
15:41:01.0000 5836 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
15:41:01.0011 5836 ohci1394 - ok
15:41:01.0048 5836 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:41:01.0069 5836 ose - ok
15:41:01.0127 5836 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:41:01.0130 5836 p2pimsvc - ok
15:41:01.0176 5836 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
15:41:01.0180 5836 p2psvc - ok
15:41:01.0194 5836 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
15:41:01.0195 5836 Parport - ok
15:41:01.0245 5836 partmgr (66d3415c159741ade7038a277efff99f) C:\Windows\system32\drivers\partmgr.sys
15:41:01.0246 5836 partmgr - ok
15:41:01.0269 5836 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
15:41:01.0278 5836 Parvdm - ok
15:41:01.0303 5836 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
15:41:01.0306 5836 PcaSvc - ok
15:41:01.0397 5836 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
15:41:01.0398 5836 pci - ok
15:41:01.0413 5836 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
15:41:01.0414 5836 pciide - ok
15:41:01.0467 5836 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
15:41:01.0485 5836 pcmcia - ok
15:41:01.0497 5836 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
15:41:01.0497 5836 pcw - ok
15:41:01.0555 5836 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
15:41:01.0558 5836 PEAUTH - ok
15:41:01.0797 5836 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
15:41:01.0833 5836 PeerDistSvc - ok
15:41:02.0133 5836 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll
15:41:02.0149 5836 pla - ok
15:41:02.0635 5836 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\Windows\system32\umpnpmgr.dll
15:41:02.0639 5836 PlugPlay - ok
15:41:02.0691 5836 Pml Driver HPZ12 (12b4549d515cb26bb8d375038017ca65) C:\Windows\system32\HPZipm12.dll
15:41:02.0693 5836 Pml Driver HPZ12 - ok
15:41:02.0739 5836 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
15:41:02.0747 5836 PNRPAutoReg - ok
15:41:02.0957 5836 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:41:02.0960 5836 PNRPsvc - ok
15:41:03.0301 5836 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll
15:41:03.0325 5836 PolicyAgent - ok
15:41:03.0388 5836 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll
15:41:03.0391 5836 Power - ok
15:41:03.0533 5836 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
15:41:03.0550 5836 PptpMiniport - ok
15:41:03.0591 5836 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
15:41:03.0599 5836 Processor - ok
15:41:03.0655 5836 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll
15:41:03.0658 5836 ProfSvc - ok
15:41:03.0749 5836 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
15:41:03.0751 5836 ProtectedStorage - ok
15:41:03.0833 5836 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
15:41:03.0836 5836 Psched - ok
15:41:04.0064 5836 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
15:41:04.0065 5836 PxHelp20 - ok
15:41:04.0255 5836 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
15:41:04.0296 5836 ql2300 - ok
15:41:06.0415 5836 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
15:41:06.0429 5836 ql40xx - ok
15:41:06.0465 5836 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
15:41:06.0477 5836 QWAVE - ok
15:41:06.0626 5836 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
15:41:06.0634 5836 QWAVEdrv - ok
15:41:06.0719 5836 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
15:41:06.0737 5836 RasAcd - ok
15:41:06.0884 5836 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:41:06.0909 5836 RasAgileVpn - ok
15:41:06.0964 5836 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
15:41:06.0975 5836 RasAuto - ok
15:41:06.0990 5836 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:41:06.0999 5836 Rasl2tp - ok
15:41:07.0027 5836 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll
15:41:07.0030 5836 RasMan - ok
15:41:07.0061 5836 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
15:41:07.0070 5836 RasPppoe - ok
15:41:07.0086 5836 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
15:41:07.0097 5836 RasSstp - ok
15:41:07.0135 5836 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
15:41:07.0147 5836 rdbss - ok
15:41:07.0166 5836 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
15:41:07.0175 5836 rdpbus - ok
15:41:07.0191 5836 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:41:07.0193 5836 RDPCDD - ok
15:41:07.0242 5836 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
15:41:07.0264 5836 RDPDR - ok
15:41:07.0283 5836 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
15:41:07.0291 5836 RDPENCDD - ok
15:41:07.0309 5836 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
15:41:07.0316 5836 RDPREFMP - ok
15:41:07.0367 5836 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) C:\Windows\system32\drivers\RDPWD.sys
15:41:07.0388 5836 RDPWD - ok
15:41:07.0415 5836 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
15:41:07.0417 5836 rdyboost - ok
15:41:07.0448 5836 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
15:41:07.0460 5836 RemoteAccess - ok
15:41:07.0500 5836 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
15:41:07.0511 5836 RemoteRegistry - ok
15:41:07.0564 5836 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
15:41:07.0566 5836 RpcEptMapper - ok
15:41:07.0598 5836 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
15:41:07.0606 5836 RpcLocator - ok
15:41:07.0629 5836 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
15:41:07.0633 5836 RpcSs - ok
15:41:07.0728 5836 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
15:41:07.0729 5836 rspndr - ok
15:41:07.0762 5836 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
15:41:07.0781 5836 s3cap - ok
15:41:07.0807 5836 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
15:41:07.0808 5836 SamSs - ok
15:41:07.0832 5836 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
15:41:07.0847 5836 sbp2port - ok
15:41:07.0918 5836 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
15:41:07.0927 5836 SCardSvr - ok
15:41:07.0936 5836 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
15:41:07.0947 5836 scfilter - ok
15:41:08.0046 5836 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\Windows\system32\schedsvc.dll
15:41:08.0051 5836 Schedule - ok
15:41:08.0142 5836 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
15:41:08.0143 5836 SCPolicySvc - ok
15:41:08.0187 5836 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll
15:41:08.0197 5836 SDRSVC - ok
15:41:09.0005 5836 SeaPort (d358e077a0a05d9b12da22d137ee8464) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:41:09.0007 5836 SeaPort - ok
15:41:09.0050 5836 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:41:09.0051 5836 secdrv - ok
15:41:09.0134 5836 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
15:41:09.0136 5836 seclogon - ok
15:41:09.0187 5836 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
15:41:09.0189 5836 SENS - ok
15:41:09.0230 5836 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
15:41:09.0243 5836 SensrSvc - ok
15:41:09.0258 5836 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
15:41:09.0266 5836 Serenum - ok
15:41:09.0316 5836 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
15:41:09.0325 5836 Serial - ok
15:41:09.0384 5836 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
15:41:09.0395 5836 sermouse - ok
15:41:09.0715 5836 ServicepointService (b041aae7a14a0db47583f9c866b8b2ea) C:\Program Files\Verizon\VSP\ServicepointService.exe
15:41:09.0719 5836 ServicepointService - ok
15:41:09.0780 5836 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll
15:41:09.0792 5836 SessionEnv - ok
15:41:09.0841 5836 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
15:41:09.0851 5836 sffdisk - ok
