Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware prevents me from doing Vista update


  • Please log in to reply
24 replies to this topic

#1 spalladino25

spalladino25

  • Members
  • 266 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 21 May 2012 - 08:42 PM

Hello I have Windows Vista and Avira for my anti virus and for the
past few weeks every time I scan for viruses avira is picking up something.
Every since this started I am unable to do an update for Vista and every time I run
the update it says I am unable to run the update because that service is currently not running
now and that I may have to restart my computer. I've had similar things happen before
when I had infection and I'm pretty sure the same thing has happened again and I've tried a
few work arounds from looking at forums on the subject and I've had no luck. Any help
would be much appreciated. Thank you.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:59 AM

Posted 21 May 2012 - 08:46 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 spalladino25

spalladino25
  • Topic Starter

  • Members
  • 266 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 22 May 2012 - 12:49 PM

Here it is.


22:54:10.0465 5120 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
22:54:10.0703 5120 ============================================================
22:54:10.0703 5120 Current date / time: 2012/05/21 22:54:10.0703
22:54:10.0703 5120 SystemInfo:
22:54:10.0703 5120
22:54:10.0703 5120 OS Version: 6.0.6002 ServicePack: 2.0
22:54:10.0703 5120 Product type: Workstation
22:54:10.0703 5120 ComputerName: SHANEP-PC
22:54:10.0704 5120 UserName: ShaneP
22:54:10.0704 5120 Windows directory: C:\Windows
22:54:10.0704 5120 System windows directory: C:\Windows
22:54:10.0704 5120 Processor architecture: Intel x86
22:54:10.0704 5120 Number of processors: 2
22:54:10.0704 5120 Page size: 0x1000
22:54:10.0704 5120 Boot type: Normal boot
22:54:10.0704 5120 ============================================================
22:54:11.0105 5120 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:54:11.0107 5120 ============================================================
22:54:11.0107 5120 \Device\Harddisk0\DR0:
22:54:11.0108 5120 MBR partitions:
22:54:11.0108 5120 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x190F800
22:54:11.0108 5120 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1923800, BlocksNum 0x2360B000
22:54:11.0139 5120 ============================================================
22:54:11.0205 5120 C: <-> \Device\Harddisk0\DR0\Partition1
22:54:11.0257 5120 D: <-> \Device\Harddisk0\DR0\Partition0
22:54:11.0257 5120 ============================================================
22:54:11.0257 5120 Initialize success
22:54:11.0257 5120 ============================================================
22:54:26.0211 5308 ============================================================
22:54:26.0211 5308 Scan started
22:54:26.0211 5308 Mode: Manual; TDLFS;
22:54:26.0211 5308 ============================================================
22:54:26.0487 5308 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:54:26.0489 5308 !SASCORE - ok
22:54:26.0752 5308 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
22:54:26.0754 5308 ACPI - ok
22:54:26.0845 5308 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:54:26.0846 5308 AdobeARMservice - ok
22:54:26.0974 5308 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:54:26.0976 5308 AdobeFlashPlayerUpdateSvc - ok
22:54:27.0066 5308 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
22:54:27.0069 5308 adp94xx - ok
22:54:27.0122 5308 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
22:54:27.0124 5308 adpahci - ok
22:54:27.0171 5308 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
22:54:27.0172 5308 adpu160m - ok
22:54:27.0197 5308 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
22:54:27.0198 5308 adpu320 - ok
22:54:27.0250 5308 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
22:54:27.0251 5308 AeLookupSvc - ok
22:54:27.0287 5308 AESTFilters (ef1142512bec12f1c2c87735da1755be) C:\Windows\system32\aestsrv.exe
22:54:27.0288 5308 AESTFilters - ok
22:54:27.0354 5308 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
22:54:27.0356 5308 AFD - ok
22:54:27.0410 5308 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
22:54:27.0411 5308 agp440 - ok
22:54:27.0431 5308 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:54:27.0432 5308 aic78xx - ok
22:54:27.0441 5308 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
22:54:27.0442 5308 ALG - ok
22:54:27.0508 5308 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
22:54:27.0509 5308 aliide - ok
22:54:27.0534 5308 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
22:54:27.0535 5308 amdagp - ok
22:54:27.0560 5308 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
22:54:27.0561 5308 amdide - ok
22:54:27.0586 5308 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
22:54:27.0586 5308 AmdK7 - ok
22:54:27.0615 5308 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
22:54:27.0616 5308 AmdK8 - ok
22:54:27.0747 5308 AntiVirSchedulerService (b4837fe56d76b2e9ea90e5365cf6a2be) C:\Program Files\Avira\AntiVir Desktop\sched.exe
22:54:27.0749 5308 AntiVirSchedulerService - ok
22:54:27.0779 5308 AntiVirService (df5a3016052755c910a206058b4a1729) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
22:54:27.0781 5308 AntiVirService - ok
22:54:27.0870 5308 ApfiltrService (448da519f3b6ffa158c513156053181e) C:\Windows\system32\DRIVERS\Apfiltr.sys
22:54:27.0872 5308 ApfiltrService - ok
22:54:27.0961 5308 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
22:54:27.0962 5308 Appinfo - ok
22:54:28.0050 5308 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:54:28.0051 5308 Apple Mobile Device - ok
22:54:28.0090 5308 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
22:54:28.0090 5308 arc - ok
22:54:28.0129 5308 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
22:54:28.0130 5308 arcsas - ok
22:54:28.0168 5308 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:54:28.0169 5308 AsyncMac - ok
22:54:28.0196 5308 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
22:54:28.0196 5308 atapi - ok
22:54:28.0270 5308 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:54:28.0272 5308 AudioEndpointBuilder - ok
22:54:28.0278 5308 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:54:28.0281 5308 Audiosrv - ok
22:54:28.0330 5308 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
22:54:28.0331 5308 avgntflt - ok
22:54:28.0378 5308 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
22:54:28.0379 5308 avipbb - ok
22:54:28.0398 5308 BCM42RLY - ok
22:54:28.0502 5308 BCM43XX (cdf7f28ffd693b1b4137845dd1ef1ccc) C:\Windows\system32\DRIVERS\bcmwl6.sys
22:54:28.0509 5308 BCM43XX - ok
22:54:28.0553 5308 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:54:28.0554 5308 Beep - ok
22:54:28.0613 5308 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
22:54:28.0615 5308 BFE - ok
22:54:28.0714 5308 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
22:54:28.0721 5308 BITS - ok
22:54:28.0747 5308 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
22:54:28.0748 5308 blbdrive - ok
22:54:28.0867 5308 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files\Bonjour\mDNSResponder.exe
22:54:28.0870 5308 Bonjour Service - ok
22:54:28.0899 5308 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
22:54:28.0900 5308 bowser - ok
22:54:28.0920 5308 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:54:28.0920 5308 BrFiltLo - ok
22:54:28.0937 5308 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:54:28.0937 5308 BrFiltUp - ok
22:54:28.0972 5308 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
22:54:28.0973 5308 Browser - ok
22:54:28.0995 5308 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\Drivers\Brserid.sys
22:54:28.0995 5308 Brserid - ok
22:54:29.0020 5308 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:54:29.0020 5308 BrSerWdm - ok
22:54:29.0030 5308 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:54:29.0030 5308 BrUsbMdm - ok
22:54:29.0048 5308 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\Drivers\BrUsbSer.sys
22:54:29.0049 5308 BrUsbSer - ok
22:54:29.0068 5308 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:54:29.0069 5308 BTHMODEM - ok
22:54:29.0231 5308 catchme - ok
22:54:29.0352 5308 cbVSCService (ed5411a69c5bac78d245c893af64352a) C:\Program Files\Cobian Backup 10\cbVSCService.exe
22:54:29.0352 5308 cbVSCService - ok
22:54:29.0376 5308 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:54:29.0377 5308 cdfs - ok
22:54:29.0422 5308 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
22:54:29.0423 5308 cdrom - ok
22:54:29.0469 5308 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
22:54:29.0470 5308 CertPropSvc - ok
22:54:29.0517 5308 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
22:54:29.0517 5308 circlass - ok
22:54:29.0562 5308 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
22:54:29.0564 5308 CLFS - ok
22:54:29.0667 5308 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:54:29.0668 5308 clr_optimization_v2.0.50727_32 - ok
22:54:29.0708 5308 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:54:29.0709 5308 clr_optimization_v4.0.30319_32 - ok
22:54:29.0744 5308 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
22:54:29.0744 5308 CmBatt - ok
22:54:29.0768 5308 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
22:54:29.0769 5308 cmdide - ok
