Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect Virus


  • Please log in to reply
18 replies to this topic

#1 AshM27

AshM27

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:52 PM

Posted 10 July 2012 - 07:50 AM

Hello!

I found the site doing a search on how to remove this nasty virus from my computer...

Running Vista 6.0 ... Google links are redirecting me to newsfudge.com, infomash.com, and click.get-answers-fast.com

I ran MBAM yesterday , and it found 25 threats. I deleted them, and restarted. The redirect was still present.

I restarted in Safemode. Downloaded and ran rkill. It didn't find anything. Then I downloaded and ran MBAM again. It didn't detect anything.

I'm not incredibly tech savvy, and have no other thoughts on how to get rid of this malware :( ... Do you have any suggestions?

Thank you so much for your time.


(edited to add Windows version)


*Moderator Edit: Moved topic from Vista to the more appropriate forum. ~ Queen-Evie*

Edited by Queen-Evie, 10 July 2012 - 08:32 AM.


BC AdBot (Login to Remove)

 


#2 AshM27

AshM27
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:52 PM

Posted 10 July 2012 - 07:59 AM

Also ran TDSSkiller...

Only problems it found were 2 files with unverified signatures. Deleted them, rebooted, and still having the problem.

Edited by AshM27, 10 July 2012 - 08:00 AM.


#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:52 PM

Posted 10 July 2012 - 08:58 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 AshM27