15:41:09.0876 5836 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:41:09.0885 5836 sffp_mmc - ok
15:41:09.0920 5836 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
15:41:09.0929 5836 sffp_sd - ok
15:41:09.0936 5836 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
15:41:09.0946 5836 sfloppy - ok
15:41:09.0995 5836 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
15:41:10.0000 5836 SharedAccess - ok
15:41:10.0199 5836 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll
15:41:10.0208 5836 ShellHWDetection - ok
15:41:10.0260 5836 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
15:41:10.0274 5836 sisagp - ok
15:41:10.0317 5836 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:41:10.0328 5836 SiSRaid2 - ok
15:41:10.0630 5836 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
15:41:10.0641 5836 SiSRaid4 - ok
15:41:10.0690 5836 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
15:41:10.0704 5836 Smb - ok
15:41:10.0746 5836 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
15:41:10.0748 5836 SNMPTRAP - ok
15:41:10.0771 5836 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
15:41:10.0772 5836 spldr - ok
15:41:10.0803 5836 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\Windows\System32\spoolsv.exe
15:41:10.0806 5836 Spooler - ok
15:41:12.0104 5836 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe
15:41:12.0176 5836 sppsvc - ok
15:41:12.0274 5836 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll
15:41:12.0329 5836 sppuinotify - ok
15:41:12.0533 5836 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
15:41:12.0536 5836 srv - ok
15:41:12.0563 5836 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
15:41:12.0566 5836 srv2 - ok
15:41:12.0585 5836 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
15:41:12.0586 5836 srvnet - ok
15:41:12.0601 5836 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
15:41:12.0605 5836 SSDPSRV - ok
15:41:12.0620 5836 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
15:41:12.0623 5836 SstpSvc - ok
15:41:12.0666 5836 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
15:41:12.0678 5836 stexstor - ok
15:41:12.0723 5836 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll
15:41:12.0727 5836 StiSvc - ok
15:41:12.0821 5836 stllssvr (e476c66713c842f58e61a95826ed1d57) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
15:41:12.0830 5836 stllssvr - ok
15:41:12.0886 5836 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
15:41:12.0887 5836 storflt - ok
15:41:12.0921 5836 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
15:41:12.0930 5836 StorSvc - ok
15:41:12.0959 5836 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
15:41:12.0968 5836 storvsc - ok
15:41:12.0976 5836 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
15:41:12.0986 5836 swenum - ok
15:41:13.0028 5836 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
15:41:13.0037 5836 swprv - ok
15:41:13.0995 5836 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll
15:41:14.0004 5836 SysMain - ok
15:41:14.0126 5836 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll
15:41:14.0138 5836 TabletInputService - ok
15:41:14.0211 5836 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll
15:41:14.0214 5836 TapiSrv - ok
15:41:14.0279 5836 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
15:41:14.0291 5836 TBS - ok
15:41:14.0924 5836 Tcpip (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\drivers\tcpip.sys
15:41:14.0930 5836 Tcpip - ok
15:41:14.0971 5836 TCPIP6 (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\DRIVERS\tcpip.sys
15:41:14.0977 5836 TCPIP6 - ok
15:41:15.0072 5836 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
15:41:15.0073 5836 tcpipreg - ok
15:41:15.0120 5836 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
15:41:15.0149 5836 TDPIPE - ok
15:41:15.0189 5836 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\Windows\system32\drivers\tdtcp.sys
15:41:15.0222 5836 TDTCP - ok
15:41:15.0428 5836 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
15:41:15.0437 5836 tdx - ok
15:41:17.0228 5836 TeamViewer6 (8a9828975a857e477efef5a61ba45ac0) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
15:41:17.0240 5836 TeamViewer6 - ok
15:41:18.0645 5836 TeamViewer7 (33966a658ff37e0c65d46e59f37e2380) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
15:41:18.0660 5836 TeamViewer7 - ok
15:41:18.0998 5836 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
15:41:19.0008 5836 TermDD - ok
15:41:19.0122 5836 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll
15:41:19.0134 5836 TermService - ok
15:41:19.0147 5836 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
15:41:19.0149 5836 Themes - ok
15:41:19.0225 5836 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:41:19.0227 5836 THREADORDER - ok
15:41:19.0305 5836 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
15:41:19.0307 5836 TrkWks - ok
15:41:19.0385 5836 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe
15:41:19.0394 5836 TrustedInstaller - ok
15:41:19.0405 5836 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:41:19.0413 5836 tssecsrv - ok
15:41:19.0467 5836 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
15:41:19.0491 5836 tunnel - ok
15:41:19.0537 5836 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
15:41:19.0546 5836 uagp35 - ok
15:41:19.0607 5836 udfs (eb0a7bd4d471ac3ce55564a4c55b9d8e) C:\Windows\system32\DRIVERS\udfs.sys
15:41:19.0624 5836 udfs - ok
15:41:19.0713 5836 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
15:41:19.0724 5836 UI0Detect - ok
15:41:19.0779 5836 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
15:41:19.0789 5836 uliagpkx - ok
15:41:19.0835 5836 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
15:41:19.0845 5836 umbus - ok
15:41:19.0871 5836 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
15:41:19.0878 5836 UmPass - ok
15:41:19.0915 5836 UmRdpService (8ecaca5454844f66386f7be4ae0d7cd1) C:\Windows\System32\umrdp.dll
15:41:19.0925 5836 UmRdpService - ok
15:41:19.0981 5836 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
15:41:19.0984 5836 upnphost - ok
15:41:20.0047 5836 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
15:41:20.0057 5836 USBAAPL - ok
15:41:20.0107 5836 usbccgp (5c233aefb566ee78c1efbc0493fb066a) C:\Windows\system32\DRIVERS\usbccgp.sys
15:41:20.0128 5836 usbccgp - ok
15:41:20.0259 5836 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
15:41:20.0277 5836 usbcir - ok
15:41:20.0303 5836 usbehci (5b71019a6aca0116fd21b368f19c0b91) C:\Windows\system32\drivers\usbehci.sys
15:41:20.0312 5836 usbehci - ok
15:41:20.0340 5836 usbhub (5823d3965c2a4f6f785ed1a3b403f3b8) C:\Windows\system32\DRIVERS\usbhub.sys
15:41:20.0358 5836 usbhub - ok
15:41:20.0389 5836 usbohci (e753ed6c49da13967ebabf9ea616454a) C:\Windows\system32\drivers\usbohci.sys
15:41:20.0397 5836 usbohci - ok
15:41:20.0418 5836 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
15:41:20.0427 5836 usbprint - ok
15:41:20.0463 5836 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
15:41:20.0472 5836 usbscan - ok
15:41:20.0520 5836 usbser (88701eca76145e2c011c0eeff0f7b70e) C:\Windows\system32\DRIVERS\usbser.sys
15:41:20.0537 5836 usbser - ok
15:41:20.0556 5836 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:41:20.0565 5836 USBSTOR - ok
15:41:20.0590 5836 usbuhci (6a30928a469ce802600e1ea8c0f2f53f) C:\Windows\system32\drivers\usbuhci.sys
15:41:20.0599 5836 usbuhci - ok
15:41:20.0648 5836 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
15:41:20.0650 5836 UxSms - ok
15:41:20.0705 5836 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
15:41:20.0706 5836 VaultSvc - ok
15:41:20.0754 5836 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
15:41:20.0755 5836 vdrvroot - ok
15:41:21.0189 5836 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe
15:41:21.0204 5836 vds - ok
15:41:21.0248 5836 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
15:41:21.0257 5836 vga - ok
15:41:21.0266 5836 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
15:41:21.0276 5836 VgaSave - ok
15:41:21.0294 5836 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
15:41:21.0307 5836 vhdmp - ok
15:41:21.0333 5836 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
15:41:21.0343 5836 viaagp - ok
15:41:21.0356 5836 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
15:41:21.0365 5836 ViaC7 - ok
15:41:21.0401 5836 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
15:41:21.0409 5836 viaide - ok
15:41:21.0559 5836 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
15:41:21.0571 5836 vmbus - ok
15:41:21.0586 5836 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
15:41:21.0595 5836 VMBusHID - ok
15:41:21.0609 5836 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
15:41:21.0610 5836 volmgr - ok
15:41:21.0637 5836 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
15:41:21.0639 5836 volmgrx - ok
15:41:21.0696 5836 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
15:41:21.0698 5836 volsnap - ok
15:41:21.0778 5836 vpcbus (33e74df34753fcaab06f6f2bdc8cabf5) C:\Windows\system32\DRIVERS\vpchbus.sys
15:41:21.0801 5836 vpcbus - ok
15:41:21.0847 5836 vpcnfltr (5f04362ceb5fb5901037e9d9eadd3760) C:\Windows\system32\DRIVERS\vpcnfltr.sys
15:41:21.0857 5836 vpcnfltr - ok
15:41:21.0888 5836 vpcusb (625088d6ee9ede977fd03cf18d1cd5c5) C:\Windows\system32\DRIVERS\vpcusb.sys
15:41:21.0897 5836 vpcusb - ok
15:41:21.0925 5836 vpcvmm (b21e23c100d6d5162b95cf6f05b4e035) C:\Windows\system32\drivers\vpcvmm.sys
15:41:21.0927 5836 vpcvmm - ok
15:41:21.0978 5836 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
15:41:21.0990 5836 vsmraid - ok
15:41:22.0084 5836 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe
15:41:22.0098 5836 VSS - ok
15:41:22.0146 5836 VSTHWBS2 (682fcf7d2eb5158cd30408e976562408) C:\Windows\system32\DRIVERS\VSTBS23.SYS
15:41:22.0164 5836 VSTHWBS2 - ok
15:41:22.0272 5836 VST_DPV (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
15:41:22.0302 5836 VST_DPV - ok
15:41:22.0379 5836 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
15:41:22.0388 5836 vwifibus - ok
15:41:22.0515 5836 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
15:41:22.0528 5836 W32Time - ok
15:41:22.0542 5836 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
15:41:22.0551 5836 WacomPen - ok
15:41:22.0585 5836 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
15:41:22.0594 5836 WANARP - ok
15:41:22.0597 5836 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
15:41:22.0598 5836 Wanarpv6 - ok
15:41:22.0768 5836 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
15:41:22.0920 5836 WatAdminSvc - ok
15:41:23.0120 5836 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe
15:41:23.0139 5836 wbengine - ok
15:41:23.0171 5836 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
15:41:23.0183 5836 WbioSrvc - ok
15:41:23.0261 5836 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) C:\Windows\System32\wcncsvc.dll
15:41:23.0264 5836 wcncsvc - ok
15:41:23.0314 5836 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
15:41:23.0325 5836 WcsPlugInService - ok
15:41:23.0402 5836 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
15:41:23.0416 5836 Wd - ok
15:41:23.0496 5836 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
15:41:23.0498 5836 Wdf01000 - ok
15:41:23.0528 5836 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:41:23.0531 5836 WdiServiceHost - ok
15:41:23.0538 5836 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:41:23.0540 5836 WdiSystemHost - ok
15:41:23.0595 5836 WebClient (bb5ec38f8d4600119b4720bc5d4211f1) C:\Windows\System32\webclnt.dll
15:41:23.0603 5836 WebClient - ok
15:41:23.0637 5836 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
15:41:23.0645 5836 Wecsvc - ok
15:41:23.0661 5836 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
15:41:23.0672 5836 wercplsupport - ok
15:41:23.0757 5836 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
15:41:23.0768 5836 WerSvc - ok
15:41:23.0877 5836 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
15:41:23.0888 5836 WfpLwf - ok
15:41:23.0896 5836 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
15:41:23.0905 5836 WIMMount - ok
15:41:24.0004 5836 winachsf (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
15:41:24.0042 5836 winachsf - ok
15:41:24.0210 5836 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
15:41:24.0289 5836 WinDefend - ok
15:41:24.0294 5836 WinHttpAutoProxySvc - ok
15:41:24.0527 5836 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
15:41:24.0529 5836 Winmgmt - ok
15:41:25.0475 5836 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll
15:41:25.0493 5836 WinRM - ok
15:41:25.0570 5836 WinUsb (b5ba3cc19d00f2eba92f1cfbebb5d650) C:\Windows\system32\DRIVERS\WinUsb.sys
15:41:25.0580 5836 WinUsb - ok
15:41:25.0719 5836 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
15:41:25.0734 5836 Wlansvc - ok
15:41:25.0779 5836 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:41:25.0788 5836 WmiAcpi - ok
15:41:25.0994 5836 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
15:41:26.0004 5836 wmiApSrv - ok
15:41:26.0197 5836 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:41:26.0203 5836 WMPNetworkSvc - ok
15:41:26.0240 5836 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
15:41:26.0248 5836 WPCSvc - ok
15:41:26.0352 5836 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
15:41:26.0354 5836 WPDBusEnum - ok
15:41:26.0445 5836 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
15:41:26.0456 5836 ws2ifsl - ok
15:41:26.0506 5836 wscsvc (a661a76333057b383a06e65f0073222f) C:\Windows\system32\wscsvc.dll
15:41:26.0514 5836 wscsvc - ok
15:41:26.0519 5836 WSearch - ok
15:41:26.0691 5836 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\Windows\system32\wuaueng.dll
15:41:26.0713 5836 wuauserv - ok
15:41:26.0933 5836 WudfPf (a52494b107afc92ddca21f0b64f83376) C:\Windows\system32\drivers\WudfPf.sys
15:41:26.0934 5836 WudfPf - ok
15:41:26.0955 5836 WUDFRd (90a541c607da0025ae75f0f3673945fe) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:41:26.0956 5836 WUDFRd - ok
15:41:26.0978 5836 wudfsvc (f1fcb56102a8373ed86b6ff08fb17d67) C:\Windows\System32\WUDFSvc.dll
15:41:26.0981 5836 wudfsvc - ok
15:41:27.0136 5836 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
15:41:27.0147 5836 WwanSvc - ok
15:41:27.0199 5836 XAudio (048aa60367cb26067f2742e7fb3cbc6f) C:\Windows\system32\DRIVERS\ACFXAU32.sys
15:41:27.0200 5836 XAudio - ok
15:41:27.0218 5836 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
15:41:27.0675 5836 \Device\Harddisk0\DR0 - ok
15:41:27.0681 5836 MBR (0x1B8) (18d6f762f534d30bf7a39d54f0833846) \Device\Harddisk2\DR2
15:41:33.0680 5836 \Device\Harddisk2\DR2 - ok
15:41:33.0690 5836 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
15:41:33.0693 5836 \Device\Harddisk3\DR3 - ok
15:41:33.0721 5836 Boot (0x1200) (efb80a5d35a031112ec204d9dc01354e) \Device\Harddisk0\DR0\Partition0
15:41:33.0743 5836 \Device\Harddisk0\DR0\Partition0 - ok
15:41:33.0764 5836 Boot (0x1200) (1e48c93a74ad05b7d3fcb13a35e37801) \Device\Harddisk0\DR0\Partition1
15:41:33.0795 5836 \Device\Harddisk0\DR0\Partition1 - ok
15:41:33.0803 5836 Boot (0x1200) (9790e2f404a8b8670eb8ccd584a98748) \Device\Harddisk3\DR3\Partition0
15:41:33.0805 5836 \Device\Harddisk3\DR3\Partition0 - ok
15:41:33.0809 5836 ============================================================
15:41:33.0809 5836 Scan finished
15:41:33.0809 5836 ============================================================
15:41:33.0819 5600 Detected object count: 0
15:41:33.0819 5600 Actual detected object count: 0