22:54:29.0788 5308 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
22:54:29.0789 5308 Compbatt - ok
22:54:29.0795 5308 COMSysApp - ok
22:54:29.0806 5308 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
22:54:29.0807 5308 crcdisk - ok
22:54:29.0829 5308 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
22:54:29.0830 5308 Crusoe - ok
22:54:29.0882 5308 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
22:54:29.0884 5308 CryptSvc - ok
22:54:29.0959 5308 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
22:54:29.0964 5308 DcomLaunch - ok
22:54:29.0992 5308 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
22:54:29.0993 5308 DfsC - ok
22:54:30.0137 5308 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
22:54:30.0152 5308 DFSR - ok
22:54:30.0298 5308 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
22:54:30.0300 5308 Dhcp - ok
22:54:30.0358 5308 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
22:54:30.0359 5308 disk - ok
22:54:30.0404 5308 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
22:54:30.0406 5308 Dnscache - ok
22:54:30.0502 5308 DockLoginService (13511564cac5a005255765e322c16967) C:\Program Files\Dell\DellDock\DockLogin.exe
22:54:30.0503 5308 DockLoginService - ok
22:54:30.0549 5308 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
22:54:30.0551 5308 dot3svc - ok
22:54:30.0602 5308 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
22:54:30.0603 5308 DPS - ok
22:54:30.0639 5308 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:54:30.0639 5308 drmkaud - ok
22:54:30.0720 5308 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
22:54:30.0725 5308 DXGKrnl - ok
22:54:30.0775 5308 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
22:54:30.0777 5308 e1express - ok
22:54:30.0825 5308 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:54:30.0826 5308 E1G60 - ok
22:54:30.0856 5308 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
22:54:30.0858 5308 EapHost - ok
22:54:30.0923 5308 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
22:54:30.0925 5308 Ecache - ok
22:54:30.0997 5308 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
22:54:30.0999 5308 ehRecvr - ok
22:54:31.0028 5308 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
22:54:31.0029 5308 ehSched - ok
22:54:31.0044 5308 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
22:54:31.0045 5308 ehstart - ok
22:54:31.0097 5308 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
22:54:31.0099 5308 elxstor - ok
22:54:31.0195 5308 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
22:54:31.0199 5308 EMDMgmt - ok
22:54:31.0211 5308 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
22:54:31.0211 5308 ErrDev - ok
22:54:31.0262 5308 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
22:54:31.0265 5308 EventSystem - ok
22:54:31.0334 5308 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
22:54:31.0336 5308 exfat - ok
22:54:31.0385 5308 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
22:54:31.0386 5308 fastfat - ok
22:54:31.0430 5308 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
22:54:31.0431 5308 fdc - ok
22:54:31.0455 5308 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
22:54:31.0456 5308 fdPHost - ok
22:54:31.0472 5308 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
22:54:31.0474 5308 FDResPub - ok
22:54:31.0483 5308 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:54:31.0484 5308 FileInfo - ok
22:54:31.0502 5308 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
22:54:31.0504 5308 Filetrace - ok
22:54:31.0518 5308 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:54:31.0520 5308 flpydisk - ok
22:54:31.0574 5308 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
22:54:31.0577 5308 FltMgr - ok
22:54:31.0723 5308 FontCache (452feaab2a8dbb42ed751754cb2594f5) C:\Windows\system32\FntCache.dll
22:54:31.0734 5308 FontCache - ok
22:54:31.0800 5308 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:54:31.0828 5308 FontCache3.0.0.0 - ok
22:54:31.0871 5308 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
22:54:31.0892 5308 fssfltr - ok
22:54:32.0079 5308 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
22:54:32.0160 5308 fsssvc - ok
22:54:32.0273 5308 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
22:54:32.0291 5308 Fs_Rec - ok
22:54:32.0309 5308 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
22:54:32.0310 5308 gagp30kx - ok
22:54:32.0340 5308 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:54:32.0342 5308 GEARAspiWDM - ok
22:54:32.0462 5308 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
22:54:32.0463 5308 GoogleDesktopManager-051210-111108 - ok
22:54:32.0501 5308 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
22:54:32.0502 5308 GoToAssist - ok
22:54:32.0589 5308 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
22:54:32.0599 5308 gpsvc - ok
22:54:32.0689 5308 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
22:54:32.0690 5308 gupdate - ok
22:54:32.0701 5308 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
22:54:32.0702 5308 gupdatem - ok
22:54:32.0779 5308 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
22:54:32.0786 5308 HdAudAddService - ok
22:54:32.0858 5308 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:54:32.0866 5308 HDAudBus - ok
22:54:32.0899 5308 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:54:32.0901 5308 HidBth - ok
22:54:32.0920 5308 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
22:54:32.0922 5308 HidIr - ok
22:54:32.0950 5308 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
22:54:32.0951 5308 hidserv - ok
22:54:32.0979 5308 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
22:54:32.0980 5308 HidUsb - ok
22:54:33.0012 5308 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
22:54:33.0014 5308 hkmsvc - ok
22:54:33.0031 5308 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
22:54:33.0047 5308 HpCISSs - ok
22:54:33.0159 5308 HSF_DPV (e9e589c9ab799f52e18f057635a2b362) C:\Windows\system32\DRIVERS\HSX_DPV.sys
22:54:33.0171 5308 HSF_DPV - ok
22:54:33.0200 5308 HSXHWAZL (7845d2385f4dc7dfb3ccaf0c2fa4948e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
22:54:33.0209 5308 HSXHWAZL - ok
22:54:33.0265 5308 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
22:54:33.0270 5308 HTTP - ok
22:54:33.0295 5308 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
22:54:33.0318 5308 i2omp - ok
22:54:33.0351 5308 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:54:33.0353 5308 i8042prt - ok
22:54:33.0472 5308 IAANTMON (ae38a12f79a4980ddb88f36514f8a1da) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
22:54:33.0477 5308 IAANTMON - ok
22:54:33.0542 5308 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
22:54:33.0544 5308 iaStor - ok
22:54:33.0580 5308 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
22:54:33.0621 5308 iaStorV - ok
22:54:33.0704 5308 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:54:33.0707 5308 IDriverT - ok
22:54:33.0814 5308 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:54:33.0832 5308 idsvc - ok
22:54:33.0976 5308 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
22:54:34.0012 5308 igfx - ok
22:54:34.0138 5308 IHA_MessageCenter (c135bff15563592b8ea070ea109967f7) C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
22:54:34.0141 5308 IHA_MessageCenter - ok
22:54:34.0275 5308 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:54:34.0303 5308 iirsp - ok
22:54:34.0359 5308 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
22:54:34.0365 5308 IKEEXT - ok
22:54:34.0409 5308 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
22:54:34.0426 5308 IntcHdmiAddService - ok
22:54:34.0453 5308 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
22:54:34.0455 5308 intelide - ok
22:54:34.0474 5308 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
22:54:34.0475 5308 intelppm - ok
22:54:34.0511 5308 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
22:54:34.0536 5308 IPBusEnum - ok
22:54:34.0559 5308 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:54:34.0561 5308 IpFilterDriver - ok
22:54:34.0615 5308 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
22:54:34.0617 5308 iphlpsvc - ok
22:54:34.0621 5308 IpInIp - ok
22:54:34.0657 5308 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
22:54:34.0675 5308 IPMIDRV - ok
22:54:34.0694 5308 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:54:34.0697 5308 IPNAT - ok
22:54:34.0815 5308 iPod Service (f62c69376a95795fe7cdb1c778edaca4) C:\Program Files\iPod\bin\iPodService.exe
22:54:34.0822 5308 iPod Service - ok
22:54:34.0833 5308 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:54:34.0834 5308 IRENUM - ok
22:54:34.0855 5308 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
22:54:34.0857 5308 isapnp - ok
22:54:34.0920 5308 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
22:54:34.0929 5308 iScsiPrt - ok
22:54:34.0936 5308 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:54:34.0938 5308 iteatapi - ok
22:54:34.0956 5308 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:54:34.0958 5308 iteraid - ok
22:54:34.0973 5308 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:54:34.0974 5308 kbdclass - ok
22:54:34.0994 5308 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
22:54:34.0996 5308 kbdhid - ok
22:54:35.0024 5308 KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
22:54:35.0026 5308 KeyIso - ok
22:54:35.0066 5308 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
22:54:35.0070 5308 KSecDD - ok
22:54:35.0132 5308 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
