Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Aftermath of SMART HDD virus


  • Please log in to reply
11 replies to this topic

#1 ryantf

ryantf

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:05 AM

Posted 19 June 2012 - 12:31 PM

I had the Smart HDD virus, which I thought I had removed. But now I am experiencing browser redirects when clicking on search engine links. I have run Malwarebytes and ESET full scans which show no errors. I am at a loss. I am running Windows XP SP 3. I also get frequent messages from Malwarebytes that it is blocking an outgoing request to 206.161.121.6. Superantispyware did not pick up on anything but cookies either.

UPDATE

I am also getting what looks like a system message a box that says:

Windows Internet Explorer

Are you sure you want to navigate away from this page?

Are you shure?

Press OK to continue, or Cancel to stay on the current page.


The misspelling of "shure" sends a red flag.

Edited by ryantf, 19 June 2012 - 12:59 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:05 AM

Posted 19 June 2012 - 01:59 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 ryantf

ryantf
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:05 AM

Posted 19 June 2012 - 07:43 PM

I could not get TDSSkiller to run. I tried changing the name to iexplore.exe as well as tried in safe mode. Additionally, aswMBR would not run.

I did get GMER to run, here is the log:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-06-19 17:32:44
Windows 5.1.2600 Service Pack 3
Running: tf8vstzn.exe; Driver: C:\DOCUME~1\RYANFI~1\LOCALS~1\Temp\pxtiypow.sys


---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@LoadAppInit_DLLs 1

---- Files - GMER 1.0.15 ----

File C:\Documents and Settings\Ryan Fischer\Cookies\PQ56H1K1.txt 0 bytes

---- EOF - GMER 1.0.15 ----

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:05 AM

Posted 19 June 2012 - 08:07 PM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot,click on REPAIR

Now run TDSSkiller and aswmbr ,post the logs

good luck

#5 ryantf

ryantf
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:05 AM

Posted 19 June 2012 - 08:33 PM

TDSSKiller:

18:17:59.0812 4824 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
18:18:00.0359 4824 ============================================================
18:18:00.0359 4824 Current date / time: 2012/06/19 18:18:00.0359
18:18:00.0359 4824 SystemInfo:
18:18:00.0359 4824
18:18:00.0359 4824 OS Version: 5.1.2600 ServicePack: 3.0
18:18:00.0359 4824 Product type: Workstation
18:18:00.0359 4824 ComputerName: HPPAVILION
18:18:00.0359 4824 UserName: Ryan Fischer
18:18:00.0359 4824 Windows directory: C:\WINDOWS
18:18:00.0359 4824 System windows directory: C:\WINDOWS
18:18:00.0359 4824 Processor architecture: Intel x86
18:18:00.0359 4824 Number of processors: 4
18:18:00.0359 4824 Page size: 0x1000
18:18:00.0359 4824 Boot type: Normal boot
18:18:00.0359 4824 ============================================================
18:18:02.0109 4824 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:18:02.0125 4824 ============================================================
18:18:02.0125 4824 \Device\Harddisk0\DR0:
18:18:02.0125 4824 MBR partitions:
18:18:02.0125 4824 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1A4F3A
18:18:02.0125 4824 ============================================================
18:18:02.0218 4824 C: <-> \Device\Harddisk0\DR0\Partition0
18:18:02.0218 4824 ============================================================
18:18:02.0218 4824 Initialize success
18:18:02.0218 4824 ============================================================
18:18:07.0296 5240 ============================================================
18:18:07.0296 5240 Scan started
18:18:07.0296 5240 Mode: Manual; TDLFS;
18:18:07.0296 5240 ============================================================
18:18:07.0828 5240 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
18:18:07.0828 5240 !SASCORE - ok
18:18:07.0921 5240 Abiosdsk - ok
18:18:07.0921 5240 abp480n5 - ok
18:18:07.0984 5240 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:18:07.0984 5240 ACPI - ok
18:18:08.0015 5240 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:18:08.0015 5240 ACPIEC - ok
18:18:08.0062 5240 AdobeActiveFileMonitor9.0 (1474f121c3df1232d3e7239c03691ee6) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
18:18:08.0062 5240 AdobeActiveFileMonitor9.0 - ok
18:18:08.0171 5240 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:18:08.0171 5240 AdobeFlashPlayerUpdateSvc - ok
18:18:08.0171 5240 adpu160m - ok
18:18:08.0218 5240 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:18:08.0218 5240 aec - ok
18:18:08.0281 5240 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:18:08.0281 5240 AFD - ok
18:18:08.0281 5240 Aha154x - ok
18:18:08.0281 5240 aic78u2 - ok
18:18:08.0281 5240 aic78xx - ok
18:18:08.0312 5240 AirPrint - ok
18:18:08.0546 5240 Akamai (c775d704feb2b600a5bf7b0b088546af) c:\program files\common files\akamai/netsession_win_80c2ffa.dll
18:18:08.0546 5240 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af
18:18:08.0562 5240 Akamai ( HiddenFile.Multi.Generic ) - warning
18:18:08.0562 5240 Akamai - detected HiddenFile.Multi.Generic (1)
18:18:08.0656 5240 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
18:18:08.0656 5240 Alerter - ok
18:18:08.0687 5240 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
18:18:08.0687 5240 ALG - ok
18:18:08.0703 5240 AliIde - ok
18:18:08.0703 5240 amsint - ok
18:18:08.0875 5240 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:18:08.0875 5240 Apple Mobile Device - ok
18:18:08.0890 5240 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
18:18:08.0906 5240 AppMgmt - ok
18:18:08.0921 5240 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:18:08.0921 5240 Arp1394 - ok
18:18:08.0921 5240 asc - ok
18:18:08.0921 5240 asc3350p - ok
18:18:08.0921 5240 asc3550 - ok
18:18:09.0046 5240 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:18:09.0046 5240 aspnet_state - ok
18:18:09.0062 5240 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:18:09.0062 5240 AsyncMac - ok
18:18:09.0109 5240 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:18:09.0109 5240 atapi - ok
18:18:09.0109 5240 Atdisk - ok
18:18:09.0140 5240 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:18:09.0140 5240 Atmarpc - ok
18:18:09.0171 5240 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
18:18:09.0171 5240 AudioSrv - ok
18:18:09.0234 5240 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:18:09.0234 5240 audstub - ok
18:18:09.0296 5240 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:18:09.0296 5240 Beep - ok
18:18:09.0593 5240 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120531.001\BHDrvx86.sys
18:18:09.0609 5240 BHDrvx86 - ok
18:18:09.0687 5240 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
18:18:09.0687 5240 BITS - ok
18:18:09.0843 5240 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
18:18:09.0843 5240 Bonjour Service - ok
18:18:09.0906 5240 brfilt (4ba311473e0d8557827e6f2fe33a8095) C:\WINDOWS\system32\Drivers\Brfilt.sys
18:18:09.0906 5240 brfilt - ok
18:18:09.0921 5240 brmfrmps (bb192385661daf7f3d48b586f6e1d166) C:\WINDOWS\system32\Brmfrmps.exe
18:18:09.0921 5240 brmfrmps - ok
18:18:09.0968 5240 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
18:18:09.0984 5240 Browser - ok
18:18:09.0984 5240 BrSerWDM (791ef93168dcf057715493d607e37983) C:\WINDOWS\system32\Drivers\BrSerWdm.sys
18:18:09.0984 5240 BrSerWDM - ok
18:18:10.0000 5240 BrUsbMdm (37e2d0b12ddf536cd64af6eb3b580ef8) C:\WINDOWS\system32\Drivers\BrUsbMdm.sys
18:18:10.0000 5240 BrUsbMdm - ok
18:18:10.0000 5240 BrUsbScn (1c5f014048e5b2748c1a8ad297c50b6f) C:\WINDOWS\system32\Drivers\BrUsbScn.sys
18:18:10.0000 5240 BrUsbScn - ok
18:18:10.0203 5240 catchme - ok
18:18:10.0250 5240 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:18:10.0250 5240 cbidf2k - ok
18:18:10.0406 5240 CCCDeltaServer (47d6b6b594f01eacba8dd233077d1785) C:\Program Files\AVAYA\IP Office\CCC\deltaserver\deltaserverservice.exe
18:18:10.0421 5240 CCCDeltaServer - ok
18:18:10.0562 5240 ccSet_N360 (599e7f6259a127c174c49938d2aa6a60) C:\WINDOWS\system32\drivers\N360\0602010.005\ccSetx86.sys
18:18:10.0562 5240 ccSet_N360 - ok
18:18:10.0578 5240 cd20xrnt - ok
18:18:10.0578 5240 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:18:10.0578 5240 Cdaudio - ok
18:18:10.0625 5240 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:18:10.0625 5240 Cdfs - ok
18:18:10.0687 5240 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:18:10.0687 5240 Cdrom - ok
18:18:10.0703 5240 Changer - ok
18:18:10.0734 5240 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
18:18:10.0734 5240 CiSvc - ok
18:18:10.0750 5240 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
18:18:10.0750 5240 ClipSrv - ok
18:18:10.0859 5240 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:18:10.0859 5240 clr_optimization_v2.0.50727_32 - ok
18:18:10.0859 5240 CmdIde - ok
18:18:10.0875 5240 COMSysApp - ok
18:18:10.0875 5240 Cpqarray - ok
18:18:10.0921 5240 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
18:18:10.0921 5240 CryptSvc - ok
18:18:10.0937 5240 dac2w2k - ok
18:18:10.0937 5240 dac960nt - ok
18:18:11.0000 5240 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
18:18:11.0015 5240 DcomLaunch - ok
18:18:11.0015 5240 DgiVecp - ok
18:18:11.0015 5240 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
18:18:11.0031 5240 Dhcp - ok
18:18:11.0078 5240 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:18:11.0078 5240 Disk - ok
18:18:11.0078 5240 dmadmin - ok
18:18:11.0140 5240 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
18:18:11.0140 5240 dmboot - ok
18:18:11.0156 5240 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\DRIVERS\dmio.sys
18:18:11.0156 5240 dmio - ok
18:18:11.0171 5240 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:18:11.0171 5240 dmload - ok
18:18:11.0203 5240 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
18:18:11.0203 5240 dmserver - ok
18:18:11.0250 5240 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:18:11.0250 5240 DMusic - ok
18:18:11.0296 5240 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
18:18:11.0296 5240 Dnscache - ok
18:18:11.0328 5240 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
18:18:11.0328 5240 Dot3svc - ok
18:18:11.0484 5240 DpHost (3e5c5bc3bbd39a264d200f3b75dc459a) C:\Program Files\ZKSensor\bin\DpHost.exe
18:18:11.0484 5240 DpHost - ok
18:18:11.0531 5240 dpK00701 (b012a07b584d3a3d6f7c1770ed76e409) C:\WINDOWS\system32\DRIVERS\dpK00701.sys
18:18:11.0531 5240 dpK00701 - ok
18:18:11.0531 5240 dpti2o - ok
18:18:11.0578 5240 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:18:11.0578 5240 drmkaud - ok
18:18:11.0593 5240 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
18:18:11.0593 5240 EapHost - ok
18:18:11.0687 5240 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
18:18:11.0687 5240 eeCtrl - ok
18:18:11.0718 5240 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:18:11.0718 5240 EraserUtilRebootDrv - ok
18:18:11.0750 5240 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
18:18:11.0750 5240 ERSvc - ok
18:18:11.0812 5240 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
18:18:11.0812 5240 Eventlog - ok
18:18:11.0875 5240 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
18:18:11.0875 5240 EventSystem - ok
18:18:11.0906 5240 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:18:11.0906 5240 Fastfat - ok
18:18:11.0953 5240 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
18:18:11.0953 5240 FastUserSwitchingCompatibility - ok
18:18:12.0000 5240 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
18:18:12.0000 5240 Fdc - ok
18:18:12.0015 5240 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
18:18:12.0015 5240 Fips - ok
18:18:12.0015 5240 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
18:18:12.0015 5240 Flpydisk - ok
18:18:12.0078 5240 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:18:12.0078 5240 FltMgr - ok
18:18:12.0203 5240 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:18:12.0203 5240 FontCache3.0.0.0 - ok
18:18:12.0250 5240 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:18:12.0250 5240 Fs_Rec - ok
18:18:12.0250 5240 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:18:12.0250 5240 Ftdisk - ok
18:18:12.0312 5240 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:18:12.0312 5240 GEARAspiWDM - ok
18:18:12.0406 5240 getPlusHelper (9599a713e1776b8f69300fc9008f33c1) C:\Program Files\NOS\bin\getPlus_Helper.dll
18:18:12.0406 5240 getPlusHelper - ok
18:18:12.0437 5240 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:18:12.0453 5240 Gpc - ok
18:18:12.0546 5240 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
18:18:12.0546 5240 gupdate - ok
18:18:12.0546 5240 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
18:18:12.0546 5240 gupdatem - ok
18:18:12.0609 5240 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:18:12.0609 5240 gusvc - ok
18:18:12.0656 5240 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:18:12.0671 5240 HDAudBus - ok
18:18:12.0765 5240 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:18:12.0765 5240 helpsvc - ok
18:18:12.0781 5240 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
18:18:12.0781 5240 HidServ - ok
18:18:12.0828 5240 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:18:12.0828 5240 hidusb - ok