MiniToolBox

MiniToolBox by Farbar Version: 18-01-2012
Ran by Pharmacy (administrator) on 17-05-2012 at 15:37:31
Microsoft Windows 7 Professional (X86)
Boot Mode: Nerwork
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Loopback Pseudo-Interface 1" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Ph2
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : westell.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-26-2D-D1-63-84
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::35:c57f:9d29:1f11%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.28(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, May 17, 2012 3:28:17 PM
Lease Expires . . . . . . . . . . : Friday, May 18, 2012 3:28:16 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234890797
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-7A-B3-C6-00-26-2D-D1-63-84
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.westell.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.228.102
74.125.228.105
74.125.228.101
74.125.228.104
74.125.228.99
74.125.228.97
74.125.228.103
74.125.228.100
74.125.228.110
74.125.228.96
74.125.228.98


Pinging google.com [74.125.228.98] with 32 bytes of data:
Reply from 74.125.228.98: bytes=32 time=35ms TTL=55
Reply from 74.125.228.98: bytes=32 time=37ms TTL=55

Ping statistics for 74.125.228.98:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 35ms, Maximum = 37ms, Average = 36ms
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=77ms TTL=56
Reply from 209.191.122.70: bytes=32 time=77ms TTL=56

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 77ms, Maximum = 77ms, Average = 77ms
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 26 2d d1 63 84 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.28 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.28 276
192.168.1.28 255.255.255.255 On-link 192.168.1.28 276
192.168.1.255 255.255.255.255 On-link 192.168.1.28 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.28 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.28 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::35:c57f:9d29:1f11/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/17/2012 02:22:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: Phw.exe, version: 0.0.0.0, time stamp: 0x4f0b7936
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16850, time stamp: 0x4e21132b
Exception code: 0xe053534f
Fault offset: 0x00009673
Faulting process id: 0x%9
Faulting application start time: 0xPhw.exe0
Faulting application path: Phw.exe1
Faulting module path: Phw.exe2
Report Id: Phw.exe3

Error: (05/17/2012 11:27:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (05/17/2012 11:26:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/16/2012 04:26:54 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(58:1f:aa:42:6a:fd@fe80::5a1f:aaff:fe42:6afd._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (05/16/2012 03:59:26 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(58:1f:aa:42:6a:fd@fe80::5a1f:aaff:fe42:6afd._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (05/16/2012 00:55:56 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(58:1f:aa:42:6a:fd@fe80::5a1f:aaff:fe42:6afd._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (05/16/2012 10:41:44 AM) (Source: Application Error) (User: )
Description: Faulting application name: conhost.exe, version: 6.1.7600.16850, time stamp: 0x4e20f8e6
Faulting module name: conhost.exe, version: 6.1.7600.16850, time stamp: 0x4e20f8e6
Exception code: 0xc0000409
Fault offset: 0x00015daa
Faulting process id: 0x1260
Faulting application start time: 0xconhost.exe0
Faulting application path: conhost.exe1
Faulting module path: conhost.exe2
Report Id: conhost.exe3

Error: (05/16/2012 10:41:43 AM) (Source: Application Error) (User: )
Description: Faulting application name: conhost.exe, version: 6.1.7600.16850, time stamp: 0x4e20f8e6
Faulting module name: conhost.exe, version: 6.1.7600.16850, time stamp: 0x4e20f8e6
Exception code: 0xc0000409
Fault offset: 0x00015daa
Faulting process id: 0x1160
Faulting application start time: 0xconhost.exe0
Faulting application path: conhost.exe1
Faulting module path: conhost.exe2
Report Id: conhost.exe3

Error: (05/15/2012 10:07:21 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (05/15/2012 10:06:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (05/17/2012 03:35:47 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (05/17/2012 03:34:29 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}

Error: (05/17/2012 03:34:29 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (05/17/2012 03:29:01 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (05/17/2012 03:28:59 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (05/17/2012 03:28:59 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (05/17/2012 03:28:59 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (05/17/2012 03:29:00 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (05/17/2012 03:29:00 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (05/17/2012 03:28:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (05/08/2012 01:18:46 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/23/2011 06:20:48 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 29 seconds with 0 seconds of active time. This session ended with a crash.

Error: (07/24/2010 00:23:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 162 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/30/2010 09:46:44 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 987 seconds with 720 seconds of active time. This session ended with a crash.

Error: (06/22/2010 03:37:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/22/2010 03:37:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1353 seconds with 960 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

µTorrent (Version: 2.0.4)
32 Bit HP CIO Components Installer (Version: 4.1.1)
4Videosoft MKV Video Converter
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Ad-Aware (Version: 9.5.0)
Ad-Aware (Version: 9.6.0)
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
AVG 2012 (Version: 12.0.2176)
AVG 2012 (Version: 12.0.2425)
AVG 2012 (Version: 2012.0.2176)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit NetLink Controller (Version: 12.33.02)
Broadcom Management Programs (Version: 12.35.01)
Combined Community Codec Pack 2009-09-09 (Version: 2009.09.09.0)
Core FTP LE 2.1
Crystal Reports for .NET Framework 2.0 (x86) (Version: 10.2.0)
CustomerResearchQFolder (Version: 1.00.0000)
CutePDF Writer 2.8
Dell Backup and Recovery Manager (Version: 1.2.3)
Dell Edoc Viewer (Version: 1.0.0)
DeviceDiscovery (Version: 90.0.146.000)
DeviceManagementQFolder (Version: 1.00.0000)
FileZilla Server (remove only)
Free File Viewer 2010
Free Mp3 Wma Ogg Converter 7.1.2
Google Chrome (Version: 19.0.1084.46)
GoToMeeting 4.5.0.457
HP Customer Participation Program 9.0 (Version: 9.0)
HP LaserJet M2727 MFP Series 5.2 (Version: 5.2)
HP Update (Version: 5.002.006.003)
hppFaxDrvM2727 (Version: 003.100.00001)
hppFaxUtility (Version: 001.001.00017)
hppFonts (Version: 001.001.00056)
hppLaserJetService (Version: 001.200.00001)
hppLJM2727 (Version: 000.102.00101)
hppManualsM2727 (Version: 000.002.00001)
hppScanTo (Version: 003.103.00004)
hppSendFaxM2727 (Version: 003.000.00001)
hppTLBXFXM2727 (Version: 001.005.00009)
hppusgM2727 (Version: 000.000.00006)
HPSSupply (Version: 2.2.0.0000)
hpzTLBXFX (Version: 005.009.00181)
iCloud (Version: 1.0.2.17)
ieSpell (Version: 2.6.4 (build 573))
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1995)
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
Junk Mail filter update (Version: 14.0.8089.726)
Magic ISO Maker v5.5 (build 0281)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MarketResearch (Version: 90.0.146.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Search Enhancement Pack (Version: 1.2.123.0)
Microsoft Silverlight (Version: 4.0.60129.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft XML Parser (Version: 8.70.1104.04)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
MobileMe Control Panel (Version: 3.1.8.0)
MSVCRT (Version: 14.0.1468.721)
Music Manager
Octoshape add-in for Adobe Flash Player
PowerDVD DX (Version: 8.3.6029)
PrimeRxWinSetup (Version: 1.0.0)
Product_Min_QFolder (Version: 1.00.0000)
QuickTime (Version: 7.69.80.9)
Realtek High Definition Audio Driver (Version: 6.0.1.5936)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE 10.3 (Version: 10.3)
Roxio Creator DE 10.3 (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio Update Manager (Version: 6.0.0)
Safari (Version: 5.33.16.0)
Spybot - Search & Destroy (Version: 1.6.2)
StreamTorrent 1.0
TeamViewer 6 (Version: 6.0.10722)
TeamViewer 7 (Version: 7.0.12313)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
USB ACF Modem (Version: 2.0.21.50)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Verizon Help and Support Tool
Verizon Servicepoint 3.7.44 (Version: 3.7.44)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 1.1.11 (Version: 1.1.11)
vShare Plugin
Vuze (Version: 4.6)
WebReg (Version: 90.0.146.000)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 17%
Total physical RAM: 3036.8 MB
Available physical RAM: 2495.19 MB
Total Pagefile: 6071.89 MB
Available Pagefile: 5622.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1940.71 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:134.32 GB) (Free:94.12 GB) NTFS
4 Drive f: (OS) (Network) (Total:134.32 GB) (Free:95.09 GB) NTFS
5 Drive g: (OCZ RALLY2) (Removable) (Total:15.04 GB) (Free:15.01 GB) FAT32
7 Drive i: (Elements) (Fixed) (Total:931.51 GB) (Free:525.25 GB) NTFS

========================= Users: ========================================

User accounts for \\PH2

Administrator ASPNET Equalcare3A
Guest MMS Pharmacy


**** End of log ****

BC AdBot (Login to Remove)

 


#2 gaber228

gaber228
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 17 May 2012 - 02:51 PM

I forgot to mention that I followed the steps in this topic as described by user "boopme"

#3 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:54 AM

Posted 17 May 2012 - 07:25 PM

Welcome aboard Posted Image

Which browser is getting redirected?