22:54:35.0140 5308 KtmRm - ok
22:54:35.0170 5308 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
22:54:35.0173 5308 LanmanServer - ok
22:54:35.0212 5308 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
22:54:35.0240 5308 LanmanWorkstation - ok
22:54:35.0364 5308 LBTServ (a0f7dc0080e4f97dc97de08b699e231b) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
22:54:35.0367 5308 LBTServ - ok
22:54:35.0398 5308 LHidFilt (24e0ddb99aeccf86bb37702611761459) C:\Windows\system32\DRIVERS\LHidFilt.Sys
22:54:35.0400 5308 LHidFilt - ok
22:54:35.0433 5308 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:54:35.0434 5308 lltdio - ok
22:54:35.0476 5308 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
22:54:35.0502 5308 lltdsvc - ok
22:54:35.0518 5308 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
22:54:35.0520 5308 lmhosts - ok
22:54:35.0542 5308 LMouFilt (d58b330d318361a66a9fe60d7c9b4951) C:\Windows\system32\DRIVERS\LMouFilt.Sys
22:54:35.0544 5308 LMouFilt - ok
22:54:35.0574 5308 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
22:54:35.0598 5308 LSI_FC - ok
22:54:35.0622 5308 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
22:54:35.0625 5308 LSI_SAS - ok
22:54:35.0644 5308 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
22:54:35.0662 5308 LSI_SCSI - ok
22:54:35.0685 5308 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:54:35.0687 5308 luafv - ok
22:54:35.0698 5308 lxbc_device - ok
22:54:35.0728 5308 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
22:54:35.0731 5308 mcdbus - ok
22:54:35.0762 5308 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
22:54:35.0765 5308 Mcx2Svc - ok
22:54:35.0798 5308 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:54:35.0811 5308 mdmxsdk - ok
22:54:35.0850 5308 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
22:54:35.0851 5308 megasas - ok
22:54:35.0912 5308 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
22:54:35.0918 5308 MegaSR - ok
22:54:36.0015 5308 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:54:36.0018 5308 Microsoft Office Groove Audit Service - ok
22:54:36.0043 5308 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:54:36.0045 5308 MMCSS - ok
22:54:36.0064 5308 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:54:36.0065 5308 Modem - ok
22:54:36.0110 5308 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:54:36.0111 5308 monitor - ok
22:54:36.0149 5308 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:54:36.0150 5308 mouclass - ok
22:54:36.0169 5308 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:54:36.0184 5308 mouhid - ok
22:54:36.0208 5308 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:54:36.0209 5308 MountMgr - ok
22:54:36.0255 5308 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:54:36.0257 5308 MozillaMaintenance - ok
22:54:36.0289 5308 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
22:54:36.0290 5308 mpio - ok
22:54:36.0314 5308 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:54:36.0331 5308 mpsdrv - ok
22:54:36.0380 5308 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
22:54:36.0386 5308 MpsSvc - ok
22:54:36.0419 5308 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:54:36.0421 5308 Mraid35x - ok
22:54:36.0519 5308 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
22:54:36.0521 5308 MREMP50 - ok
22:54:36.0531 5308 MREMPR5 - ok
22:54:36.0539 5308 MRENDIS5 - ok
22:54:36.0562 5308 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
22:54:36.0563 5308 MRESP50 - ok
22:54:36.0602 5308 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
22:54:36.0605 5308 MRxDAV - ok
22:54:36.0625 5308 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:54:36.0627 5308 mrxsmb - ok
22:54:36.0697 5308 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:54:36.0700 5308 mrxsmb10 - ok
22:54:36.0709 5308 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:54:36.0710 5308 mrxsmb20 - ok
22:54:36.0748 5308 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
22:54:36.0749 5308 msahci - ok
22:54:36.0781 5308 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
22:54:36.0782 5308 msdsm - ok
22:54:36.0814 5308 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
22:54:36.0818 5308 MSDTC - ok
22:54:36.0841 5308 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:54:36.0843 5308 Msfs - ok
22:54:36.0862 5308 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
22:54:36.0863 5308 msisadrv - ok
22:54:36.0896 5308 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
22:54:36.0926 5308 MSiSCSI - ok
22:54:36.0944 5308 msiserver - ok
22:54:36.0968 5308 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:54:36.0970 5308 MSKSSRV - ok
22:54:36.0993 5308 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:54:36.0994 5308 MSPCLOCK - ok
22:54:37.0001 5308 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:54:37.0003 5308 MSPQM - ok
22:54:37.0052 5308 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
22:54:37.0063 5308 MsRPC - ok
22:54:37.0085 5308 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
22:54:37.0087 5308 mssmbios - ok
22:54:37.0103 5308 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:54:37.0105 5308 MSTEE - ok
22:54:37.0123 5308 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
22:54:37.0125 5308 Mup - ok
22:54:37.0159 5308 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
22:54:37.0176 5308 napagent - ok
22:54:37.0228 5308 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
22:54:37.0231 5308 NativeWifiP - ok
22:54:37.0285 5308 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
22:54:37.0294 5308 NDIS - ok
22:54:37.0314 5308 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
22:54:37.0315 5308 NdisTapi - ok
22:54:37.0327 5308 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
22:54:37.0345 5308 Ndisuio - ok
22:54:37.0384 5308 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:54:37.0388 5308 NdisWan - ok
22:54:37.0395 5308 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:54:37.0421 5308 NDProxy - ok
22:54:37.0439 5308 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
22:54:37.0441 5308 NetBIOS - ok
22:54:37.0494 5308 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
22:54:37.0503 5308 netbt - ok
22:54:37.0535 5308 Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
22:54:37.0537 5308 Netlogon - ok
22:54:37.0579 5308 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
22:54:37.0585 5308 Netman - ok
22:54:37.0638 5308 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
22:54:37.0657 5308 netprofm - ok
22:54:37.0738 5308 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:54:37.0776 5308 NetTcpPortSharing - ok
22:54:37.0803 5308 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
22:54:37.0823 5308 nfrd960 - ok
22:54:37.0855 5308 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
22:54:37.0865 5308 NlaSvc - ok
22:54:37.0900 5308 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
22:54:37.0901 5308 Npfs - ok
22:54:37.0919 5308 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
22:54:37.0921 5308 nsi - ok
22:54:37.0940 5308 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
22:54:37.0953 5308 nsiproxy - ok
22:54:38.0060 5308 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
22:54:38.0076 5308 Ntfs - ok
22:54:38.0092 5308 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
22:54:38.0093 5308 ntrigdigi - ok
22:54:38.0108 5308 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:54:38.0126 5308 Null - ok
22:54:38.0146 5308 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
22:54:38.0149 5308 nvraid - ok
22:54:38.0173 5308 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
22:54:38.0205 5308 nvstor - ok
22:54:38.0233 5308 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
22:54:38.0236 5308 nv_agp - ok
22:54:38.0243 5308 NwlnkFlt - ok
22:54:38.0253 5308 NwlnkFwd - ok
22:54:38.0392 5308 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:54:38.0401 5308 odserv - ok
22:54:38.0457 5308 OEM02Dev (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
22:54:38.0464 5308 OEM02Dev - ok
22:54:38.0474 5308 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
22:54:38.0476 5308 OEM02Vfx - ok
22:54:38.0505 5308 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
22:54:38.0508 5308 ohci1394 - ok
22:54:38.0556 5308 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:54:38.0558 5308 ose - ok
22:54:38.0630 5308 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:54:38.0652 5308 p2pimsvc - ok
22:54:38.0661 5308 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:54:38.0667 5308 p2psvc - ok
22:54:38.0761 5308 PACSPTISVR-Sound_Organizer (34a947acb48b2085d0fbf2d025169962) C:\Program Files\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe
22:54:38.0772 5308 PACSPTISVR-Sound_Organizer - ok
22:54:38.0803 5308 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
22:54:38.0804 5308 Parport - ok
22:54:38.0838 5308 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
22:54:38.0839 5308 partmgr - ok
22:54:38.0857 5308 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
22:54:38.0858 5308 Parvdm - ok
22:54:38.0887 5308 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
22:54:38.0890 5308 PcaSvc - ok
22:54:38.0927 5308 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
22:54:38.0930 5308 pci - ok
22:54:38.0942 5308 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
22:54:38.0942 5308 pciide - ok
22:54:38.0975 5308 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