18:18:12.0875 5240 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
18:18:12.0875 5240 hkmsvc - ok
18:18:12.0875 5240 hpn - ok
18:18:12.0921 5240 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:18:12.0937 5240 HTTP - ok
18:18:12.0968 5240 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
18:18:12.0968 5240 HTTPFilter - ok
18:18:12.0968 5240 i2omgmt - ok
18:18:12.0984 5240 i2omp - ok
18:18:13.0031 5240 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:18:13.0031 5240 i8042prt - ok
18:18:13.0281 5240 ialm (3b743262b6456167888d15f1121b3bf7) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
18:18:13.0312 5240 ialm - ok
18:18:13.0468 5240 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:18:13.0468 5240 IDriverT - ok
18:18:13.0687 5240 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:18:13.0687 5240 idsvc - ok
18:18:14.0031 5240 IDSxpx86 (c924bf6d42b3d9292268ff1998596bd1) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120613.007\IDSxpx86.sys
18:18:14.0031 5240 IDSxpx86 - ok
18:18:14.0109 5240 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:18:14.0109 5240 Imapi - ok
18:18:14.0171 5240 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
18:18:14.0171 5240 ImapiService - ok
18:18:14.0187 5240 ini910u - ok
18:18:14.0390 5240 IntcAzAudAddService (14b48553be78472d2bd3a518658a1710) C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:18:14.0421 5240 IntcAzAudAddService - ok
18:18:14.0515 5240 IntelIde - ok
18:18:14.0562 5240 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:18:14.0562 5240 intelppm - ok
18:18:14.0593 5240 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:18:14.0593 5240 Ip6Fw - ok
18:18:14.0625 5240 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:18:14.0625 5240 IpFilterDriver - ok
18:18:14.0656 5240 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:18:14.0656 5240 IpInIp - ok
18:18:14.0687 5240 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:18:14.0687 5240 IpNat - ok
18:18:14.0812 5240 iPod Service (ce004777b92dea56fe14ec900d20baa4) C:\Program Files\iPod\bin\iPodService.exe
18:18:14.0828 5240 iPod Service - ok
18:18:14.0890 5240 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:18:14.0890 5240 IPSec - ok
18:18:14.0906 5240 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:18:14.0906 5240 IRENUM - ok
18:18:14.0953 5240 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:18:14.0953 5240 isapnp - ok
18:18:15.0062 5240 iZHost (4f7ce0889c337f37531ff6144fa31914) C:\Program Files\ZKSensor\bin\iZHost.exe
18:18:15.0062 5240 iZHost - ok
18:18:15.0218 5240 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
18:18:15.0218 5240 JavaQuickStarterService - ok
18:18:15.0234 5240 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:18:15.0234 5240 Kbdclass - ok
18:18:15.0281 5240 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:18:15.0281 5240 kbdhid - ok
18:18:15.0343 5240 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:18:15.0343 5240 kmixer - ok
18:18:15.0375 5240 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:18:15.0375 5240 KSecDD - ok
18:18:15.0421 5240 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
18:18:15.0421 5240 LanmanServer - ok
18:18:15.0468 5240 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
18:18:15.0484 5240 lanmanworkstation - ok
18:18:15.0484 5240 lbrtfdc - ok
18:18:15.0546 5240 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
18:18:15.0546 5240 LmHosts - ok
18:18:15.0593 5240 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
18:18:15.0593 5240 MBAMProtector - ok
18:18:15.0625 5240 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:18:15.0640 5240 MBAMService - ok
18:18:15.0687 5240 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
18:18:15.0687 5240 Messenger - ok
18:18:15.0734 5240 mf (a7da20ab18a1bdae28b0f349e57da0d1) C:\WINDOWS\system32\DRIVERS\mf.sys
18:18:15.0734 5240 mf - ok
18:18:15.0781 5240 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:18:15.0781 5240 mnmdd - ok
18:18:15.0843 5240 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
18:18:15.0843 5240 mnmsrvc - ok
18:18:15.0890 5240 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
18:18:15.0890 5240 Modem - ok
18:18:15.0937 5240 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:18:15.0937 5240 Mouclass - ok
18:18:15.0968 5240 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:18:15.0968 5240 mouhid - ok
18:18:16.0015 5240 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:18:16.0015 5240 MountMgr - ok
18:18:16.0062 5240 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:18:16.0062 5240 MozillaMaintenance - ok
18:18:16.0078 5240 mraid35x - ok
18:18:16.0109 5240 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:18:16.0125 5240 MRxDAV - ok
18:18:16.0187 5240 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:18:16.0187 5240 MRxSmb - ok
18:18:16.0234 5240 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
18:18:16.0234 5240 MSDTC - ok
18:18:16.0250 5240 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:18:16.0250 5240 Msfs - ok
18:18:16.0250 5240 MSIServer - ok
18:18:16.0281 5240 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:18:16.0281 5240 MSKSSRV - ok
18:18:16.0312 5240 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:18:16.0312 5240 MSPCLOCK - ok
18:18:16.0312 5240 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:18:16.0312 5240 MSPQM - ok
18:18:16.0343 5240 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:18:16.0343 5240 mssmbios - ok
18:18:16.0375 5240 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:18:16.0375 5240 Mup - ok
18:18:16.0468 5240 N360 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
18:18:16.0468 5240 N360 - ok
18:18:16.0531 5240 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
18:18:16.0531 5240 napagent - ok
18:18:16.0734 5240 NAVENG (f11033730b38260b6892e837c457fb4b) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120619.009\NAVENG.SYS
18:18:16.0750 5240 NAVENG - ok
18:18:16.0812 5240 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120619.009\NAVEX15.SYS
18:18:16.0812 5240 NAVEX15 - ok
18:18:16.0953 5240 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:18:16.0953 5240 NDIS - ok
18:18:17.0000 5240 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:18:17.0000 5240 NdisTapi - ok
18:18:17.0046 5240 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:18:17.0046 5240 Ndisuio - ok
18:18:17.0062 5240 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:18:17.0062 5240 NdisWan - ok
18:18:17.0125 5240 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:18:17.0125 5240 NDProxy - ok
18:18:17.0125 5240 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:18:17.0125 5240 NetBIOS - ok
18:18:17.0187 5240 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:18:17.0187 5240 NetBT - ok
18:18:17.0234 5240 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
18:18:17.0234 5240 NetDDE - ok
18:18:17.0250 5240 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
18:18:17.0250 5240 NetDDEdsdm - ok
18:18:17.0296 5240 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:18:17.0296 5240 Netlogon - ok
18:18:17.0312 5240 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
18:18:17.0312 5240 Netman - ok
18:18:17.0453 5240 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:18:17.0453 5240 NetTcpPortSharing - ok
18:18:17.0468 5240 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:18:17.0468 5240 NIC1394 - ok
18:18:17.0531 5240 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
18:18:17.0531 5240 Nla - ok
18:18:17.0531 5240 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:18:17.0531 5240 Npfs - ok
18:18:17.0546 5240 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:18:17.0562 5240 Ntfs - ok
18:18:17.0562 5240 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:18:17.0562 5240 NtLmSsp - ok
18:18:17.0593 5240 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
18:18:17.0593 5240 NtmsSvc - ok
18:18:17.0640 5240 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:18:17.0640 5240 Null - ok
18:18:17.0781 5240 nv (933a02052aed2da698811a14b7848faf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:18:17.0796 5240 nv - ok
18:18:17.0875 5240 NVSvc (87445455aef55e3ed41d25a803c545fe) C:\WINDOWS\system32\nvsvc32.exe
18:18:17.0890 5240 NVSvc - ok
18:18:17.0937 5240 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:18:17.0937 5240 NwlnkFlt - ok
18:18:17.0953 5240 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:18:17.0953 5240 NwlnkFwd - ok
18:18:18.0000 5240 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:18:18.0000 5240 ohci1394 - ok
18:18:18.0109 5240 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:18:18.0109 5240 ose - ok
18:18:18.0156 5240 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
18:18:18.0156 5240 Parport - ok
18:18:18.0156 5240 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:18:18.0156 5240 PartMgr - ok
18:18:18.0203 5240 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
18:18:18.0203 5240 ParVdm - ok
18:18:18.0265 5240 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
18:18:18.0265 5240 PCI - ok
18:18:18.0265 5240 PCIDump - ok
18:18:18.0312 5240 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:18:18.0312 5240 PCIIde - ok
18:18:18.0359 5240 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:18:18.0359 5240 Pcmcia - ok
18:18:18.0359 5240 PDCOMP - ok
18:18:18.0359 5240 PDFRAME - ok
18:18:18.0375 5240 PDRELI - ok
18:18:18.0375 5240 PDRFRAME - ok
18:18:18.0375 5240 perc2 - ok
18:18:18.0375 5240 perc2hib - ok
18:18:19.0140 5240 PEVSystemStart (f042ee4c8d66248d9b86dcf52abae416) C:\ComboFix\pev.3XE
18:18:19.0140 5240 PEVSystemStart - ok
18:18:19.0687 5240 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
18:18:19.0687 5240 PlugPlay - ok
18:18:19.0796 5240 pmem (fa292805788528c083f416e151b60ab6) C:\WINDOWS\system32\DRIVERS\pmemnt.sys
18:18:19.0796 5240 pmem - ok
18:18:19.0921 5240 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:18:19.0921 5240 PolicyAgent - ok
18:18:20.0125 5240 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:18:20.0125 5240 PptpMiniport - ok
18:18:20.0140 5240 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:18:20.0140 5240 ProtectedStorage - ok
18:18:20.0578 5240 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:18:20.0578 5240 PSched - ok
18:18:20.0750 5240 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:18:20.0750 5240 Ptilink - ok
18:18:20.0843 5240 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:18:20.0843 5240 PxHelp20 - ok
18:18:20.0843 5240 ql1080 - ok
18:18:20.0859 5240 Ql10wnt - ok
18:18:20.0859 5240 ql12160 - ok
18:18:20.0859 5240 ql1240 - ok
18:18:20.0859 5240 ql1280 - ok
18:18:20.0953 5240 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:18:20.0953 5240 RasAcd - ok
18:18:21.0187 5240 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
18:18:21.0187 5240 RasAuto - ok
18:18:21.0328 5240 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:18:21.0328 5240 Rasl2tp - ok
18:18:22.0125 5240 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
18:18:22.0125 5240 RasMan - ok
18:18:22.0406 5240 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:18:22.0406 5240 RasPppoe - ok