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#4 gaber228

gaber228
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 18 May 2012 - 09:27 AM

Thanks for taking the time to look into my issue Broni. I primarily use google chrome and that is where I noticed the issue. I tried internet explorer after you asked about the browsers and after a few searches, IE does not seem to be affected.


Results of screen317's Security Check version 0.99.24
Windows 7 x86 (UAC is disabled!)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
AVG 2012
Microsoft Security Essentials
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Ad-Aware
Spybot - Search & Destroy
Java™ 6 Update 30
Out of date Java installed!
Adobe Reader X (10.1.3)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
Microsoft Security Essentials msseces.exe
``````````End of Log````````````



Farbar Service Scanner Version: 17-05-2012
Ran by Pharmacy (administrator) on 18-05-2012 at 09:27:30
Running from "C:\Users\Pharmacy\Desktop"
Microsoft Windows 7 Professional (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-12 09:11] - [2012-03-30 06:29] - 1287024 ____A (Microsoft Corporation) 55E9965552741F3850CB22CBBA9671ED

C:\Windows\system32\dnsrslvr.dll
[2011-04-14 09:19] - [2011-03-03 01:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\Windows\system32\mpssvc.dll
[2009-07-13 19:53] - [2009-07-13 21:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\Windows\system32\bfe.dll
[2009-07-13 19:54] - [2009-07-13 21:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll
[2009-07-13 19:23] - [2009-07-13 21:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\Windows\system32\vssvc.exe
[2009-07-13 19:24] - [2009-07-13 21:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\Windows\system32\wscsvc.dll
[2011-02-09 13:25] - [2010-12-21 01:38] - 0073728 ____A (Microsoft Corporation) A661A76333057B383A06E65F0073222F

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll
[2009-07-13 20:15] - [2009-07-13 21:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

C:\Windows\system32\qmgr.dll
[2009-07-13 19:30] - [2009-07-13 21:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.18.04

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Pharmacy :: PH2 [administrator]

5/18/2012 9:56:13 AM
mbam-log-2012-05-18 (09-56-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 225569
Time elapsed: 6 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-18 10:08:59
-----------------------------
10:08:59.677 OS Version: Windows 6.1.7600
10:08:59.677 Number of processors: 2 586 0x170A
10:08:59.693 ComputerName: PH2 UserName:
10:09:00.660 Initialize success
10:10:25.156 AVAST engine defs: 12051800
10:11:44.231 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:11:44.233 Disk 0 Vendor: WDC_WD1600AAJS-75M0A0 02.03E02 Size: 152587MB BusType: 3
10:11:44.259 Disk 0 MBR read successfully
10:11:44.261 Disk 0 MBR scan
10:11:44.265 Disk 0 Windows VISTA default MBR code
10:11:44.267 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
10:11:44.287 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
10:11:44.321 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 137546 MB offset 30801920
10:11:44.334 Disk 0 scanning sectors +312497952
10:11:44.413 Disk 0 scanning C:\Windows\system32\drivers
10:11:58.387 Service scanning
10:12:11.394 Service MpKsla916e973 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A44949E4-471E-4809-B728-65F64ED6D74B}\MpKsla916e973.sys **LOCKED** 32
10:12:27.060 Modules scanning
10:12:32.208 Disk 0 trace - called modules:
10:12:32.208
10:12:32.870 AVAST engine scan C:\Windows
10:12:35.520 AVAST engine scan C:\Windows\system32
10:16:45.316 AVAST engine scan C:\Windows\system32\drivers
10:17:04.504 AVAST engine scan C:\Users\Pharmacy
10:24:24.586 AVAST engine scan C:\ProgramData
10:26:44.176 Scan finished successfully
10:27:13.632 Disk 0 MBR has been saved successfully to "C:\Users\Pharmacy\Desktop\MBR.dat"
10:27:13.632 The log file has been saved successfully to "C:\Users\Pharmacy\Desktop\aswMBR.txt"

#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:54 AM

Posted 18 May 2012 - 07:14 PM

I still need MiniToolbox log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 gaber228

gaber228
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 19 May 2012 - 08:24 AM

Sorry about that...here it is. I wasn't sure which checkbox's to check, so I just checked all of them.



MiniToolBox by Farbar Version: 18-01-2012
Ran by Pharmacy (administrator) on 19-05-2012 at 09:22:36
Microsoft Windows 7 Professional (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Loopback Pseudo-Interface 1" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Ph2
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : westell.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-26-2D-D1-63-84
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::35:c57f:9d29:1f11%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.28(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, May 19, 2012 9:02:42 AM
Lease Expires . . . . . . . . . . : Sunday, May 20, 2012 9:02:41 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234890797
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-7A-B3-C6-00-26-2D-D1-63-84
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.westell.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:854:15d3:b593:aab9(Preferred)
Link-local IPv6 Address . . . . . : fe80::854:15d3:b593:aab9%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.228.73
74.125.228.66
74.125.228.70
74.125.228.65
74.125.228.67
74.125.228.64
74.125.228.72
74.125.228.68
74.125.228.69
74.125.228.71
74.125.228.78


Pinging google.com [74.125.228.78] with 32 bytes of data:
Reply from 74.125.228.78: bytes=32 time=36ms TTL=55
Reply from 74.125.228.78: bytes=32 time=34ms TTL=55

Ping statistics for 74.125.228.78:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 34ms, Maximum = 36ms, Average = 35ms
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=85ms TTL=49
Reply from 98.139.183.24: bytes=32 time=117ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 85ms, Maximum = 117ms, Average = 101ms
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 26 2d d1 63 84 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.28 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.28 276
192.168.1.28 255.255.255.255 On-link 192.168.1.28 276
192.168.1.255 255.255.255.255 On-link 192.168.1.28 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.28 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.28 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:4137:9e76:854:15d3:b593:aab9/128
On-link
11 276 fe80::/64 On-link
15 306 fe80::/64 On-link
11 276 fe80::35:c57f:9d29:1f11/128
On-link
15 306 fe80::854:15d3:b593:aab9/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/17/2012 02:22:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: Phw.exe, version: 0.0.0.0, time stamp: 0x4f0b7936
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16850, time stamp: 0x4e21132b
Exception code: 0xe053534f
Fault offset: 0x00009673
Faulting process id: 0x%9
Faulting application start time: 0xPhw.exe0
Faulting application path: Phw.exe1
Faulting module path: Phw.exe2
Report Id: Phw.exe3

Error: (05/17/2012 11:27:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (05/17/2012 11:26:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/16/2012 04:26:54 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(58:1f:aa:42:6a:fd@fe80::5a1f:aaff:fe42:6afd._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (05/16/2012 03:59:26 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(58:1f:aa:42:6a:fd@fe80::5a1f:aaff:fe42:6afd._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (05/16/2012 00:55:56 PM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(58:1f:aa:42:6a:fd@fe80::5a1f:aaff:fe42:6afd._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (05/16/2012 10:41:44 AM) (Source: Application Error) (User: )
Description: Faulting application name: conhost.exe, version: 6.1.7600.16850, time stamp: 0x4e20f8e6
Faulting module name: conhost.exe, version: 6.1.7600.16850, time stamp: 0x4e20f8e6
Exception code: 0xc0000409
Fault offset: 0x00015daa
Faulting process id: 0x1260
Faulting application start time: 0xconhost.exe0
Faulting application path: conhost.exe1
Faulting module path: conhost.exe2
Report Id: conhost.exe3

Error: (05/16/2012 10:41:43 AM) (Source: Application Error) (User: )
Description: Faulting application name: conhost.exe, version: 6.1.7600.16850, time stamp: 0x4e20f8e6
Faulting module name: conhost.exe, version: 6.1.7600.16850, time stamp: 0x4e20f8e6
Exception code: 0xc0000409
Fault offset: 0x00015daa
Faulting process id: 0x1160
Faulting application start time: 0xconhost.exe0
Faulting application path: conhost.exe1
Faulting module path: conhost.exe2
Report Id: conhost.exe3

Error: (05/15/2012 10:07:21 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (05/15/2012 10:06:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (05/19/2012 09:14:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.127.273.0).

Error: (05/19/2012 09:14:09 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.127.171.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (05/19/2012 09:02:41 AM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3