22:54:38.0986 5308 pcmcia - ok
22:54:39.0062 5308 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:54:39.0085 5308 PEAUTH - ok
22:54:39.0212 5308 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
22:54:39.0241 5308 pla - ok
22:54:39.0386 5308 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
22:54:39.0390 5308 PlugPlay - ok
22:54:39.0451 5308 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:54:39.0458 5308 PNRPAutoReg - ok
22:54:39.0467 5308 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:54:39.0473 5308 PNRPsvc - ok
22:54:39.0524 5308 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
22:54:39.0529 5308 PolicyAgent - ok
22:54:39.0581 5308 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
22:54:39.0611 5308 PptpMiniport - ok
22:54:39.0638 5308 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
22:54:39.0668 5308 Processor - ok
22:54:39.0697 5308 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
22:54:39.0700 5308 ProfSvc - ok
22:54:39.0723 5308 ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
22:54:39.0725 5308 ProtectedStorage - ok
22:54:39.0752 5308 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
22:54:39.0754 5308 PSched - ok
22:54:39.0782 5308 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
22:54:39.0784 5308 PxHelp20 - ok
22:54:39.0934 5308 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
22:54:40.0038 5308 ql2300 - ok
22:54:40.0073 5308 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:54:40.0104 5308 ql40xx - ok
22:54:40.0159 5308 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
22:54:40.0192 5308 QWAVE - ok
22:54:40.0215 5308 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:54:40.0216 5308 QWAVEdrv - ok
22:54:40.0374 5308 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
22:54:40.0484 5308 R300 - ok
22:54:40.0643 5308 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
22:54:40.0659 5308 RasAcd - ok
22:54:40.0695 5308 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
22:54:40.0729 5308 RasAuto - ok
22:54:40.0747 5308 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:54:40.0755 5308 Rasl2tp - ok
22:54:40.0802 5308 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
22:54:40.0807 5308 RasMan - ok
22:54:40.0842 5308 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
22:54:40.0848 5308 RasPppoe - ok
22:54:40.0905 5308 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
22:54:40.0928 5308 RasSstp - ok
22:54:40.0977 5308 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
22:54:40.0984 5308 rdbss - ok
22:54:40.0996 5308 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:54:41.0015 5308 RDPCDD - ok
22:54:41.0060 5308 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
22:54:41.0104 5308 rdpdr - ok
22:54:41.0109 5308 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
22:54:41.0113 5308 RDPENCDD - ok
22:54:41.0156 5308 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
22:54:41.0196 5308 RDPWD - ok
22:54:41.0235 5308 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
22:54:41.0265 5308 RemoteAccess - ok
22:54:41.0289 5308 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
22:54:41.0313 5308 RemoteRegistry - ok
22:54:41.0365 5308 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
22:54:41.0371 5308 rimmptsk - ok
22:54:41.0393 5308 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
22:54:41.0419 5308 rimsptsk - ok
22:54:41.0447 5308 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
22:54:41.0469 5308 rismxdp - ok
22:54:41.0488 5308 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
22:54:41.0508 5308 RpcLocator - ok
22:54:41.0583 5308 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\System32\rpcss.dll
22:54:41.0589 5308 RpcSs - ok
22:54:41.0723 5308 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
22:54:41.0755 5308 rspndr - ok
22:54:41.0779 5308 SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
22:54:41.0780 5308 SamSs - ok
22:54:41.0865 5308 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:54:41.0880 5308 SASDIFSV - ok
22:54:41.0925 5308 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:54:41.0945 5308 SASKUTIL - ok
22:54:41.0967 5308 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:54:41.0990 5308 sbp2port - ok
22:54:42.0045 5308 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
22:54:42.0047 5308 SCardSvr - ok
22:54:42.0175 5308 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
22:54:42.0183 5308 Schedule - ok
22:54:42.0211 5308 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
22:54:42.0212 5308 SCPolicySvc - ok
22:54:42.0256 5308 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
22:54:42.0280 5308 sdbus - ok
22:54:42.0314 5308 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
22:54:42.0317 5308 SDRSVC - ok
22:54:42.0407 5308 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
22:54:42.0409 5308 SeaPort - ok
22:54:42.0435 5308 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:54:42.0440 5308 secdrv - ok
22:54:42.0453 5308 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
22:54:42.0455 5308 seclogon - ok
22:54:42.0477 5308 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
22:54:42.0480 5308 SENS - ok
22:54:42.0506 5308 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
22:54:42.0536 5308 Serenum - ok
22:54:42.0620 5308 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
22:54:42.0661 5308 Serial - ok
22:54:42.0680 5308 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:54:42.0698 5308 sermouse - ok
22:54:42.0727 5308 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
22:54:42.0730 5308 SessionEnv - ok
22:54:42.0773 5308 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
22:54:42.0804 5308 sffdisk - ok
22:54:42.0827 5308 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
22:54:42.0831 5308 sffp_mmc - ok
22:54:42.0854 5308 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
22:54:42.0872 5308 sffp_sd - ok
22:54:42.0899 5308 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:54:42.0904 5308 sfloppy - ok
22:54:42.0962 5308 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
22:54:42.0979 5308 SharedAccess - ok
22:54:43.0038 5308 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
22:54:43.0042 5308 ShellHWDetection - ok
22:54:43.0225 5308 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
22:54:43.0264 5308 sisagp - ok
22:54:43.0313 5308 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
22:54:43.0352 5308 SiSRaid2 - ok
22:54:43.0379 5308 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
22:54:43.0419 5308 SiSRaid4 - ok
22:54:43.0727 5308 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
22:54:43.0795 5308 slsvc - ok
22:54:44.0000 5308 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
22:54:44.0003 5308 SLUINotify - ok
22:54:44.0105 5308 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
22:54:44.0131 5308 Smb - ok
22:54:44.0164 5308 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
22:54:44.0167 5308 SNMPTRAP - ok
22:54:44.0204 5308 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:54:44.0206 5308 spldr - ok
22:54:44.0242 5308 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
22:54:44.0245 5308 Spooler - ok
22:54:44.0325 5308 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
22:54:44.0332 5308 srv - ok
22:54:44.0375 5308 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
22:54:44.0400 5308 srv2 - ok
22:54:44.0438 5308 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
22:54:44.0441 5308 srvnet - ok
22:54:44.0481 5308 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
22:54:44.0484 5308 SSDPSRV - ok
22:54:44.0524 5308 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
22:54:44.0563 5308 ssmdrv - ok
22:54:44.0601 5308 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
22:54:44.0604 5308 SstpSvc - ok
22:54:44.0733 5308 STacSV (71679f24d0d0b2c6403bb5ac57026e99) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\STacSV.exe
22:54:44.0734 5308 STacSV - ok
22:54:44.0854 5308 STHDA (68a0d39e357dd7a234b1d4f1e844c615) C:\Windows\system32\drivers\stwrt.sys
22:54:44.0874 5308 STHDA - ok
22:54:44.0997 5308 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
22:54:45.0005 5308 stisvc - ok
22:54:45.0139 5308 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
22:54:45.0141 5308 stllssvr - ok
22:54:45.0177 5308 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
22:54:45.0194 5308 swenum - ok
22:54:45.0261 5308 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
22:54:45.0267 5308 swprv - ok
22:54:45.0284 5308 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:54:45.0287 5308 Symc8xx - ok
22:54:45.0308 5308 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:54:45.0330 5308 Sym_hi - ok
22:54:45.0355 5308 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:54:45.0357 5308 Sym_u3 - ok
22:54:45.0414 5308 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
22:54:45.0422 5308 SysMain - ok
22:54:45.0454 5308 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
22:54:45.0457 5308 TabletInputService - ok
22:54:45.0498 5308 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
22:54:45.0517 5308 TapiSrv - ok
22:54:45.0540 5308 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
22:54:45.0543 5308 TBS - ok
22:54:45.0656 5308 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
22:54:45.0669 5308 Tcpip - ok
22:54:45.0683 5308 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
22:54:45.0691 5308 Tcpip6 - ok
22:54:45.0738 5308 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