18:18:22.0546 5240 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:18:22.0546 5240 Raspti - ok
18:18:23.0015 5240 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:18:23.0015 5240 Rdbss - ok
18:18:23.0062 5240 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:18:23.0062 5240 RDPCDD - ok
18:18:23.0187 5240 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:18:23.0187 5240 rdpdr - ok
18:18:23.0796 5240 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
18:18:23.0796 5240 RDPWD - ok
18:18:23.0859 5240 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
18:18:23.0859 5240 RDSessMgr - ok
18:18:23.0906 5240 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:18:23.0906 5240 redbook - ok
18:18:23.0937 5240 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
18:18:23.0953 5240 RemoteAccess - ok
18:18:23.0984 5240 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
18:18:23.0984 5240 RemoteRegistry - ok
18:18:24.0031 5240 RimUsb (616eac1b0e48b236a5a9b8ae07fdb81c) C:\WINDOWS\system32\Drivers\RimUsb.sys
18:18:24.0031 5240 RimUsb - ok
18:18:24.0062 5240 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
18:18:24.0062 5240 RimVSerPort - ok
18:18:24.0078 5240 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
18:18:24.0078 5240 ROOTMODEM - ok
18:18:24.0109 5240 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
18:18:24.0109 5240 RpcLocator - ok
18:18:24.0187 5240 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
18:18:24.0187 5240 RpcSs - ok
18:18:24.0203 5240 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
18:18:24.0203 5240 RSVP - ok
18:18:24.0265 5240 RTLE8023xp (6fc7ddf3b8d94fba7ac664452d6478d4) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
18:18:24.0265 5240 RTLE8023xp - ok
18:18:24.0312 5240 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
18:18:24.0312 5240 SamSs - ok
18:18:24.0421 5240 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:18:24.0421 5240 SASDIFSV - ok
18:18:24.0437 5240 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:18:24.0437 5240 SASKUTIL - ok
18:18:24.0468 5240 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
18:18:24.0468 5240 SCardSvr - ok
18:18:24.0531 5240 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
18:18:24.0531 5240 Schedule - ok
18:18:24.0562 5240 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:18:24.0562 5240 Secdrv - ok
18:18:24.0687 5240 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
18:18:24.0703 5240 seclogon - ok
18:18:24.0781 5240 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
18:18:24.0781 5240 SENS - ok
18:18:24.0812 5240 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
18:18:24.0812 5240 Serial - ok
18:18:24.0828 5240 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:18:24.0828 5240 Sfloppy - ok
18:18:24.0906 5240 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
18:18:24.0906 5240 SharedAccess - ok
18:18:24.0968 5240 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
18:18:24.0968 5240 ShellHWDetection - ok
18:18:24.0968 5240 Simbad - ok
18:18:24.0968 5240 Sparrow - ok
18:18:25.0031 5240 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:18:25.0031 5240 splitter - ok
18:18:25.0156 5240 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
18:18:25.0156 5240 Spooler - ok
18:18:25.0203 5240 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
18:18:25.0203 5240 sr - ok
18:18:25.0218 5240 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
18:18:25.0218 5240 srservice - ok
18:18:25.0328 5240 SRTSP (9dd258ee034afd36259cb7357e19d0b1) C:\WINDOWS\System32\Drivers\N360\0602010.005\SRTSP.SYS
18:18:25.0343 5240 SRTSP - ok
18:18:25.0375 5240 SRTSPX (0cc3a10f363436c7b478419eb73f8d91) C:\WINDOWS\system32\drivers\N360\0602010.005\SRTSPX.SYS
18:18:25.0375 5240 SRTSPX - ok
18:18:25.0421 5240 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:18:25.0421 5240 Srv - ok
18:18:25.0468 5240 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
18:18:25.0468 5240 SSDPSRV - ok
18:18:25.0531 5240 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
18:18:25.0531 5240 stisvc - ok
18:18:25.0578 5240 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:18:25.0578 5240 swenum - ok
18:18:25.0703 5240 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:18:25.0703 5240 swmidi - ok
18:18:25.0703 5240 SwPrv - ok
18:18:25.0703 5240 symc810 - ok
18:18:25.0718 5240 symc8xx - ok
18:18:25.0781 5240 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\N360\0602010.005\SYMDS.SYS
18:18:25.0781 5240 SymDS - ok
18:18:25.0812 5240 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\WINDOWS\system32\drivers\N360\0602010.005\SYMEFA.SYS
18:18:25.0828 5240 SymEFA - ok
18:18:25.0859 5240 SymEvent (74e2521e96176a4449570e50be91954d) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
18:18:25.0859 5240 SymEvent - ok
18:18:25.0875 5240 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\WINDOWS\system32\drivers\N360\0602010.005\Ironx86.SYS
18:18:25.0890 5240 SymIRON - ok
18:18:25.0906 5240 SYMTDI (508bd882040f9cb12319e3a4fc78edb9) C:\WINDOWS\System32\Drivers\N360\0602010.005\SYMTDI.SYS
18:18:25.0906 5240 SYMTDI - ok
18:18:25.0906 5240 sym_hi - ok
18:18:25.0906 5240 sym_u3 - ok
18:18:25.0968 5240 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:18:25.0968 5240 sysaudio - ok
18:18:26.0031 5240 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
18:18:26.0031 5240 SysmonLog - ok
18:18:26.0046 5240 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
18:18:26.0046 5240 TapiSrv - ok
18:18:26.0109 5240 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:18:26.0109 5240 Tcpip - ok
18:18:26.0156 5240 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:18:26.0156 5240 TDPIPE - ok
18:18:26.0171 5240 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:18:26.0171 5240 TDTCP - ok
18:18:26.0218 5240 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:18:26.0218 5240 TermDD - ok
18:18:26.0250 5240 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
18:18:26.0250 5240 TermService - ok
18:18:26.0312 5240 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
18:18:26.0312 5240 Themes - ok
18:18:26.0375 5240 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
18:18:26.0375 5240 TlntSvr - ok
18:18:26.0375 5240 TosIde - ok
18:18:26.0421 5240 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
18:18:26.0421 5240 TrkWks - ok
18:18:26.0484 5240 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:18:26.0484 5240 Udfs - ok
18:18:26.0484 5240 ultra - ok
18:18:26.0593 5240 UltraMonUtility (5a5bd0f66e84eb039cb227520d49908c) C:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys
18:18:26.0593 5240 UltraMonUtility - ok
18:18:26.0750 5240 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:18:26.0750 5240 Update - ok
18:18:26.0812 5240 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
18:18:26.0812 5240 upnphost - ok
18:18:26.0843 5240 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
18:18:26.0843 5240 UPS - ok
18:18:26.0890 5240 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
18:18:26.0890 5240 USBAAPL - ok
18:18:26.0937 5240 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
18:18:26.0937 5240 usbaudio - ok
18:18:26.0984 5240 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:18:26.0984 5240 usbccgp - ok
18:18:27.0015 5240 usbdpfp (c7722a92ea3d49631efdb0cd37ec4a47) C:\WINDOWS\system32\DRIVERS\usbdpfp.sys
18:18:27.0015 5240 usbdpfp - ok
18:18:27.0046 5240 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:18:27.0046 5240 usbehci - ok
18:18:27.0046 5240 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:18:27.0046 5240 usbhub - ok
18:18:27.0078 5240 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:18:27.0078 5240 usbprint - ok
18:18:27.0093 5240 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:18:27.0093 5240 usbscan - ok
18:18:27.0109 5240 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:18:27.0109 5240 USBSTOR - ok
18:18:27.0109 5240 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:18:27.0109 5240 usbuhci - ok
18:18:27.0156 5240 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:18:27.0156 5240 VgaSave - ok
18:18:27.0156 5240 ViaIde - ok
18:18:27.0171 5240 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
18:18:27.0171 5240 VolSnap - ok
18:18:27.0234 5240 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
18:18:27.0234 5240 VSS - ok
18:18:27.0296 5240 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
18:18:27.0296 5240 W32Time - ok
18:18:27.0312 5240 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:18:27.0312 5240 Wanarp - ok
18:18:27.0375 5240 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
18:18:27.0375 5240 Wdf01000 - ok
18:18:27.0375 5240 WDICA - ok
18:18:27.0437 5240 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:18:27.0437 5240 wdmaud - ok
18:18:27.0453 5240 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
18:18:27.0453 5240 WebClient - ok
18:18:27.0656 5240 WinDefend (f45dd1e1365d857dd08bc23563370d0e) C:\Program Files\Windows Defender\MsMpEng.exe
18:18:27.0656 5240 WinDefend - ok
18:18:27.0750 5240 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
18:18:27.0750 5240 winmgmt - ok
18:18:27.0796 5240 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll
18:18:27.0796 5240 WmdmPmSN - ok
18:18:27.0859 5240 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
18:18:27.0875 5240 Wmi - ok
18:18:27.0921 5240 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:18:27.0921 5240 WmiApSrv - ok
18:18:28.0015 5240 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
18:18:28.0015 5240 WMPNetworkSvc - ok
18:18:28.0062 5240 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:18:28.0062 5240 WpdUsb - ok
18:18:28.0109 5240 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:18:28.0109 5240 WS2IFSL - ok
18:18:28.0156 5240 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
18:18:28.0156 5240 wscsvc - ok
18:18:28.0218 5240 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
18:18:28.0218 5240 wuauserv - ok
18:18:28.0234 5240 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:18:28.0234 5240 WudfPf - ok
18:18:28.0250 5240 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:18:28.0250 5240 WudfRd - ok
18:18:28.0250 5240 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
18:18:28.0250 5240 WudfSvc - ok
18:18:28.0281 5240 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
18:18:28.0281 5240 WZCSVC - ok
18:18:28.0312 5240 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
18:18:28.0312 5240 xmlprov - ok
18:18:28.0343 5240 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
18:18:28.0671 5240 \Device\Harddisk0\DR0 - ok
18:18:28.0671 5240 Boot (0x1200) (18157324546bbfe3cb226585ae1be255) \Device\Harddisk0\DR0\Partition0
18:18:28.0687 5240 \Device\Harddisk0\DR0\Partition0 - ok
18:18:28.0687 5240 ============================================================
18:18:28.0687 5240 Scan finished
18:18:28.0687 5240 ============================================================
18:18:28.0687 5208 Detected object count: 1
18:18:28.0687 5208 Actual detected object count: 1
18:18:31.0546 5208 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
18:18:31.0546 5208 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
18:18:33.0453 4584 Deinitialize success

aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-19 18:18:57
-----------------------------
18:18:57.093 OS Version: Windows 5.1.2600 Service Pack 3
18:18:57.093 Number of processors: 4 586 0x1707
18:18:57.093 ComputerName: HPPAVILION UserName:
18:18:58.109 Initialize success
18:22:25.187 AVAST engine defs: 12061901
18:25:05.171 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-3
18:25:05.171 Disk 0 Vendor: ST3250310AS 3.ADA Size: 238418MB BusType: 3
18:25:05.203 Disk 0 MBR read successfully
18:25:05.203 Disk 0 MBR scan
18:25:05.234 Disk 0 Windows XP default MBR code
18:25:05.234 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238409 MB offset 63
18:25:05.234 Disk 0 scanning sectors +488281234
18:25:06.625 Disk 0 scanning C:\WINDOWS\system32\drivers
18:25:16.500 Service scanning
18:25:37.828 Modules scanning
18:25:45.390 Disk 0 trace - called modules:
18:25:45.406 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
18:25:45.406 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8af98ab8]
18:25:45.406 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\0000007e[0x8afd09e8]
18:25:45.406 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-3[0x8af9e940]
18:25:46.125 AVAST engine scan C:\WINDOWS
18:26:07.500 AVAST engine scan C:\WINDOWS\system32
18:29:01.203 AVAST engine scan C:\WINDOWS\system32\drivers
18:29:21.859 AVAST engine scan C:\Documents and Settings\Ryan Fischer
18:31:59.937 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
18:31:59.937 The log file has been saved successfully to "C:\aswMBR.txt"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:05 AM