Error: (05/19/2012 09:02:41 AM) (Source: Service Control Manager) (User: )
Description: The LMIGuardianSvc service failed to start due to the following error:
%%2

Error: (05/18/2012 09:21:33 AM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3

Error: (05/18/2012 09:21:33 AM) (Source: Service Control Manager) (User: )
Description: The LMIGuardianSvc service failed to start due to the following error:
%%2

Error: (05/18/2012 09:01:51 AM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3

Error: (05/18/2012 09:01:51 AM) (Source: Service Control Manager) (User: )
Description: The LMIGuardianSvc service failed to start due to the following error:
%%2

Error: (05/17/2012 04:27:14 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3

Error: (05/17/2012 04:27:14 PM) (Source: Service Control Manager) (User: )
Description: The LMIGuardianSvc service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (05/08/2012 01:18:46 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/23/2011 06:20:48 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 29 seconds with 0 seconds of active time. This session ended with a crash.

Error: (07/24/2010 00:23:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 162 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/30/2010 09:46:44 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 987 seconds with 720 seconds of active time. This session ended with a crash.

Error: (06/22/2010 03:37:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/22/2010 03:37:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1353 seconds with 960 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

µTorrent (Version: 2.0.4)
32 Bit HP CIO Components Installer (Version: 4.1.1)
4Videosoft MKV Video Converter
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Ad-Aware (Version: 9.5.0)
Ad-Aware (Version: 9.6.0)
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
AVG 2012 (Version: 12.0.2176)
AVG 2012 (Version: 12.0.2425)
AVG 2012 (Version: 2012.0.2176)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit NetLink Controller (Version: 12.33.02)
Broadcom Management Programs (Version: 12.35.01)
Combined Community Codec Pack 2009-09-09 (Version: 2009.09.09.0)
Core FTP LE 2.1
Crystal Reports for .NET Framework 2.0 (x86) (Version: 10.2.0)
CustomerResearchQFolder (Version: 1.00.0000)
CutePDF Writer 2.8
Dell Backup and Recovery Manager (Version: 1.2.3)
Dell Edoc Viewer (Version: 1.0.0)
DeviceDiscovery (Version: 90.0.146.000)
DeviceManagementQFolder (Version: 1.00.0000)
FileZilla Server (remove only)
Free File Viewer 2010
Free Mp3 Wma Ogg Converter 7.1.2
Google Chrome (Version: 19.0.1084.46)
GoToMeeting 4.5.0.457
HP Customer Participation Program 9.0 (Version: 9.0)
HP LaserJet M2727 MFP Series 5.2 (Version: 5.2)
HP Update (Version: 5.002.006.003)
hppFaxDrvM2727 (Version: 003.100.00001)
hppFaxUtility (Version: 001.001.00017)
hppFonts (Version: 001.001.00056)
hppLaserJetService (Version: 001.200.00001)
hppLJM2727 (Version: 000.102.00101)
hppManualsM2727 (Version: 000.002.00001)
hppScanTo (Version: 003.103.00004)
hppSendFaxM2727 (Version: 003.000.00001)
hppTLBXFXM2727 (Version: 001.005.00009)
hppusgM2727 (Version: 000.000.00006)
HPSSupply (Version: 2.2.0.0000)
hpzTLBXFX (Version: 005.009.00181)
iCloud (Version: 1.0.2.17)
ieSpell (Version: 2.6.4 (build 573))
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1995)
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
Junk Mail filter update (Version: 14.0.8089.726)
Magic ISO Maker v5.5 (build 0281)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MarketResearch (Version: 90.0.146.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Search Enhancement Pack (Version: 1.2.123.0)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.0.60129.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft XML Parser (Version: 8.70.1104.04)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
MobileMe Control Panel (Version: 3.1.8.0)
MSVCRT (Version: 14.0.1468.721)
Music Manager
Octoshape add-in for Adobe Flash Player
PowerDVD DX (Version: 8.3.6029)
PrimeRxWinSetup (Version: 1.0.0)
Product_Min_QFolder (Version: 1.00.0000)
QuickTime (Version: 7.69.80.9)
Realtek High Definition Audio Driver (Version: 6.0.1.5936)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE 10.3 (Version: 10.3)
Roxio Creator DE 10.3 (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio Update Manager (Version: 6.0.0)
Safari (Version: 5.33.16.0)
Spybot - Search & Destroy (Version: 1.6.2)
StreamTorrent 1.0
TeamViewer 6 (Version: 6.0.10722)
TeamViewer 7 (Version: 7.0.12313)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
USB ACF Modem (Version: 2.0.21.50)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Verizon Help and Support Tool
Verizon Servicepoint 3.7.44 (Version: 3.7.44)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 1.1.11 (Version: 1.1.11)
vShare Plugin
Vuze (Version: 4.6)
WebReg (Version: 90.0.146.000)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver

========================= Devices: ================================

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: Intel® N10/ICH7 Family USB Universal Host Controller - 27CA
Description: Intel® N10/ICH7 Family USB Universal Host Controller - 27CA
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: System speaker
Description: System speaker
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® G41 Express Chipset
Description: Intel® G41 Express Chipset
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: Performance Counters for Windows Driver
Description: Performance Counters for Windows Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pcw

Name: AVGIDSHX
Description: AVGIDSHX
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSHX

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: AVGIDSShim
Description: AVGIDSShim
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSShim

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv

Name: Broadcom NetLink ™ Gigabit Ethernet
Description: Broadcom NetLink ™ Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: k57nd60x

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx

Name: Intel® N10/ICH7 Family USB Universal Host Controller - 27CB
Description: Intel® N10/ICH7 Family USB Universal Host Controller - 27CB
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: ATA Channel 0
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: AVG AVI Loader Driver
Description: AVG AVI Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avgldx86

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Psched

Name: ATA Channel 1
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Virtual PC Network Filter Driver
Description: Virtual PC Network Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vpcnfltr

Name: U.S. Robotics 56K PCI Faxmodem
Description: U.S. Robotics 56K PCI Faxmodem
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Conexant
Service: Modem

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® N10/ICH7 Family USB2 Enhanced Host Controller - 27CC
Description: Intel® N10/ICH7 Family USB2 Enhanced Host Controller - 27CC
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: MagicISO SCSI Host Controller
Description: MagicISO SCSI Host Controller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: MagicISO, Inc.
Service: mcdbus

Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6

Name: Bitlocker Drive Encryption Filter Driver
Description: Bitlocker Drive Encryption Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fvevol

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Intel® Core™2 Duo CPU E7500 @ 2.93GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: AVG Free Network Redirector
Description: AVG Free Network Redirector
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AvgTdiX

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD

Name: Generic- Multi-Card USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: Intel® 82801 PCI Bridge - 244E
Description: Intel® 82801 PCI Bridge - 244E
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Intel® N10/ICH7 Family PCI Express Root Port - 27D0
Description: Intel® N10/ICH7 Family PCI Express Root Port - 27D0
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Microsoft Virtual Drive Enumerator Driver
Description: Microsoft Virtual Drive Enumerator Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: vdrvroot

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Hardware Policy Driver
Description: Hardware Policy Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hwpolicy

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: WFP Lightweight Filter
Description: WFP Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WfpLwf

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Reflector Display Driver used to gain access to graphics data
Description: Reflector Display Driver used to gain access to graphics data
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPREFMP

Name: msisadrv
Description: msisadrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv

Name: ACPI x86-based PC
Description: ACPI x86-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: USB Virtualization Connector Driver