22:54:45.0740 5308 tcpipreg - ok
22:54:45.0779 5308 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
22:54:45.0809 5308 TDPIPE - ok
22:54:45.0869 5308 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
22:54:45.0932 5308 TDTCP - ok
22:54:45.0968 5308 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
22:54:45.0987 5308 tdx - ok
22:54:46.0043 5308 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
22:54:46.0086 5308 TermDD - ok
22:54:46.0149 5308 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
22:54:46.0157 5308 TermService - ok
22:54:46.0228 5308 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
22:54:46.0236 5308 Themes - ok
22:54:46.0263 5308 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:54:46.0265 5308 THREADORDER - ok
22:54:46.0310 5308 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
22:54:46.0313 5308 TrkWks - ok
22:54:46.0406 5308 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
22:54:46.0409 5308 TrustedInstaller - ok
22:54:46.0445 5308 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:54:46.0450 5308 tssecsrv - ok
22:54:46.0473 5308 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
22:54:46.0474 5308 tunmp - ok
22:54:46.0493 5308 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
22:54:46.0495 5308 tunnel - ok
22:54:46.0517 5308 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
22:54:46.0519 5308 uagp35 - ok
22:54:46.0560 5308 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
22:54:46.0563 5308 udfs - ok
22:54:46.0598 5308 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
22:54:46.0601 5308 UI0Detect - ok
22:54:46.0619 5308 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
22:54:46.0621 5308 uliagpkx - ok
22:54:46.0657 5308 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
22:54:46.0662 5308 uliahci - ok
22:54:46.0764 5308 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:54:46.0768 5308 UlSata - ok
22:54:46.0791 5308 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:54:46.0794 5308 ulsata2 - ok
22:54:46.0812 5308 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:54:46.0814 5308 umbus - ok
22:54:46.0856 5308 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
22:54:46.0860 5308 upnphost - ok
22:54:46.0908 5308 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
22:54:46.0910 5308 USBAAPL - ok
22:54:46.0938 5308 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
22:54:46.0940 5308 usbaudio - ok
22:54:46.0971 5308 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
22:54:46.0973 5308 usbccgp - ok
22:54:46.0993 5308 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:54:46.0994 5308 usbcir - ok
22:54:47.0019 5308 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
22:54:47.0021 5308 usbehci - ok
22:54:47.0051 5308 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
22:54:47.0060 5308 usbhub - ok
22:54:47.0081 5308 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
22:54:47.0083 5308 usbohci - ok
22:54:47.0113 5308 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
22:54:47.0114 5308 usbprint - ok
22:54:47.0165 5308 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
22:54:47.0166 5308 usbscan - ok
22:54:47.0183 5308 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:54:47.0184 5308 USBSTOR - ok
22:54:47.0200 5308 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:54:47.0201 5308 usbuhci - ok
22:54:47.0227 5308 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
22:54:47.0229 5308 UxSms - ok
22:54:47.0290 5308 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
22:54:47.0301 5308 vds - ok
22:54:47.0347 5308 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
22:54:47.0348 5308 vga - ok
22:54:47.0374 5308 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
22:54:47.0375 5308 VgaSave - ok
22:54:47.0396 5308 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
22:54:47.0398 5308 viaagp - ok
22:54:47.0419 5308 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
22:54:47.0421 5308 ViaC7 - ok
22:54:47.0457 5308 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
22:54:47.0458 5308 viaide - ok
22:54:47.0483 5308 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
22:54:47.0484 5308 volmgr - ok
22:54:47.0541 5308 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
22:54:47.0546 5308 volmgrx - ok
22:54:47.0583 5308 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
22:54:47.0587 5308 volsnap - ok
22:54:47.0769 5308 VpSvc (d1f8d20d39c4c5838f3b1491f11d0391) C:\Program Files\Common Files\VpSvc.exe
22:54:47.0770 5308 VpSvc - ok
22:54:47.0835 5308 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
22:54:47.0837 5308 vsmraid - ok
22:54:48.0024 5308 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
22:54:48.0069 5308 VSS - ok
22:54:48.0142 5308 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
22:54:48.0147 5308 W32Time - ok
22:54:48.0231 5308 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
22:54:48.0233 5308 WacomPen - ok
22:54:48.0253 5308 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:54:48.0255 5308 Wanarp - ok
22:54:48.0260 5308 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:54:48.0261 5308 Wanarpv6 - ok
22:54:48.0296 5308 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
22:54:48.0319 5308 wcncsvc - ok
22:54:48.0347 5308 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
22:54:48.0351 5308 WcsPlugInService - ok
22:54:48.0405 5308 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
22:54:48.0407 5308 Wd - ok
22:54:48.0467 5308 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:54:48.0474 5308 Wdf01000 - ok
22:54:48.0490 5308 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:54:48.0495 5308 WdiServiceHost - ok
22:54:48.0498 5308 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:54:48.0501 5308 WdiSystemHost - ok
22:54:48.0543 5308 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
22:54:48.0547 5308 WebClient - ok
22:54:48.0591 5308 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
22:54:48.0594 5308 Wecsvc - ok
22:54:48.0651 5308 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
22:54:48.0655 5308 wercplsupport - ok
22:54:48.0696 5308 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
22:54:48.0699 5308 WerSvc - ok
22:54:48.0874 5308 winachsf (4daca8f07537d4d7e3534bb99294aa26) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
22:54:48.0909 5308 winachsf - ok
22:54:49.0038 5308 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
22:54:49.0055 5308 WinDefend - ok
22:54:49.0061 5308 WinHttpAutoProxySvc - ok
22:54:49.0215 5308 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
22:54:49.0217 5308 Winmgmt - ok
22:54:49.0488 5308 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
22:54:49.0535 5308 WinRM - ok
22:54:49.0593 5308 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
22:54:49.0635 5308 Wlansvc - ok
22:54:50.0224 5308 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:54:50.0225 5308 wlcrasvc - ok
22:54:50.0738 5308 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:54:50.0806 5308 wlidsvc - ok
22:54:51.0217 5308 wltrysvc - ok
22:54:51.0364 5308 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:54:51.0372 5308 WmiAcpi - ok
22:54:51.0652 5308 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
22:54:51.0654 5308 wmiApSrv - ok
22:54:51.0885 5308 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:54:51.0898 5308 WMPNetworkSvc - ok
22:54:51.0974 5308 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
22:54:51.0979 5308 WPCSvc - ok
22:54:52.0007 5308 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
22:54:52.0010 5308 WPDBusEnum - ok
22:54:52.0077 5308 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
22:54:52.0079 5308 WpdUsb - ok
22:54:52.0225 5308 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:54:52.0258 5308 WPFFontCache_v0400 - ok
22:54:52.0285 5308 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
22:54:52.0304 5308 ws2ifsl - ok
22:54:52.0330 5308 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
22:54:52.0333 5308 wscsvc - ok
22:54:52.0339 5308 WSearch - ok
22:54:52.0480 5308 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
22:54:52.0526 5308 wuauserv - ok
22:54:52.0706 5308 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:54:52.0708 5308 WUDFRd - ok
22:54:52.0748 5308 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
22:54:52.0751 5308 wudfsvc - ok
22:54:52.0781 5308 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
22:54:52.0782 5308 XAudio - ok
22:54:52.0823 5308 XAudioService (28dc5d626e036a75a572556f0a6eb1f6) C:\Windows\system32\DRIVERS\xaudio.exe
22:54:52.0829 5308 XAudioService - ok
22:54:52.0909 5308 yukonwlh (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
22:54:52.0925 5308 yukonwlh - ok
22:54:52.0955 5308 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
22:54:53.0799 5308 \Device\Harddisk0\DR0 - ok
22:54:53.0827 5308 Boot (0x1200) (d693e5470413dd234d04d52b000c8f34) \Device\Harddisk0\DR0\Partition0
22:54:53.0830 5308 \Device\Harddisk0\DR0\Partition0 - ok
22:54:53.0844 5308 Boot (0x1200) (ba23cf5b4c065cdc42baee0d57acc2d2) \Device\Harddisk0\DR0\Partition1
22:54:53.0846 5308 \Device\Harddisk0\DR0\Partition1 - ok
22:54:53.0846 5308 ============================================================
22:54:53.0846 5308 Scan finished
22:54:53.0846 5308 ============================================================
22:54:53.0858 3208 Detected object count: 0
22:54:53.0858 3208 Actual detected object count: 0
22:55:08.0774 3020 Deinitialize success