Posted 19 June 2012 - 09:11 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

MiniToolBox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#7 ryantf

ryantf
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:05 AM

Posted 19 June 2012 - 09:51 PM

I have already run Malwarebytes and MSET full scans and neither found anything. I will do this again to follow along though.

Just to clarify, with the second scan of Malwarebyes, you said to do a "normal" scan. Is this a full scan or quick scan? Do you need logs from this?

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:05 AM

Posted 19 June 2012 - 09:54 PM

You need to run a full scan.You should be free from redirects by now

#9 ryantf

ryantf
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:05 AM

Posted 20 June 2012 - 10:49 AM

Malwarebytes showed no problems on first run.

MSET showed no infected files, and did not give an export option.

Here is Minitoolbox:

MiniToolBox by Farbar Version: 09-06-2012
Ran by Ryan Fischer (administrator) on 20-06-2012 at 08:04:40
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Disconnected)
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=static addr=192.168.6.150 mask=255.255.255.0
set address name="Local Area Connection" gateway=192.168.6.1 gwmetric=0
set dns name="Local Area Connection" source=static addr=4.2.2.1 register=PRIMARY
add dns name="Local Area Connection" addr=4.2.2.2 index=2
set wins name="Local Area Connection" source=static addr=none


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : hppavilion

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller

Physical Address. . . . . . . . . : 00-24-8C-5B-EF-95

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 192.168.6.150

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.6.1

DNS Servers . . . . . . . . . . . : 4.2.2.1

4.2.2.2

Server: vnsc-pri.sys.gtei.net
Address: 4.2.2.1

Name: google.com
Addresses: 74.125.224.199, 74.125.224.200, 74.125.224.201, 74.125.224.206
74.125.224.192, 74.125.224.193, 74.125.224.194, 74.125.224.195, 74.125.224.196
74.125.224.197, 74.125.224.198



Pinging google.com [74.125.224.198] with 32 bytes of data:



Reply from 74.125.224.198: bytes=32 time=24ms TTL=57

Reply from 74.125.224.198: bytes=32 time=17ms TTL=57



Ping statistics for 74.125.224.198:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 17ms, Maximum = 24ms, Average = 20ms

Server: vnsc-pri.sys.gtei.net
Address: 4.2.2.1

Name: yahoo.com
Addresses: 98.139.183.24, 209.191.122.70, 72.30.38.140



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=91ms TTL=56

Reply from 72.30.38.140: bytes=32 time=47ms TTL=56



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 47ms, Maximum = 91ms, Average = 69ms

Server: vnsc-pri.sys.gtei.net
Address: 4.2.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 24 8c 5b ef 95 ...... Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.6.1 192.168.6.150 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.6.150 192.168.6.150 20
192.168.6.0 255.255.255.0 192.168.6.150 192.168.6.150 20
192.168.6.150 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.6.255 255.255.255.255 192.168.6.150 192.168.6.150 20
224.0.0.0 240.0.0.0 192.168.6.150 192.168.6.150 20
255.255.255.255 255.255.255.255 192.168.6.150 192.168.6.150 1
Default Gateway: 192.168.6.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/19/2012 07:47:10 PM) (Source: WinDefendRtp) (User: )
Description: %HPPAVILION27 Real-Time Protection checkpoint has encountered an error and failed to start.

User: HPPAVILION\Ryan Fischer

Checkpoint ID: 1

Error Code: 0x8000ffff

Error description: Catastrophic failure

Error: (06/19/2012 07:47:10 PM) (Source: WinDefendRtp) (User: )
Description: %HPPAVILION27 Real-Time Protection checkpoint has encountered an error and failed to start.

User: HPPAVILION\Ryan Fischer

Checkpoint ID: 1

Error Code: 0x80070005

Error description: Access is denied.

Error: (06/19/2012 06:12:00 PM) (Source: WinDefendRtp) (User: )
Description: %HPPAVILION27 Real-Time Protection checkpoint has encountered an error and failed to start.

User: HPPAVILION\Ryan Fischer

Checkpoint ID: 1

Error Code: 0x8000ffff

Error description: Catastrophic failure

Error: (06/19/2012 06:12:00 PM) (Source: WinDefendRtp) (User: )
Description: %HPPAVILION27 Real-Time Protection checkpoint has encountered an error and failed to start.

User: HPPAVILION\Ryan Fischer

Checkpoint ID: 1

Error Code: 0x80070005

Error description: Access is denied.

Error: (06/19/2012 05:36:30 PM) (Source: WinDefendRtp) (User: )
Description: %HPPAVILION27 Real-Time Protection checkpoint has encountered an error and failed to start.

User: HPPAVILION\Ryan Fischer

Checkpoint ID: 1

Error Code: 0x8000ffff

Error description: Catastrophic failure

Error: (06/19/2012 05:36:29 PM) (Source: WinDefendRtp) (User: )
Description: %HPPAVILION27 Real-Time Protection checkpoint has encountered an error and failed to start.

User: HPPAVILION\Ryan Fischer

Checkpoint ID: 1

Error Code: 0x80070005

Error description: Access is denied.

Error: (06/19/2012 03:58:08 PM) (Source: WinDefendRtp) (User: )
Description: %HPPAVILION27 Real-Time Protection checkpoint has encountered an error and failed to start.

User: HPPAVILION\Ryan Fischer

Checkpoint ID: 1

Error Code: 0x8000ffff

Error description: Catastrophic failure

Error: (06/19/2012 03:58:08 PM) (Source: WinDefendRtp) (User: )
Description: %HPPAVILION27 Real-Time Protection checkpoint has encountered an error and failed to start.

User: HPPAVILION\Ryan Fischer

Checkpoint ID: 1

Error Code: 0x80070005

Error description: Access is denied.

Error: (06/18/2012 08:57:46 PM) (Source: WinDefendRtp) (User: )
Description: %HPPAVILION27 Real-Time Protection checkpoint has encountered an error and failed to start.

User: HPPAVILION\Ryan Fischer

Checkpoint ID: 1

Error Code: 0x8000ffff

Error description: Catastrophic failure

Error: (06/18/2012 08:57:46 PM) (Source: WinDefendRtp) (User: )
Description: %HPPAVILION27 Real-Time Protection checkpoint has encountered an error and failed to start.

User: HPPAVILION\Ryan Fischer

Checkpoint ID: 1

Error Code: 0x80070005

Error description: Access is denied.


System errors:
=============
Error: (06/20/2012 02:41:14 AM) (Source: 0) (User: )
Description:

Error: (06/20/2012 00:53:42 AM) (Source: 0) (User: )
Description: 0xC000009ANOD18.tmpHarddiskVolume1

Error: (06/19/2012 07:47:03 PM) (Source: Service Control Manager) (User: )
Description: The DgiVecp service failed to start due to the following error:
%%2

Error: (06/19/2012 06:12:02 PM) (Source: Service Control Manager) (User: )
Description: The DgiVecp service failed to start due to the following error:
%%2

Error: (06/19/2012 05:36:27 PM) (Source: Service Control Manager) (User: )
Description: The DgiVecp service failed to start due to the following error:
%%2

Error: (06/19/2012 03:57:57 PM) (Source: Service Control Manager) (User: )
Description: The DgiVecp service failed to start due to the following error:
%%2

Error: (06/19/2012 03:56:27 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/19/2012 03:46:03 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx86
ccSet_N360
eeCtrl
Fips
intelppm
SASDIFSV
SASKUTIL
SRTSPX
SymIRON
SYMTDI

Error: (06/19/2012 03:45:00 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/19/2012 03:41:14 PM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (06/19/2012 07:47:10 PM) (Source: WinDefendRtp)(User: )
Description: %%8271.1.1593.010x8000ffffCatastrophic failure HPPAVILIONRyan FischerS-1-5-21-1220945662-515967899-1801674531-1007

Error: (06/19/2012 07:47:10 PM) (Source: WinDefendRtp)(User: )
Description: %%8271.1.1593.010x80070005Access is denied. HPPAVILIONRyan FischerS-1-5-21-1220945662-515967899-1801674531-1007

Error: (06/19/2012 06:12:00 PM) (Source: WinDefendRtp)(User: )
Description: %%8271.1.1593.010x8000ffffCatastrophic failure HPPAVILIONRyan FischerS-1-5-21-1220945662-515967899-1801674531-1007