AshM27
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:52 PM

Posted 10 July 2012 - 12:56 PM

13:46:03.0864 1260 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
13:46:05.0878 1260 ============================================================
13:46:05.0878 1260 Current date / time: 2012/07/10 13:46:05.0878
13:46:05.0878 1260 SystemInfo:
13:46:05.0878 1260
13:46:05.0878 1260 OS Version: 6.0.6000 ServicePack: 0.0
13:46:05.0878 1260 Product type: Workstation
13:46:05.0878 1260 ComputerName: PEDRO-PC
13:46:05.0878 1260 UserName: pedro
13:46:05.0878 1260 Windows directory: C:\Windows
13:46:05.0878 1260 System windows directory: C:\Windows
13:46:05.0878 1260 Processor architecture: Intel x86
13:46:05.0878 1260 Number of processors: 2
13:46:05.0878 1260 Page size: 0x1000
13:46:05.0878 1260 Boot type: Normal boot
13:46:05.0878 1260 ============================================================
13:46:08.0296 1260 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:46:08.0327 1260 ============================================================
13:46:08.0327 1260 \Device\Harddisk0\DR0:
13:46:08.0342 1260 MBR partitions:
13:46:08.0342 1260 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x1400000
13:46:08.0342 1260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x141F800, BlocksNum 0xC674800
13:46:08.0389 1260 ============================================================
13:46:08.0592 1260 C: <-> \Device\Harddisk0\DR0\Partition1
13:46:08.0779 1260 D: <-> \Device\Harddisk0\DR0\Partition0
13:46:08.0779 1260 ============================================================
13:46:08.0779 1260 Initialize success
13:46:08.0779 1260 ============================================================
13:46:19.0075 5892 ============================================================
13:46:19.0075 5892 Scan started
13:46:19.0075 5892 Mode: Manual; TDLFS;
13:46:19.0075 5892 ============================================================
13:46:20.0869 5892 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
13:46:20.0885 5892 ACPI - ok
13:46:21.0056 5892 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:46:21.0056 5892 AdobeARMservice - ok
13:46:21.0197 5892 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:46:21.0212 5892 AdobeFlashPlayerUpdateSvc - ok
13:46:21.0306 5892 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
13:46:21.0493 5892 adp94xx - ok
13:46:21.0540 5892 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
13:46:21.0571 5892 adpahci - ok
13:46:21.0602 5892 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
13:46:21.0618 5892 adpu160m - ok
13:46:21.0649 5892 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
13:46:21.0712 5892 adpu320 - ok
13:46:21.0790 5892 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
13:46:21.0790 5892 AeLookupSvc - ok
13:46:21.0852 5892 AESTFilters (ef1142512bec12f1c2c87735da1755be) C:\Windows\system32\aestsrv.exe
13:46:21.0852 5892 AESTFilters - ok
13:46:21.0930 5892 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
13:46:22.0195 5892 AFD - ok
13:46:22.0258 5892 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
13:46:22.0258 5892 agp440 - ok
13:46:22.0304 5892 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:46:22.0367 5892 aic78xx - ok
13:46:22.0414 5892 ALG (e69fb0e3112c40fdc0ef7d21a52dc951) C:\Windows\System32\alg.exe
13:46:22.0414 5892 ALG - ok
13:46:22.0445 5892 aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys
13:46:22.0445 5892 aliide - ok
13:46:22.0492 5892 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
13:46:22.0492 5892 amdagp - ok
13:46:22.0523 5892 amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys
13:46:22.0523 5892 amdide - ok
13:46:22.0554 5892 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
13:46:22.0554 5892 AmdK7 - ok
13:46:22.0585 5892 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
13:46:22.0585 5892 AmdK8 - ok
13:46:22.0928 5892 AntiSpywareService (f9dac844b1d370da4c984d4c22f5e696) C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
13:46:22.0975 5892 AntiSpywareService - ok
13:46:23.0038 5892 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\Windows\system32\DRIVERS\Apfiltr.sys
13:46:23.0100 5892 ApfiltrService - ok
13:46:23.0162 5892 Appinfo (cfa455816879f06f1c4e5bbf9e8aef7d) C:\Windows\System32\appinfo.dll
13:46:23.0178 5892 Appinfo - ok
13:46:23.0490 5892 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:46:23.0506 5892 Apple Mobile Device - ok
13:46:23.0537 5892 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
13:46:23.0537 5892 arc - ok
13:46:23.0974 5892 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
13:46:23.0974 5892 arcsas - ok
13:46:24.0005 5892 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
13:46:24.0005 5892 AsyncMac - ok
13:46:24.0052 5892 atapi (e03e8c99d15d0381e02743c36afc7c6f) C:\Windows\system32\drivers\atapi.sys
13:46:24.0052 5892 atapi - ok
13:46:24.0114 5892 AudioEndpointBuilder (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
13:46:24.0130 5892 AudioEndpointBuilder - ok
13:46:24.0145 5892 Audiosrv (e760fc1bd68f7f6f1b17eb4e8d9480b0) C:\Windows\System32\Audiosrv.dll