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-05-22 13:27:01
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD32 rev.01.0
Running: 7r788eef.exe; Driver: C:\Users\ShaneP\AppData\Local\Temp\uxdiqpog.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS ZwTerminateProcess [0x8F5C0640]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 621 826E0DA4 4 Bytes [40, 06, 5C, 8F]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[2568] ntdll.dll!LdrLoadDll 771D93A8 5 Bytes JMP 64F8C930 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2568] kernel32.dll!MapViewOfFile 773768F0 5 Bytes JMP 651BE083 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2568] kernel32.dll!VirtualAlloc 7737AD55 5 Bytes JMP 651BE0AA C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2568] GDI32.dll!CreateDIBSection 75D67461 5 Bytes JMP 651BE00D C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2584] USER32.dll!SetWindowLongA 75A3E7CD 5 Bytes JMP 65315EE6 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2584] USER32.dll!SetWindowLongW 75A413B4 5 Bytes JMP 65315E78 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2584] USER32.dll!GetWindowInfo 75A4428E 5 Bytes JMP 65104822 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2584] USER32.dll!TrackPopupMenu 75A514F3 5 Bytes JMP 65104DD6 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74077817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [740CA86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7407BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7406F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [740775E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7406E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [740A8395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7407DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7406FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7406FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [740671CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [740FCAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7409C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7406D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74066853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7406687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2136] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74072AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-22 13:28:02
-----------------------------
13:28:02.874 OS Version: Windows 6.0.6002 Service Pack 2
13:28:02.874 Number of processors: 2 586 0xF0D
13:28:02.875 ComputerName: SHANEP-PC UserName: ShaneP
13:28:04.202 Initialize success
13:29:01.457 AVAST engine defs: 12052200
13:29:49.975 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
13:29:49.979 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
13:29:50.186 Disk 0 MBR read successfully
13:29:50.190 Disk 0 MBR scan
13:29:50.195 Disk 0 Windows VISTA default MBR code
13:29:50.264 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
13:29:50.348 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 12831 MB offset 81920
13:29:50.375 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 289814 MB offset 26359808
13:29:50.382 Disk 0 Partition - 00 0F Extended LBA 2560 MB offset 619898880
13:29:50.543 Disk 0 Partition 4 00 DD MSDOS5.0 2559 MB offset 619900928
13:29:50.613 Disk 0 scanning sectors +625141760
13:29:50.954 Disk 0 scanning C:\Windows\system32\drivers
13:30:46.477 Service scanning
13:31:13.600 Modules scanning
13:32:54.588 Disk 0 trace - called modules:
13:32:54.610 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
13:32:54.611 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b1c0f8]
13:32:54.611 3 CLASSPNP.SYS[8ada18b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85906030]
13:32:55.701 AVAST engine scan C:\Windows
13:34:36.086 AVAST engine scan C:\Windows\system32
13:42:30.934 AVAST engine scan C:\Windows\system32\drivers
13:44:49.083 AVAST engine scan C:\Users\ShaneP
13:48:03.524 Disk 0 MBR has been saved successfully to "C:\Users\ShaneP\Desktop\MBR.dat"
13:48:03.534 The log file has been saved successfully to "C:\Users\ShaneP\Desktop\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:59 AM