Description: USB Virtualization Connector Driver
Class Guid: {aed279d9-7dd0-49ab-8024-4f65418531fb}
Manufacturer: (Standard system devices)
Service: vpcusb

Name: HP LJ M2727nf Scan
Description: HP LJ M2727nf Scan
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Hewlett-Packard
Service: usbscan

Name: intelide
Description: intelide
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: intelide

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr

Name: HP LaserJet M2727 MFP Series PCL 6
Description: HP LaserJet M2727 MFP Series PCL 6
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:

Name: File as Volume Driver
Description: File as Volume Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: blbdrive

Name: catchme
Description: catchme
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: catchme

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD

Name: Winsock IFS Driver
Description: Winsock IFS Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ws2ifsl

Name: Intel® ICH7 Family LPC Interface Controller - 27B8
Description: Intel® ICH7 Family LPC Interface Controller - 27B8
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv

Name: Intel® Core™2 Duo CPU E7500 @ 2.93GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Intel® N10/ICH7 Family PCI Express Root Port - 27D4
Description: Intel® N10/ICH7 Family PCI Express Root Port - 27D4
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv

Name: Virtual PC Host Bus Driver
Description: Virtual PC Host Bus Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vpcbus

Name: NativeWiFi Filter
Description: NativeWiFi Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NativeWifiP

Name: USB Printing Support
Description: USB Printing Support
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbprint

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI

Name: KSecPkg
Description: KSecPkg
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecPkg

Name: User Mode Driver Frameworks Platform Driver
Description: User Mode Driver Frameworks Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WudfPf

Name: MagicISO Virtual DVD-ROM0000
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: LogMeIn Mirror Driver
Description: LogMeIn Mirror Driver
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: lmimirr

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: HID Keyboard Device
Description: HID Keyboard Device
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: kbdhid

Name: Lavasoft helper driver
Description: Lavasoft helper driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Lavasoft Kernexplorer

Name: XAudio
Description: XAudio
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: XAudio

Name: CNG
Description: CNG
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CNG

Name: HP EWS M2727nf
Description: HP EWS M2727nf
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Hewlett-Packard
Service: HPFXBULK

Name: Intel® N10/ICH7 Family Serial ATA Storage Controller - 27C0
Description: Intel® N10/ICH7 Family Serial ATA Storage Controller - 27C0
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pciide

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Offline Files Driver
Description: Offline Files Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CSC

Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn

Name: TSSTcorp DVD+-RW TS-H653G ATA Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: HP LaserJet M2727nf MFP Fax
Description: HP LaserJet M2727nf MFP Fax
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Hewlett-Packard
Service: HPFXFAX

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® N10/ICH7 Family USB Universal Host Controller - 27C8
Description: Intel® N10/ICH7 Family USB Universal Host Controller - 27C8
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® N10/ICH7 Family SMBus Controller - 27DA
Description: Intel® N10/ICH7 Family SMBus Controller - 27DA
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Disk Virtual Machine Bus Acceleration Filter Driver
Description: Disk Virtual Machine Bus Acceleration Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: storflt

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: System Attribute Cache
Description: System Attribute Cache
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: discache

Name: Ancillary Function Driver for Winsock
Description: Ancillary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DXGKrnl

Name: WDC WD1600AAJS-75M0A0 ATA Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: AVGIDSDriver
Description: AVGIDSDriver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSDriver

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: Intel® N10/ICH7 Family USB Universal Host Controller - 27C9
Description: Intel® N10/ICH7 Family USB Universal Host Controller - 27C9
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Intel® 4 Series Chipset Processor to I/O Controller - 2E30
Description: Intel® 4 Series Chipset Processor to I/O Controller - 2E30
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: NSI proxy service driver.
Description: NSI proxy service driver.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx

Name: WD Ext HDD 1021 USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService

Name: Communications Port (COM1)
Description: Communications Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard port types)
Service: Serial

Name: E:\
Description: Multi-Card
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: AVGIDSFilter
Description: AVGIDSFilter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSFilter

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR


========================= Memory info: ===================================

Percentage of memory in use: 48%
Total physical RAM: 3036.8 MB
Available physical RAM: 1554.93 MB
Total Pagefile: 6071.89 MB
Available Pagefile: 4300.78 MB
Total Virtual: 2047.88 MB
Available Virtual: 1933.57 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:134.32 GB) (Free:94.89 GB) NTFS
4 Drive f: (OS) (Network) (Total:134.32 GB) (Free:96 GB) NTFS
6 Drive i: (Elements) (Fixed) (Total:931.51 GB) (Free:525.25 GB) NTFS

========================= Users: ========================================

User accounts for \\PH2

Administrator ASPNET Equalcare3A
Guest MMS Pharmacy

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:54 AM

Posted 19 May 2012 - 10:49 AM

So far I don't see much.

Which browser is being redirected?

Download Bootkit Remover to your desktop.

  • Unzip downloaded file to your Desktop.
  • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
  • It will show a Black screen with some data on it.
  • Right click on the screen and click Select All.
  • Press CTRL+C
  • Open a Notepad and press CTRL+V
  • Post the output back here.

=====================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#8 gaber228

gaber228
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 19 May 2012 - 02:16 PM

Google Chrome is the browser affected


Bootkit Remover
© 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows 7 (build 7600), 32-bit

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000003`ac000000
Boot sector MD5 is: fe5642739ba66ba18c128543669678a2

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Unknown boot code

Unknown boot code has been found on some of your physical disks.
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>


Done;
Press any key to quit...










GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-05-19 15:14:35
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD1600AAJS-75M0A0 rev.02.03E02
Running: b1gc390e.exe; Driver: C:\Users\Pharmacy\AppData\Local\Temp\fxldapow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeKey [0x9261C004]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeMultipleKeys [0x9261C0D4]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0x9261BD76]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0x9261BE1E]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0x9261BEBA]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0x9261BF56]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwRollbackTransaction + 13E9 82C60599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C85092 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 4A0 82C8CAF0 8 Bytes [04, C0, 61, 92, D4, C0, 61, ...] {ADD AL, 0xc0; POPA ; XCHG EDX, EAX; AAM 0xc0; POPA ; XCHG EDX, EAX}
.text ntkrnlpa.exe!RtlSidHashLookup + 4E8 82C8CB38 4 Bytes [76, BD, 61, 92] {JBE 0xffffffffffffffbf; POPA ; XCHG EDX, EAX}
.text ntkrnlpa.exe!RtlSidHashLookup + 7B8 82C8CE08 8 Bytes [1E, BE, 61, 92, BA, BE, 61, ...] {PUSH DS; MOV ESI, 0xbeba9261; POPA ; XCHG EDX, EAX}
.text ntkrnlpa.exe!RtlSidHashLookup + 82C 82C8CE7C 4 Bytes [56, BF, 61, 92]

---- User code sections - GMER 1.0.15 ----