13:46:24.0145 5892 Audiosrv - ok
13:46:24.0582 5892 BCM43XX (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys
13:46:24.0598 5892 BCM43XX - ok
13:46:24.0676 5892 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
13:46:24.0676 5892 Beep - ok
13:46:24.0754 5892 BFE (96b73cc64bd905ea6cc4e44384abd8c9) C:\Windows\System32\bfe.dll
13:46:24.0769 5892 BFE - ok
13:46:25.0066 5892 BHDrvx86 (a9e111a358ac5f7eba7ac61e43fc6725) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20120619.001\BHDrvx86.sys
13:46:25.0112 5892 BHDrvx86 - ok
13:46:26.0002 5892 BITS (da551697e34d2b9943c8b1c8eaffe89a) C:\Windows\System32\qmgr.dll
13:46:26.0017 5892 BITS - ok
13:46:26.0048 5892 blbdrive - ok
13:46:26.0204 5892 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
13:46:26.0220 5892 Bonjour Service - ok
13:46:26.0251 5892 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
13:46:26.0267 5892 bowser - ok
13:46:26.0298 5892 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:46:26.0314 5892 BrFiltLo - ok
13:46:26.0360 5892 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:46:26.0360 5892 BrFiltUp - ok
13:46:26.0392 5892 Browser (beb6470532b7461d7bb426e3facb424f) C:\Windows\System32\browser.dll
13:46:26.0392 5892 Browser - ok
13:46:26.0438 5892 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:46:26.0438 5892 Brserid - ok
13:46:26.0470 5892 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:46:26.0470 5892 BrSerWdm - ok
13:46:26.0657 5892 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:46:26.0688 5892 BrUsbMdm - ok
13:46:26.0719 5892 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:46:26.0719 5892 BrUsbSer - ok
13:46:26.0782 5892 BthEnum (cf97c2d6a011ee9403b42191b5f95ba8) C:\Windows\system32\DRIVERS\BthEnum.sys
13:46:26.0782 5892 BthEnum - ok
13:46:26.0797 5892 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\DRIVERS\bthmodem.sys
13:46:26.0797 5892 BTHMODEM - ok
13:46:26.0860 5892 BthPan (b8c3d9ddf85fd197c3e5f849fef71144) C:\Windows\system32\DRIVERS\bthpan.sys
13:46:26.0860 5892 BthPan - ok
13:46:26.0922 5892 BTHPORT (b4ce8000aab30a9ab16cd0fb3db4d7cf) C:\Windows\system32\Drivers\BTHport.sys
13:46:26.0969 5892 BTHPORT - ok
13:46:27.0094 5892 BthServ (58ee7f5e68310bc8d4e7cebd8358c12e) C:\Windows\System32\bthserv.dll
13:46:27.0094 5892 BthServ - ok
13:46:27.0187 5892 BTHUSB (9a4ddc8544c1459aa2a118a8858dade3) C:\Windows\system32\Drivers\BTHUSB.sys
13:46:27.0187 5892 BTHUSB - ok
13:46:27.0484 5892 btwaudio (4a28e7bd365377d0512b7ef8c7596d2c) C:\Windows\system32\drivers\btwaudio.sys
13:46:27.0530 5892 btwaudio - ok
13:46:27.0593 5892 btwavdt (5ffde57253d665067b0886612817eb11) C:\Windows\system32\drivers\btwavdt.sys
13:46:27.0624 5892 btwavdt - ok
13:46:27.0671 5892 btwrchid (ab07dc8b05c31a4f95fc73019be9db15) C:\Windows\system32\DRIVERS\btwrchid.sys
13:46:27.0702 5892 btwrchid - ok
13:46:27.0718 5892 Bulk1528 - ok
13:46:27.0718 5892 Ca1528av - ok
13:46:27.0874 5892 ccHP (1fa1c0e73eca849bed29a47c508f7f17) C:\Windows\system32\drivers\N360\0404000.00C\ccHPx86.sys
13:46:27.0889 5892 ccHP - ok
13:46:27.0952 5892 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
13:46:27.0952 5892 cdfs - ok
13:46:27.0983 5892 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
13:46:27.0998 5892 cdrom - ok
13:46:28.0045 5892 CertPropSvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
13:46:28.0045 5892 CertPropSvc - ok
13:46:28.0061 5892 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
13:46:28.0061 5892 circlass - ok
13:46:28.0123 5892 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
13:46:28.0139 5892 CLFS - ok
13:46:28.0201 5892 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:46:28.0217 5892 clr_optimization_v2.0.50727_32 - ok
13:46:28.0279 5892 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
13:46:28.0310 5892 CmBatt - ok
13:46:28.0342 5892 cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys
13:46:28.0342 5892 cmdide - ok
13:46:28.0357 5892 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
13:46:28.0357 5892 Compbatt - ok
13:46:28.0373 5892 COMSysApp - ok
13:46:28.0388 5892 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
13:46:28.0388 5892 crcdisk - ok
13:46:28.0404 5892 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
13:46:28.0404 5892 Crusoe - ok
13:46:28.0451 5892 CryptSvc (1c26fb097170a2a91066d1e3a24366e3) C:\Windows\system32\cryptsvc.dll
13:46:28.0451 5892 CryptSvc - ok
13:46:28.0560 5892 DcomLaunch (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
13:46:28.0591 5892 DcomLaunch - ok
13:46:28.0622 5892 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
13:46:28.0622 5892 DfsC - ok
13:46:28.0747 5892 DFSR (e0d584aa76c7d845ba9f3a788260528f) C:\Windows\system32\DFSR.exe
13:46:28.0856 5892 DFSR - ok
13:46:29.0090 5892 Dhcp (dc45739bc22d528d2b3e50d3f6761750) C:\Windows\System32\dhcpcsvc.dll
13:46:29.0090 5892 Dhcp - ok
13:46:29.0168 5892 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
13:46:29.0184 5892 disk - ok
13:46:29.0231 5892 Dnscache (eecba1dd142bf8693c476be8f32fe253) C:\Windows\System32\dnsrslvr.dll