Posted 22 May 2012 - 10:39 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.


Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#5 spalladino25

spalladino25
  • Topic Starter

  • Members
  • 266 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 24 May 2012 - 11:48 AM

Here is all the scans in order. Thank you for all your help. I really appreciate it.

Malwarebytes

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.23.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
ShaneP :: SHANEP-PC [administrator]

5/23/2012 1:37:21 AM
mbam-log-2012-05-23 (06-08-42).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 381000
Time elapsed: 1 hour(s), 9 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\ShaneP\AppData\Local\Temp\Rar$EX04.787\Convert X to DVD 3.3.4.106e & Keygen MULTI\Keygen.exe (RiskWare.Tool.CK) -> No action taken.
C:\Users\ShaneP\AppData\Local\Temp\Rar$EX06.394\Convert X to DVD 3.3.4.106e & Keygen MULTI\Keygen.exe (RiskWare.Tool.CK) -> No action taken.

(end)

ESET Scan

C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\ShaneP\AppData\Local\Temp\YontooSetup-S.exe probably a variant of Win32/Adware.SLITAT application cleaned by deleting - quarantined
C:\Users\ShaneP\AppData\Local\TempImages\UpdateInstaller.exe a variant of Win32/Agent.SZW trojan cleaned by deleting - quarantined

Mini Toolbox

MiniToolBox by Farbar Version: 18-01-2012
Ran by ShaneP (administrator) on 24-05-2012 at 12:42:33
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1395 WLAN Mini-Card = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ShaneP-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1395 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-23-4D-64-E3-D8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::19c4:9a7:8d0:dadb%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, May 24, 2012 12:54:39 AM
Lease Expires . . . . . . . . . . : Friday, May 25, 2012 12:54:36 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 201335629
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-78-A7-B3-00-21-9B-F2-D4-FA
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-21-9B-F2-D4-FA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{A58D5463-0E7A-4623-8391-23728A7B16C1}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1483:27f9:bbaf:d5de(Preferred)
Link-local IPv6 Address . . . . . : fe80::1483:27f9:bbaf:d5de%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{7E6434FD-C56B-443A-876D-CA0DE328DCF1}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.226.232
74.125.226.238
74.125.226.233
74.125.226.227
74.125.226.226
74.125.226.225
74.125.226.228
74.125.226.229
74.125.226.224
74.125.226.230
74.125.226.231



Pinging google.com [173.194.43.5] with 32 bytes of data:

Reply from 173.194.43.5: bytes=32 time=19ms TTL=53

Reply from 173.194.43.5: bytes=32 time=20ms TTL=53



Ping statistics for 173.194.43.5:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 19ms, Maximum = 20ms, Average = 19ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=50ms TTL=50

Reply from 209.191.122.70: bytes=32 time=48ms TTL=50



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 48ms, Maximum = 50ms, Average = 49ms

Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
12 ...00 23 4d 64 e3 d8 ...... Dell Wireless 1395 WLAN Mini-Card
11 ...00 21 9b f2 d4 fa ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
14 ...00 00 00 00 00 00 00 e0 isatap.{A58D5463-0E7A-4623-8391-23728A7B16C1}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
15 ...00 00 00 00 00 00 00 e0 isatap.{7E6434FD-C56B-443A-876D-CA0DE328DCF1}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.5 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.5 286
192.168.1.5 255.255.255.255 On-link 192.168.1.5 286
192.168.1.255 255.255.255.255 On-link 192.168.1.5 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.5 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.5 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 18 ::/0 On-link
1 306 ::1/128 On-link
10 18 2001::/32 On-link
10 266 2001:0:4137:9e76:1483:27f9:bbaf:d5de/128
On-link
12 286 fe80::/64 On-link
10 266 fe80::/64 On-link
10 266 fe80::1483:27f9:bbaf:d5de/128
On-link
12 286 fe80::19c4:9a7:8d0:dadb/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
12 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/24/2012 00:42:17 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: -583

Error: (05/24/2012 00:42:17 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: -583

Error: (05/24/2012 00:35:42 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: -583

Error: (05/24/2012 00:35:42 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: -583

Error: (05/24/2012 10:53:59 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the SystemIndex search index. Internal error <1, 0x80070003, Failed to create application directory: I:\Search\Data\Applications\>.

Error: (05/24/2012 10:53:58 AM) (Source: Windows Search Service) (User: )
Description: The gatherer service cannot be initialized.

Details:
The Temp folder is on a drive that is full or is inaccessible. Free up space on the drive or verify that you have write permission on the Temp folder. (0x80070660)

Error: (05/24/2012 10:53:58 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the SystemIndex search index. Internal error <1, 0x80070003, Failed to create application directory: I:\Search\Data\Applications\>.

Error: (05/24/2012 10:53:58 AM) (Source: Windows Search Service) (User: )
Description: The gatherer service cannot be initialized.

Details:
The Temp folder is on a drive that is full or is inaccessible. Free up space on the drive or verify that you have write permission on the Temp folder. (0x80070660)

Error: (05/24/2012 10:53:58 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the SystemIndex search index. Internal error <1, 0x80070003, Failed to create application directory: I:\Search\Data\Applications\>.

Error: (05/24/2012 10:53:58 AM) (Source: Windows Search Service) (User: )
Description: The gatherer service cannot be initialized.

Details:
The Temp folder is on a drive that is full or is inaccessible. Free up space on the drive or verify that you have write permission on the Temp folder. (0x80070660)


System errors:
=============
Error: (05/24/2012 10:54:02 AM) (Source: Service Control Manager) (User: )
Description: Windows Search138

Error: (05/24/2012 10:54:02 AM) (Source: Service Control Manager) (User: )
Description: Windows Search2147749155 (0x80040D23)

Error: (05/24/2012 10:54:02 AM) (Source: Service Control Manager) (User: )
Description: Windows Search137

Error: (05/24/2012 10:54:02 AM) (Source: Service Control Manager) (User: )
Description: Windows Search2147749155 (0x80040D23)

Error: (05/24/2012 10:54:01 AM) (Source: Service Control Manager) (User: )
Description: Windows Search136

Error: (05/24/2012 10:54:01 AM) (Source: Service Control Manager) (User: )
Description: Windows Search2147749155 (0x80040D23)

Error: (05/24/2012 10:54:01 AM) (Source: Service Control Manager) (User: )
Description: Windows Search135

Error: (05/24/2012 10:54:01 AM) (Source: Service Control Manager) (User: )
Description: Windows Search2147749155 (0x80040D23)

Error: (05/24/2012 10:54:01 AM) (Source: Service Control Manager) (User: )
Description: Windows Search134

Error: (05/24/2012 10:54:01 AM) (Source: Service Control Manager) (User: )
Description: Windows Search2147749155 (0x80040D23)


Microsoft Office Sessions:
=========================
Error: (03/29/2012 03:04:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 21 seconds with 0 seconds of active time. This session ended with a crash.