Error: (06/19/2012 06:12:00 PM) (Source: WinDefendRtp)(User: )
Description: %%8271.1.1593.010x80070005Access is denied. HPPAVILIONRyan FischerS-1-5-21-1220945662-515967899-1801674531-1007

Error: (06/19/2012 05:36:30 PM) (Source: WinDefendRtp)(User: )
Description: %%8271.1.1593.010x8000ffffCatastrophic failure HPPAVILIONRyan FischerS-1-5-21-1220945662-515967899-1801674531-1007

Error: (06/19/2012 05:36:29 PM) (Source: WinDefendRtp)(User: )
Description: %%8271.1.1593.010x80070005Access is denied. HPPAVILIONRyan FischerS-1-5-21-1220945662-515967899-1801674531-1007

Error: (06/19/2012 03:58:08 PM) (Source: WinDefendRtp)(User: )
Description: %%8271.1.1593.010x8000ffffCatastrophic failure HPPAVILIONRyan FischerS-1-5-21-1220945662-515967899-1801674531-1007

Error: (06/19/2012 03:58:08 PM) (Source: WinDefendRtp)(User: )
Description: %%8271.1.1593.010x80070005Access is denied. HPPAVILIONRyan FischerS-1-5-21-1220945662-515967899-1801674531-1007

Error: (06/18/2012 08:57:46 PM) (Source: WinDefendRtp)(User: )
Description: %%8271.1.1593.010x8000ffffCatastrophic failure HPPAVILIONRyan FischerS-1-5-21-1220945662-515967899-1801674531-1007

Error: (06/18/2012 08:57:46 PM) (Source: WinDefendRtp)(User: )
Description: %%8271.1.1593.010x80070005Access is denied. HPPAVILIONRyan FischerS-1-5-21-1220945662-515967899-1801674531-1007


=========================== Installed Programs ============================

AAInc.Office (Version: 1.0.0.42)
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Adobe AIR (Version: 3.2.0.2070)
Adobe Community Help (Version: 3.3.0)
Adobe Community Help (Version: 3.3.0.800)
Adobe Download Manager (Version: 1.6.2.60)
Adobe Flash Player 10 ActiveX (Version: 10.0.45.2)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Media Player (Version: 1.8)
Adobe Photoshop Elements 9 (Version: 9.0)
Adobe Photoshop.com Inspiration Browser (Version: 3.07)
Adobe Reader 9.3 (Version: 9.3.0)
AIM 7
Akamai NetSession Interface Service
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.2.6
AuthenTec Fingerprint Sensor Minimum Install (Version: 7.9)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.35)
BlackBerry Device Software Updater (Version: 6.0.1.13)
Bonjour (Version: 3.0.0.10)
Bonjour Print Services (Version: 2.0.2.0)
Brother MFL-Pro Suite (Version: 1.00.000)
Compact Contact Center
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Printer for Windows (Version: 5.0.0.1)
Download Updater (AOL LLC)
Dropbox (Version: 1.4.7)
Echofon (remove only)
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
ESET Online Scanner v3
FileZilla Client 3.5.1 (Version: 3.5.1)
GIMP 2.6.8
Google Chrome (Version: 19.0.1084.56)
Google Gmail Notifier
Google Talk (remove only)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
GoToMeeting 5.0.0.799 (Version: 5.0.0.799)
Image Retriever 7 (Version: 7.0.1.1)
Intel® Graphics Media Accelerator Driver
Intuit SiteBuilder
IP Office User Suite (Version: 4.2.12)
iTunes (Version: 10.6.0.40)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
JM Integrated Remote Station (Version: 1.00.0000)
join.me (Version: 1.2.1.374)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft English TTS Engine (Version: 2.0.1000.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft MapPoint North America 2009 (Version: 16.0.19.1500)
Microsoft Office Access database engine 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Live Meeting 2007 (Version: 8.0.6362.201)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works 6-9 Converter (Version: 9.7.0621)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 1.00.0000)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MP3 Converter Simple (Version: MP3 Converter Simple)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NexDef Plug-in
Norton 360 (Version: 6.2.1.5)
NVIDIA Drivers
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PaperPort Image Printer (Version: 1.00.0000)
PhoneManager (Version: 4.2.12)
PrimoPDF -- by Nitro PDF Software (Version: 5.0.0.19)
QBFC 5.0 (Version: 6.0.3.00200)
QBFC 7.0 (Version: 7.0.0.134)
QuickTime (Version: 7.71.80.42)
REALTEK GbE & FE Ethernet PCI NIC Driver (Version: 1.23.0000)
Realtek High Definition Audio Driver
RTC Client API v1.2 (Version: 1.2.0000)
Safari (Version: 5.34.54.16)
SAPI Wrapper (Version: 1.0.0.0)
ScanSoft OmniPage SE 4 (Version: 15.2.0020)
ScanSoft PaperPort 11 (Version: 11.1.0000)
Spotify (Version: 0.5.2)
Spotify (Version: 0.8.2.610.g090a06f8)
TAPI (Version: 3.2.15)
Time&Attendance (Version: 3.0)
TTS Wrapper (Version: 1.0.0.0)
TweetDeck (Version: 0.38.2)
TweetDeck (Version: 1.0.0)
UltraMon (Version: 3.0.9)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
WebEx
WebFldrs XP (Version: 9.50.7523)
Windows Defender (Version: 1.1.1593.21)
Windows Driver Package - DigitalPersona, Inc. (usbdpfp) Biometric (01/25/2007 4.0.0.32) (Version: 01/25/2007 4.0.0.32)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR archiver
WinZip 14.5 (Version: 14.5.9095)
ZKSoftware Fingerprint Reader Driver 2.0.6

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 3071.17 MB
Available physical RAM: 1953.73 MB
Total Pagefile: 4955.81 MB
Available Pagefile: 3976.25 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.73 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.82 GB) (Free:140.24 GB) NTFS

========================= Users: ========================================

User accounts for \\HPPAVILION

Administrator ASPNET Guest
HelpAssistant Ryan Fischer SUPPORT_388945a0


**** End of log ****

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:05 AM

Posted 20 June 2012 - 10:56 AM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 ryantf

ryantf
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:05 AM

Posted 20 June 2012 - 10:57 AM

Thanks for your help and very quick replies, much appreciated!

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:05 AM

Posted 20 June 2012 - 10:59 AM

You're most welcome :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users