13:46:29.0231 5892 Dnscache - ok
13:46:29.0262 5892 dot3svc (be3d1e84378de1f4c448fd59541581e9) C:\Windows\System32\dot3svc.dll
13:46:29.0293 5892 dot3svc - ok
13:46:29.0340 5892 DPS (032c90ad677bf7b7a8013d6087c7a921) C:\Windows\system32\dps.dll
13:46:29.0356 5892 DPS - ok
13:46:29.0402 5892 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
13:46:29.0418 5892 drmkaud - ok
13:46:29.0465 5892 DXGKrnl (b95202efd0464d226e7542c1e319c028) C:\Windows\System32\drivers\dxgkrnl.sys
13:46:29.0496 5892 DXGKrnl - ok
13:46:29.0621 5892 e1express (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys
13:46:29.0636 5892 e1express - ok
13:46:29.0683 5892 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:46:29.0683 5892 E1G60 - ok
13:46:29.0730 5892 EapHost (90a0a875642e18618010645311b4e89e) C:\Windows\System32\eapsvc.dll
13:46:29.0730 5892 EapHost - ok
13:46:29.0777 5892 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
13:46:29.0792 5892 Ecache - ok
13:46:29.0933 5892 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
13:46:29.0948 5892 eeCtrl - ok
13:46:30.0011 5892 ehRecvr (8ea277bda2730c9b34add67cdd593d64) C:\Windows\ehome\ehRecvr.exe
13:46:30.0026 5892 ehRecvr - ok
13:46:30.0104 5892 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
13:46:30.0120 5892 ehSched - ok
13:46:30.0167 5892 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
13:46:30.0167 5892 ehstart - ok
13:46:30.0214 5892 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
13:46:30.0229 5892 elxstor - ok
13:46:30.0385 5892 EMDMgmt (3226fda08988526e819e364e8cce4cee) C:\Windows\system32\emdmgmt.dll
13:46:30.0401 5892 EMDMgmt - ok
13:46:30.0650 5892 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:46:30.0666 5892 EraserUtilRebootDrv - ok
13:46:30.0744 5892 EventSystem (7b4971c3d43525175a4ea0d143e0412e) C:\Windows\system32\es.dll
13:46:30.0744 5892 EventSystem - ok
13:46:30.0791 5892 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
13:46:30.0806 5892 fastfat - ok
13:46:30.0838 5892 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
13:46:30.0838 5892 fdc - ok
13:46:30.0884 5892 fdPHost (e43bce1a77d6fd4ed5f8e0482b9e7df1) C:\Windows\system32\fdPHost.dll
13:46:30.0884 5892 fdPHost - ok
13:46:30.0900 5892 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
13:46:30.0900 5892 FDResPub - ok
13:46:30.0916 5892 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
13:46:30.0916 5892 FileInfo - ok
13:46:30.0947 5892 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
13:46:30.0947 5892 Filetrace - ok
13:46:30.0962 5892 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
13:46:30.0962 5892 flpydisk - ok
13:46:30.0994 5892 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
13:46:31.0009 5892 FltMgr - ok
13:46:31.0072 5892 FontCache3.0.0.0 (7ef57375636991f794bf40b522a8e7ef) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:46:31.0087 5892 FontCache3.0.0.0 - ok
13:46:31.0118 5892 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
13:46:31.0118 5892 Fs_Rec - ok
13:46:31.0150 5892 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
13:46:31.0150 5892 gagp30kx - ok
13:46:31.0196 5892 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:46:31.0196 5892 GEARAspiWDM - ok
13:46:31.0321 5892 GoogleDesktopManager-110309-193829 (f0187e45268e86aaaa932cbd9087bea8) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
13:46:31.0321 5892 GoogleDesktopManager-110309-193829 - ok
13:46:31.0384 5892 gpsvc (bcf6589c42d8f6a20f33ef133ffe0524) C:\Windows\System32\gpsvc.dll
13:46:31.0415 5892 gpsvc - ok
13:46:31.0540 5892 gupdate1ca2900d6dc6fb0 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
13:46:31.0540 5892 gupdate1ca2900d6dc6fb0 - ok
13:46:31.0586 5892 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
13:46:31.0586 5892 gupdatem - ok
13:46:31.0649 5892 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:46:31.0680 5892 gusvc - ok
13:46:31.0727 5892 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:46:31.0727 5892 HDAudBus - ok
13:46:31.0758 5892 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:46:31.0758 5892 HidBth - ok
13:46:31.0789 5892 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:46:31.0789 5892 HidIr - ok
13:46:31.0836 5892 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
13:46:31.0836 5892 hidserv - ok
13:46:31.0867 5892 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
13:46:31.0898 5892 HidUsb - ok
13:46:31.0945 5892 hkmsvc (d40aa05e29bf6ed29b139f044b461e9b) C:\Windows\system32\kmsvc.dll
13:46:31.0945 5892 hkmsvc - ok
13:46:31.0992 5892 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
13:46:31.0992 5892 HpCISSs - ok
13:46:32.0164 5892 HSF_DPV (e9e589c9ab799f52e18f057635a2b362) C:\Windows\system32\DRIVERS\HSX_DPV.sys
13:46:32.0257 5892 HSF_DPV - ok
13:46:32.0288 5892 HSXHWAZL (7845d2385f4dc7dfb3ccaf0c2fa4948e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
13:46:32.0304 5892 HSXHWAZL - ok
13:46:32.0382 5892 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
13:46:32.0429 5892 HTTP - ok
13:46:32.0476 5892 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
13:46:32.0476 5892 i2omp - ok