Error: (01/04/2012 11:14:56 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/30/2011 11:14:59 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 22 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/07/2011 06:37:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 14 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/07/2011 04:37:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 14 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/24/2011 02:03:59 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 36 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/23/2011 07:50:36 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/23/2011 07:50:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/23/2011 07:49:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/23/2011 07:49:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.1.3)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 10 ActiveX (Version: 10.0.45.2)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Reader X (10.1.0) (Version: 10.1.0)
Advanced Audio FX Engine
Advanced Video FX Engine
Apple Application Support (Version: 2.0.1)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
AT&T Natural Voices Audrey v. 1.4 (Version: 1.4)
AT&T Natural Voices Mike v. 1.4 (Version: 1.4)
Audacity 1.3.11 (Unicode)
Bonjour (Version: 3.0.0.2)
Browser Address Error Redirector (Version: 1.00.0000)
Call Graph
Camtasia Studio 7 (Version: 7.1.0)
CDDRV_Installer (Version: 4.60)
Cisco EAP-FAST Module (Version: 2.0.26)
Cisco LEAP Module (Version: 1.0.11)
Cisco PEAP Module (Version: 1.0.12)
Cobian Backup 10
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Conexant HDA D330 MDC V.92 Modem (Version: 7.74.00)
ConvertXtoDVD 4.0.9.322 (Version: 4.0.9.322)
D3DX10 (Version: 15.4.2368.0902)
Dell-eBay (Version: 1.00.0000)
Dell Dock (Version: 1.0.0)
Dell Driver Download Manager (Version: 2.1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Touchpad (Version: 7.1007.115.102)
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card (Version: 4.170.25.12)
Digital Line Detect (Version: 1.21)
DivX Version Checker (Version: 7.1.0.9)
Dragon NaturallySpeaking 9 (Version: 9.51.200)
Dropbox (Version: 1.2.52)
EDocs
Free WMA to MP3 Converter 1.16
Google Calendar Sync
Google Desktop (Version: 5.9.1005.12335)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Talk Plugin (Version: 2.9.10.7526)
Google Update Helper (Version: 1.3.21.111)
GoToAssist 8.0.0.514
GoToMeeting 4.5.0.457
HiJackThis (Version: 1.0.0)
IHA_MessageCenter (Version: 1.8.17)
ImgBurn (Version: 2.5.5.0)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes (Version: 10.4.1.10)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
KhalInstallWrapper (Version: 4.60.122)
LAME v3.98.3 for Audacity
Laptop Integrated Webcam Driver (1.04.01.1011)
Lexmark Z500-Z600 Series
LinkedIn Outlook Toolbar (Version: 2.7.3.1002)
Live! Cam Avatar Creator (Version: 4.6.0817.1)
Live! Cam Avatar v1.0 (Version: 1.0)
Logitech SetPoint (Version: 4.60)
Magic ISO Maker v5.5 (build 0276)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Marvell Miniport Driver (Version: 10.22.6.3)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Live Meeting 2007 (Version: 8.0.6362.190)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC90_CRT_x86 (Version: 1.0.0)
mIRC (Version: 7.19)
MobileMe Control Panel (Version: 3.1.6.0)
Modem Diagnostic Tool (Version: 1.0.20.0)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NextUp.com-NeoSpeech Paul16 Voice (Version: 3.01.0000)
OutlookTools 2 (Version: 2.2.0)
Paint.NET v3.5.2 (Version: 3.52.0)
QuickSet (Version: 8.2.20)
QuickTime (Version: 7.70.80.34)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (Version: 3.51.01)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
SeaTools for Windows (Version: 1.2.0.5)
Segoe UI (Version: 15.4.2271.0615)
SigmaTel Audio (Version: 5.10.5210.0)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.5 (Version: 5.5.124)
Sound Organizer (Version: 1.1.1.12161)
SUPERAntiSpyware (Version: 5.0.1150)
SWF & FLV Player 3.0 (build 3.0.33.5106) (Version: 3.0.33.5106)
TextAloud (Version: 2.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2586924)
uTorrentControl2 Toolbar (Version: 6.8.9.0)
VLC media player 1.1.11 (Version: 1.1.11)
Vz In Home Agent (Version: 8.03.53)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
Yontoo 1.10.02 (Version: 1.10.02)

========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 3061.31 MB
Available physical RAM: 1545.23 MB
Total Pagefile: 6328.93 MB
Available Pagefile: 4728.1 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.73 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:283.02 GB) (Free:14.05 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.53 GB) (Free:7.51 GB) NTFS

========================= Users: ========================================

User accounts for \\SHANEP-PC

Administrator Guest ShaneP


**** End of log ****

FSS

Farbar Service Scanner Version: 17-05-2012
Ran by ShaneP (administrator) on 24-05-2012 at 12:44:51
Running from "C:\Users\ShaneP\Downloads"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2011-08-28 11:48] - [2011-06-17 16:13] - 0905104 ____A (Microsoft Corporation) 2756186E287139310997090797E0182B

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:59 AM

Posted 24 May 2012 - 12:37 PM

I do not find any issues with windows update in your logs

Try to update now,if you have issues run this fixit

http://support.microsoft.com/kb/971058

#7 spalladino25

spalladino25
  • Topic Starter

  • Members
  • 266 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 24 May 2012 - 01:29 PM

I'm still getting the same error message when I go to click on the windows update. It says...

" Windows update cannot currently check for updates because
the service is not running. You may need to restart your computer."

I'm not sure why it's saying that but it won't let me update windows. Any ideas?

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:59 AM

Posted 24 May 2012 - 01:50 PM

Did you run the previous fixit ?

If yes then try this

Download

http://go.microsoft.com/?linkid=9643523

Run it in AGGRESSIVE MODE

Restart the PC and try to install updates

#9 spalladino25

spalladino25
  • Topic Starter

  • Members
  • 266 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 24 May 2012 - 02:15 PM

I did run the fixit program and it didn't work. I'll try this one and let you know. Thanks.

#10 spalladino25

spalladino25
  • Topic Starter

  • Members
  • 266 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 24 May 2012 - 02:24 PM

I run the program just as you said, in aggressive mode and did a restart and I still got the same error message as before
and it won't let me do an update. Weird right?

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:59 AM

Posted 24 May 2012 - 02:36 PM

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Restart the PC and try to update

#12 spalladino25

spalladino25
  • Topic Starter

  • Members
  • 266 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 24 May 2012 - 10:16 PM

I did exactly as you said and I still got the same error message.

" Windows update cannot currently check for updates because
the service is not running. You may need to restart your computer."

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:59 AM

Posted 24 May 2012 - 10:41 PM

Download

Windows update agent

Install it,restart the PC and try to check for updates

If that doesnt work,open command prompt as admin and run these commands one by one

net stop bits
net stop cryptsvc
net stop wuauserv
cd c:\windows\system32
ren catroot2 catroot2.old
cd c:\windows
ren softwaredistribution softwaredistribution.old


Restart the PC

Edited by narenxp, 24 May 2012 - 10:44 PM.


#14 spalladino25

spalladino25
  • Topic Starter

  • Members
  • 266 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 24 May 2012 - 11:26 PM

I did exactly as you said, to the letter. I opened the command prompt as an admin and I typed in everything you
you put there, in order, and I still got the same error message as before.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:59 AM

Posted 25 May 2012 - 05:39 AM

Did you try installing windows update agent?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users