.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtCreateFile + 6 773E46B6 4 Bytes [28, 00, 12, 00] {SUB [EAX], AL; ADC AL, [EAX]}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtCreateFile + B 773E46BB 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtMapViewOfSection + 6 773E4D16 1 Byte [28]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtMapViewOfSection + 6 773E4D16 4 Bytes [28, 03, 12, 00] {SUB [EBX], AL; ADC AL, [EAX]}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtMapViewOfSection + B 773E4D1B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtOpenFile + 6 773E4DC6 4 Bytes [68, 00, 12, 00]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtOpenFile + B 773E4DCB 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtOpenProcess + 6 773E4E76 4 Bytes [A8, 01, 12, 00] {TEST AL, 0x1; ADC AL, [EAX]}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtOpenProcess + B 773E4E7B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtOpenProcessToken + B 773E4E8B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtOpenProcessTokenEx + 6 773E4E96 4 Bytes [A8, 02, 12, 00] {TEST AL, 0x2; ADC AL, [EAX]}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtOpenProcessTokenEx + B 773E4E9B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtOpenThread + 6 773E4EF6 4 Bytes [68, 01, 12, 00]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtOpenThread + B 773E4EFB 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtOpenThreadToken + 6 773E4F06 4 Bytes [68, 02, 12, 00]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtOpenThreadToken + B 773E4F0B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtOpenThreadTokenEx + B 773E4F1B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtQueryAttributesFile + 6 773E5026 4 Bytes [A8, 00, 12, 00] {TEST AL, 0x0; ADC AL, [EAX]}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtQueryAttributesFile + B 773E502B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtQueryFullAttributesFile + B 773E50DB 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtSetInformationFile + 6 773E5726 4 Bytes [28, 01, 12, 00] {SUB [ECX], AL; ADC AL, [EAX]}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtSetInformationFile + B 773E572B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtSetInformationThread + 6 773E5786 4 Bytes [28, 02, 12, 00] {SUB [EDX], AL; ADC AL, [EAX]}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtSetInformationThread + B 773E578B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtUnmapViewOfSection + 6 773E5AA6 1 Byte [68]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtUnmapViewOfSection + 6 773E5AA6 4 Bytes [68, 03, 12, 00]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[1200] ntdll.dll!NtUnmapViewOfSection + B 773E5AAB 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtCreateFile + 6 773E46B6 4 Bytes [28, 00, 29, 00] {SUB [EAX], AL; SUB [EAX], EAX}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtCreateFile + B 773E46BB 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtMapViewOfSection + 6 773E4D16 1 Byte [28]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtMapViewOfSection + 6 773E4D16 4 Bytes [28, 03, 29, 00] {SUB [EBX], AL; SUB [EAX], EAX}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtMapViewOfSection + B 773E4D1B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtOpenFile + 6 773E4DC6 4 Bytes [68, 00, 29, 00]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtOpenFile + B 773E4DCB 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtOpenProcess + 6 773E4E76 4 Bytes [A8, 01, 29, 00] {TEST AL, 0x1; SUB [EAX], EAX}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtOpenProcess + B 773E4E7B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtOpenProcessToken + B 773E4E8B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtOpenProcessTokenEx + 6 773E4E96 4 Bytes [A8, 02, 29, 00] {TEST AL, 0x2; SUB [EAX], EAX}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtOpenProcessTokenEx + B 773E4E9B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtOpenThread + 6 773E4EF6 4 Bytes [68, 01, 29, 00]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtOpenThread + B 773E4EFB 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtOpenThreadToken + 6 773E4F06 4 Bytes [68, 02, 29, 00]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtOpenThreadToken + B 773E4F0B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtOpenThreadTokenEx + B 773E4F1B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtQueryAttributesFile + 6 773E5026 4 Bytes [A8, 00, 29, 00] {TEST AL, 0x0; SUB [EAX], EAX}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtQueryAttributesFile + B 773E502B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtQueryFullAttributesFile + B 773E50DB 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtSetInformationFile + 6 773E5726 4 Bytes [28, 01, 29, 00] {SUB [ECX], AL; SUB [EAX], EAX}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtSetInformationFile + B 773E572B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtSetInformationThread + 6 773E5786 4 Bytes [28, 02, 29, 00] {SUB [EDX], AL; SUB [EAX], EAX}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtSetInformationThread + B 773E578B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtUnmapViewOfSection + 6 773E5AA6 1 Byte [68]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtUnmapViewOfSection + 6 773E5AA6 4 Bytes [68, 03, 29, 00]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[5344] ntdll.dll!NtUnmapViewOfSection + B 773E5AAB 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtCreateFile + 6 773E46B6 4 Bytes [28, 00, 0A, 00] {SUB [EAX], AL; OR AL, [EAX]}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtCreateFile + B 773E46BB 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtMapViewOfSection + 6 773E4D16 1 Byte [28]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtMapViewOfSection + 6 773E4D16 4 Bytes [28, 03, 0A, 00] {SUB [EBX], AL; OR AL, [EAX]}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtMapViewOfSection + B 773E4D1B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtOpenFile + 6 773E4DC6 4 Bytes [68, 00, 0A, 00]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtOpenFile + B 773E4DCB 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtOpenProcess + 6 773E4E76 4 Bytes [A8, 01, 0A, 00] {TEST AL, 0x1; OR AL, [EAX]}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtOpenProcess + B 773E4E7B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtOpenProcessToken + B 773E4E8B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtOpenProcessTokenEx + 6 773E4E96 4 Bytes [A8, 02, 0A, 00] {TEST AL, 0x2; OR AL, [EAX]}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtOpenProcessTokenEx + B 773E4E9B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtOpenThread + 6 773E4EF6 4 Bytes [68, 01, 0A, 00]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtOpenThread + B 773E4EFB 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtOpenThreadToken + 6 773E4F06 4 Bytes [68, 02, 0A, 00]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtOpenThreadToken + B 773E4F0B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtOpenThreadTokenEx + B 773E4F1B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtQueryAttributesFile + 6 773E5026 4 Bytes [A8, 00, 0A, 00] {TEST AL, 0x0; OR AL, [EAX]}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtQueryAttributesFile + B 773E502B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtQueryFullAttributesFile + B 773E50DB 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtSetInformationFile + 6 773E5726 4 Bytes [28, 01, 0A, 00] {SUB [ECX], AL; OR AL, [EAX]}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtSetInformationFile + B 773E572B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtSetInformationThread + 6 773E5786 4 Bytes [28, 02, 0A, 00] {SUB [EDX], AL; OR AL, [EAX]}
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtSetInformationThread + B 773E578B 1 Byte [E2]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtUnmapViewOfSection + 6 773E5AA6 1 Byte [68]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtUnmapViewOfSection + 6 773E5AA6 4 Bytes [68, 03, 0A, 00]
.text C:\Users\Pharmacy\AppData\Local\Google\Chrome\Application\chrome.exe[6484] ntdll.dll!NtUnmapViewOfSection + B 773E5AAB 1 Byte [E2]

---- Devices - GMER 1.0.15 ----

Device \Driver\ACPI_HAL \Device\00000054 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat avgidsfilterx.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )

---- EOF - GMER 1.0.15 ----

#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:54 AM

Posted 19 May 2012 - 05:43 PM

Can you check if IE is getting redirected as well?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#10 gaber228

gaber228
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 21 May 2012 - 08:29 AM

IE does not seem to be affected after about 15-20 minutes of searching google. Only google chrome.

#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:54 AM

Posted 21 May 2012 - 06:35 PM

I suggest you start with reinstalling Chrome.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#12 gaber228

gaber228
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 22 May 2012 - 12:07 PM

Thanks Broni! I feel a little stupid for not trying that first. So far a few hours of browsing and nothing seems out of the normal, if anything I'll let you know. In the end, I appreciate your help and time. Donation submitted.

#13 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:54 AM

Posted 22 May 2012 - 12:09 PM

Good news and thank you :)

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users