13:46:32.0554 5892 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
13:46:32.0554 5892 i8042prt - ok
13:46:32.0710 5892 IAANTMON (ae38a12f79a4980ddb88f36514f8a1da) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
13:46:32.0725 5892 IAANTMON - ok
13:46:32.0772 5892 iaNvStor (92b37e0a61cd710a0c66dc3567a8bf3c) C:\Windows\system32\drivers\ianvstor.sys
13:46:32.0850 5892 iaNvStor - ok
13:46:32.0897 5892 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
13:46:32.0897 5892 iaStor - ok
13:46:32.0959 5892 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
13:46:32.0975 5892 iaStorV - ok
13:46:33.0068 5892 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:46:33.0100 5892 IDriverT - ok
13:46:33.0256 5892 idsvc (6d1d3cab85ba0c63cb83296a8a1825f9) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:46:33.0318 5892 idsvc - ok
13:46:33.0661 5892 IDSVix86 (6262c22a913bd255a0795d070b82aa47) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20120707.001\IDSvix86.sys
13:46:33.0692 5892 IDSVix86 - ok
13:46:33.0895 5892 igfx (f7ecd4b9e7fad4a01a0ed889d40e2494) C:\Windows\system32\DRIVERS\igdkmd32.sys
13:46:34.0004 5892 igfx - ok
13:46:34.0129 5892 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:46:34.0129 5892 iirsp - ok
13:46:34.0270 5892 IKEEXT (4456e314e60177b03e5cbe64cd6a337e) C:\Windows\System32\ikeext.dll
13:46:34.0301 5892 IKEEXT - ok
13:46:34.0379 5892 IntcHdmiAddService (cace3be2499cf00827a641869297cea6) C:\Windows\system32\drivers\IntcHdmi.sys
13:46:34.0379 5892 IntcHdmiAddService - ok
13:46:34.0441 5892 intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\DRIVERS\intelide.sys
13:46:34.0441 5892 intelide - ok
13:46:34.0504 5892 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
13:46:34.0504 5892 intelppm - ok
13:46:34.0550 5892 IPBusEnum (88cf5281ed9880d74dc9011cf8b5262d) C:\Windows\system32\ipbusenum.dll
13:46:34.0566 5892 IPBusEnum - ok
13:46:34.0597 5892 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:46:34.0597 5892 IpFilterDriver - ok
13:46:34.0675 5892 iphlpsvc (ecc9ad72cfc4ab41cf6a9bcc11f9fef6) C:\Windows\System32\iphlpsvc.dll
13:46:34.0691 5892 iphlpsvc - ok
13:46:34.0706 5892 IpInIp - ok
13:46:34.0738 5892 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
13:46:34.0738 5892 IPMIDRV - ok
13:46:34.0878 5892 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
13:46:34.0894 5892 IPNAT - ok
13:46:35.0034 5892 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
13:46:35.0050 5892 iPod Service - ok
13:46:35.0081 5892 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
13:46:35.0081 5892 IRENUM - ok
13:46:35.0143 5892 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
13:46:35.0143 5892 isapnp - ok
13:46:35.0190 5892 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
13:46:35.0206 5892 iScsiPrt - ok
13:46:35.0252 5892 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:46:35.0252 5892 iteatapi - ok
13:46:35.0284 5892 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:46:35.0284 5892 iteraid - ok
13:46:35.0346 5892 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
13:46:35.0362 5892 kbdclass - ok
13:46:35.0424 5892 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
13:46:35.0455 5892 kbdhid - ok
13:46:35.0518 5892 KeyIso (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
13:46:35.0518 5892 KeyIso - ok
13:46:35.0580 5892 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
13:46:35.0596 5892 KSecDD - ok
13:46:35.0674 5892 KtmRm (45c537fe5dde9a0146aeff76e615737d) C:\Windows\system32\msdtckrm.dll
13:46:35.0689 5892 KtmRm - ok
13:46:35.0752 5892 LanmanServer (53d1482fc1aa36ac015a85e6cf2146bd) C:\Windows\system32\srvsvc.dll
13:46:35.0752 5892 LanmanServer - ok
13:46:35.0814 5892 LanmanWorkstation (435f0f6dc87a4b5da78f1fa309884189) C:\Windows\System32\wkssvc.dll
13:46:35.0830 5892 LanmanWorkstation - ok
13:46:35.0861 5892 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
13:46:35.0876 5892 lltdio - ok
13:46:35.0923 5892 lltdsvc (7450dbcf754391dd6363fffd5ef0e789) C:\Windows\System32\lltdsvc.dll
13:46:35.0923 5892 lltdsvc - ok
13:46:35.0954 5892 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
13:46:35.0954 5892 lmhosts - ok
13:46:35.0986 5892 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
13:46:36.0001 5892 LSI_FC - ok
13:46:36.0032 5892 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
13:46:36.0032 5892 LSI_SAS - ok
13:46:36.0079 5892 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
13:46:36.0110 5892 LSI_SCSI - ok
13:46:36.0126 5892 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
13:46:36.0142 5892 luafv - ok
13:46:36.0188 5892 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
13:46:36.0204 5892 MBAMProtector - ok
13:46:36.0344 5892 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:46:36.0360 5892 MBAMService - ok
13:46:36.0547 5892 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
13:46:36.0578 5892 McComponentHostService - ok
13:46:36.0625 5892 Mcx2Svc (bf8426a8e3f3856389e26e94a8f1b588) C:\Windows\system32\Mcx2Svc.dll
13:46:36.0625 5892 Mcx2Svc - ok
13:46:36.0656 5892 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
13:46:36.0656 5892 mdmxsdk - ok
13:46:36.0672 5892 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
13:46:36.0672 5892 megasas - ok
13:46:36.0703 5892 MMCSS (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
13:46:36.0703 5892 MMCSS - ok
13:46:36.0719 5892 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
13:46:36.0719 5892 Modem - ok
13:46:36.0766 5892 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
13:46:36.0781 5892 monitor - ok
13:46:36.0828 5892 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
13:46:36.0828 5892 mouclass - ok
13:46:36.0875 5892 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
13:46:36.0906 5892 mouhid - ok
13:46:36.0937 5892 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
13:46:36.0937 5892 MountMgr - ok
13:46:37.0000 5892 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:46:37.0015 5892 MozillaMaintenance - ok
13:46:37.0046 5892 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
13:46:37.0046 5892 mpio - ok
13:46:37.0093 5892 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
13:46:37.0093 5892 mpsdrv - ok
13:46:37.0140 5892 MpsSvc (563ed845885c6a7c09a7715d8bd0585c) C:\Windows\system32\mpssvc.dll
13:46:37.0171 5892 MpsSvc - ok
13:46:37.0249 5892 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:46:37.0249 5892 Mraid35x - ok
13:46:37.0312 5892 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
13:46:37.0327 5892 MRxDAV - ok
13:46:37.0390 5892 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:46:37.0390 5892 mrxsmb - ok
13:46:37.0468 5892 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:46:37.0483 5892 mrxsmb10 - ok
13:46:37.0499 5892 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:46:37.0499 5892 mrxsmb20 - ok
13:46:37.0514 5892 msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys
13:46:37.0514 5892 msahci - ok
13:46:37.0561 5892 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
13:46:37.0592 5892 msdsm - ok
13:46:37.0639 5892 MSDTC (bc64a92d821efea8bab8e8caf1b668bc) C:\Windows\System32\msdtc.exe
13:46:37.0655 5892 MSDTC - ok
13:46:37.0686 5892 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
13:46:37.0686 5892 Msfs - ok
13:46:37.0733 5892 msisadrv (207df26dbb2537c20276da0e15892274) C:\Windows\system32\drivers\msisadrv.sys
13:46:37.0733 5892 msisadrv - ok
13:46:37.0780 5892 MSiSCSI (8acf956d9154e893e789881430c12632) C:\Windows\system32\iscsiexe.dll
13:46:37.0795 5892 MSiSCSI - ok
13:46:37.0811 5892 msiserver - ok
13:46:37.0842 5892 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
13:46:37.0858 5892 MSKSSRV - ok
13:46:37.0889 5892 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
13:46:37.0889 5892 MSPCLOCK - ok
13:46:37.0920 5892 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
13:46:37.0920 5892 MSPQM - ok
13:46:37.0951 5892 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
13:46:37.0967 5892 MsRPC - ok
13:46:37.0998 5892 mssmbios (7dbaa028f625aa46b95dda4fbe4b602b) C:\Windows\system32\DRIVERS\mssmbios.sys
13:46:38.0014 5892 mssmbios - ok
13:46:38.0076 5892 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
13:46:38.0076 5892 MSTEE - ok
13:46:38.0107 5892 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
13:46:38.0107 5892 Mup - ok
13:46:38.0232 5892 N360 (b4187346f54e362daffe647b25a58d50) C:\Program Files\Norton Security Suite\Engine\4.4.0.12\ccSvcHst.exe
13:46:38.0248 5892 N360 - ok
13:46:38.0279 5892 napagent (1cdbb5d002fe2bc5300aa20550d8a52e) C:\Windows\system32\qagentRT.dll
13:46:38.0310 5892 napagent - ok
13:46:38.0372 5892 NativeWifiP (1d162e52fb691eb555a476b04b4bff3f) C:\Windows\system32\DRIVERS\nwifi.sys
13:46:38.0388 5892 NativeWifiP - ok
13:46:38.0638 5892 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120709.038\NAVENG.SYS
13:46:38.0653 5892 NAVENG - ok
13:46:38.0762 5892 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120709.038\NAVEX15.SYS
13:46:38.0840 5892 NAVEX15 - ok
13:46:38.0996 5892 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
13:46:39.0043 5892 NDIS - ok
13:46:39.0121 5892 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
13:46:39.0121 5892 NdisTapi - ok
13:46:39.0152 5892 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
13:46:39.0152 5892 Ndisuio - ok
13:46:39.0184 5892 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
13:46:39.0184 5892 NdisWan - ok
13:46:39.0199 5892 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
13:46:39.0199 5892 NDProxy - ok
13:46:39.0496 5892 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
13:46:39.0542 5892 Nero BackItUp Scheduler 4.0 - ok
13:46:39.0574 5892 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
13:46:39.0574 5892 NetBIOS - ok
13:46:39.0605 5892 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
13:46:39.0605 5892 netbt - ok
13:46:39.0667 5892 Netlogon (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
13:46:39.0667 5892 Netlogon - ok
13:46:39.0714 5892 Netman (90a4dae28b94497f83bea0f2a3b77092) C:\Windows\System32\netman.dll
13:46:39.0714 5892 Netman - ok
13:46:39.0745 5892 netprofm (7c5c3d9ceee838856b828ab6f98a2857) C:\Windows\System32\netprofm.dll
13:46:39.0745 5892 netprofm - ok
13:46:39.0839 5892 NetTcpPortSharing (b418382de04ff58567aa07a2b66b2332) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:46:39.0901 5892 NetTcpPortSharing - ok
13:46:39.0948 5892 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:46:39.0948 5892 nfrd960 - ok
13:46:39.0979 5892 NlaSvc (c424117a562f2de37a42266894c79aeb) C:\Windows\System32\nlasvc.dll
13:46:39.0995 5892 NlaSvc - ok
13:46:40.0010 5892 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
13:46:40.0010 5892 Npfs - ok
13:46:40.0042 5892 nsi (23b8201a363de0e649fc75ee9874dee2) C:\Windows\system32\nsisvc.dll
13:46:40.0042 5892 nsi - ok
13:46:40.0057 5892 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
13:46:40.0057 5892 nsiproxy - ok
13:46:40.0182 5892 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
13:46:40.0213 5892 Ntfs - ok
13:46:40.0291 5892 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:46:40.0291 5892 ntrigdigi - ok
13:46:40.0322 5892 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
13:46:40.0322 5892 Null - ok
13:46:40.0354 5892 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
13:46:40.0416 5892 nvraid - ok
13:46:40.0447 5892 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
13:46:40.0447 5892 nvstor - ok
13:46:40.0478 5892 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
13:46:40.0525 5892 nv_agp - ok
13:46:40.0525 5892 NwlnkFlt - ok
13:46:40.0541 5892 NwlnkFwd - ok
13:46:40.0697 5892 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:46:40.0759 5892 odserv - ok
13:46:40.0806 5892 OEM02Dev (9d20fa5d8875f6063aa5e1c44446f698) C:\Windows\system32\DRIVERS\OEM02Dev.sys
13:46:40.0853 5892 OEM02Dev - ok
13:46:40.0868 5892 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
13:46:40.0868 5892 OEM02Vfx - ok
13:46:40.0931 5892 ohci1394 (953c1ba621f4da9dc7d268ae839a51fb) C:\Windows\system32\DRIVERS\ohci1394.sys
13:46:40.0931 5892 ohci1394 - ok
13:46:40.0993 5892 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:46:41.0040 5892 ose - ok
13:46:41.0118 5892 p2pimsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
13:46:41.0165 5892 p2pimsvc - ok
13:46:41.0180 5892 p2psvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
13:46:41.0180 5892 p2psvc - ok
13:46:41.0243 5892 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:46:41.0258 5892 Parport - ok
13:46:41.0321 5892 partmgr (84be786f33fdbd8765e05df3b7f5b9e6) C:\Windows\system32\drivers\partmgr.sys
13:46:41.0336 5892 partmgr - ok
13:46:41.0352 5892 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:46:41.0368 5892 Parvdm - ok
13:46:41.0430 5892 PcaSvc (d8c5c215c932233a4f1d7f368f4e4e65) C:\Windows\System32\pcasvc.dll
13:46:41.0430 5892 PcaSvc - ok
13:46:41.0492 5892 pci (bdd96f9cf34d58958aff1be6ef4c8020) C:\Windows\system32\drivers\pci.sys
13:46:41.0508 5892 pci - ok
13:46:41.0570 5892 pciide (b2fc76090ef1003463ccb07cabb35cff) C:\Windows\system32\drivers\pciide.sys
13:46:41.0570 5892 pciide - ok
13:46:41.0617 5892 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
13:46:41.0648 5892 pcmcia - ok
13:46:41.0711 5892 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:46:41.0758 5892 PEAUTH - ok
13:46:41.0898 5892 pla (cd05a38d166beade18030bafc0c0a939) C:\Windows\system32\pla.dll
13:46:41.0945 5892 pla - ok
13:46:42.0007 5892 PlugPlay (747bb4c31f3b6e8d1b5ed0ad61518cb5) C:\Windows\system32\umpnpmgr.dll
13:46:42.0023 5892 PlugPlay - ok
13:46:42.0070 5892 PNRPAutoReg (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
13:46:42.0085 5892 PNRPAutoReg - ok
13:46:42.0101 5892 PNRPsvc (016d01d3b8fb976a193c7434bed8dccf) C:\Windows\system32\p2psvc.dll
13:46:42.0116 5892 PNRPsvc - ok
13:46:42.0194 5892 PolicyAgent (5ebdec613bd377ce9a85382be5c6b83b) C:\Windows\System32\ipsecsvc.dll
13:46:42.0210 5892 PolicyAgent - ok
13:46:42.0319 5892 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
13:46:42.0350 5892 PptpMiniport - ok
13:46:42.0413 5892 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
13:46:42.0413 5892 Processor - ok
13:46:42.0460 5892 ProfSvc (213112e152e68f0e4705e36f052a2880) C:\Windows\system32\profsvc.dll
13:46:42.0475 5892 ProfSvc - ok
13:46:42.0538 5892 ProtectedStorage (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
13:46:42.0538 5892 ProtectedStorage - ok
13:46:42.0600 5892 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
13:46:42.0600 5892 PSched - ok
13:46:42.0678 5892 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
13:46:42.0678 5892 PxHelp20 - ok
13:46:42.0803 5892 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
13:46:42.0865 5892 ql2300 - ok
13:46:42.0928 5892 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:46:42.0928 5892 ql40xx - ok
13:46:43.0006 5892 QWAVE (ca61bdfd3713a7ce75f2812afc431594) C:\Windows\system32\qwave.dll
13:46:43.0021 5892 QWAVE - ok
13:46:43.0052 5892 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
13:46:43.0052 5892 QWAVEdrv - ok
13:46:43.0240 5892 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
13:46:43.0364 5892 R300 - ok
13:46:43.0474 5892 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
13:46:43.0489 5892 RapiMgr - ok
13:46:43.0630 5892 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
13:46:43.0645 5892 RasAcd - ok
13:46:43.0708 5892 RasAuto (f14f4aab9f54d099fe99192bdb100ac9) C:\Windows\System32\rasauto.dll
13:46:43.0708 5892 RasAuto - ok
13:46:43.0770 5892 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:46:43.0801 5892 Rasl2tp - ok
13:46:43.0864 5892 RasMan (11d65e29bc9d1e4114d18fe68194394c) C:\Windows\System32\rasmans.dll
13:46:43.0879 5892 RasMan - ok
13:46:43.0926 5892 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
13:46:43.0926 5892 RasPppoe - ok
13:46:43.0973 5892 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
13:46:43.0988 5892 rdbss - ok
13:46:44.0004 5892 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:46:44.0004 5892 RDPCDD - ok
13:46:44.0066 5892 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
13:46:44.0113 5892 rdpdr - ok
13:46:44.0129 5892 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
13:46:44.0129 5892 RDPENCDD - ok
13:46:44.0191 5892 RDPWD (e2afac98fc6ca2ad2d09f2de1bc71ad9) C:\Windows\system32\drivers\RDPWD.sys
13:46:44.0254 5892 RDPWD - ok
13:46:44.0378 5892 RemoteAccess (6c1a43c589ee8011a1ebfd51c01b77ce) C:\Windows\System32\mprdim.dll
13:46:44.0394 5892 RemoteAccess - ok
13:46:44.0441 5892 RemoteRegistry (9a043808667c8c1893da7275af373f0e) C:\Windows\system32\regsvc.dll
13:46:44.0456 5892 RemoteRegistry - ok
13:46:44.0503 5892 RFCOMM (7ec90c316177ba3f1bce92005264b447) C:\Windows\system32\DRIVERS\rfcomm.sys
13:46:44.0519 5892 RFCOMM - ok
13:46:44.0597 5892 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
13:46:44.0597 5892 rimmptsk - ok
13:46:44.0628 5892 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
13:46:44.0628 5892 rimsptsk - ok
13:46:44.0690 5892 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
13:46:44.0706 5892 RimUsb - ok
13:46:44.0753 5892 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\Windows\system32\DRIVERS\RimSerial.sys
13:46:44.0768 5892 RimVSerPort - ok
13:46:44.0800 5892 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
13:46:44.0800 5892 rismxdp - ok
13:46:44.0862 5892 ROOTMODEM (d49d61312b273de069584d48c81c8b1d) C:\Windows\system32\Drivers\RootMdm.sys
13:46:44.0878 5892 ROOTMODEM - ok
13:46:44.0971 5892 RoxLiveShare9 - ok
13:46:45.0002 5892 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
13:46:45.0002 5892 RpcLocator - ok
13:46:45.0112 5892 RpcSs (7b981222a257d076885bffb66f19b7ce) C:\Windows\system32\rpcss.dll
13:46:45.0127 5892 RpcSs - ok
13:46:45.0143 5892 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
13:46:45.0158 5892 rspndr - ok
13:46:45.0221 5892 SamSs (c731b1fe449d4e9cea358c9d55b69be9) C:\Windows\system32\lsass.exe
13:46:45.0221 5892 SamSs - ok
13:46:45.0268 5892 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:46:45.0283 5892 sbp2port - ok
13:46:45.0517 5892 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
13:46:45.0595 5892 SBSDWSCService - ok
13:46:45.0658 5892 SCardSvr (565b4b9e5ad2f2f18a4f8aafa6c06bbb) C:\Windows\System32\SCardSvr.dll
13:46:45.0673 5892 SCardSvr - ok
13:46:45.0782 5892 Schedule (886cec884b5be29ab9828b8ab46b11f7) C:\Windows\system32\schedsvc.dll
13:46:45.0814 5892 Schedule - ok
13:46:45.0845 5892 SCPolicySvc (0600e04315fe543802a379d5d23c8be0) C:\Windows\System32\certprop.dll
13:46:45.0845 5892 SCPolicySvc - ok
13:46:45.0923 5892 sdbus (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys
13:46:45.0970 5892 sdbus - ok
13:46:46.0032 5892 SDRSVC (f7b6bf02240d0a764adf8c8966735552) C:\Windows\System32\SDRSVC.dll
13:46:46.0048 5892 SDRSVC - ok
13:46:46.0094 5892 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:46:46.0094 5892 secdrv - ok
13:46:46.0126 5892 seclogon (8388c4133ddbe62ad7bc3ec9f14271ed) C:\Windows\system32\seclogon.dll
13:46:46.0141 5892 seclogon - ok
13:46:46.0172 5892 SENS (34350ae2c1d33d21c7305f861bd8dad8) C:\Windows\System32\sens.dll
13:46:46.0172 5892 SENS - ok
13:46:46.0219 5892 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
13:46:46.0219 5892 Serenum - ok
13:46:46.0344 5892 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
13:46:46.0360 5892 Serial - ok
13:46:46.0406 5892 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
13:46:46.0406 5892 sermouse - ok
13:46:46.0500 5892 SessionEnv (78878235da4df0d116e86837a0a21df8) C:\Windows\system32\sessenv.dll
13:46:46.0516 5892 SessionEnv - ok
13:46:46.0562 5892 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\DRIVERS\sffdisk.sys
13:46:46.0562 5892 sffdisk - ok
13:46:46.0609 5892 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
13:46:46.0656 5892 sffp_mmc - ok
13:46:46.0687 5892 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\DRIVERS\sffp_sd.sys
13:46:46.0703 5892 sffp_sd - ok
13:46:46.0718 5892 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:46:46.0734 5892 sfloppy - ok
13:46:46.0796 5892 SharedAccess (9a82bf4c90b00a63150a606a1e2fd82b) C:\Windows\System32\ipnathlp.dll
13:46:46.0812 5892 SharedAccess - ok
13:46:46.0874 5892 ShellHWDetection (b264dfa21677728613267fe63802b332) C:\Windows\System32\shsvcs.dll
13:46:46.0890 5892 ShellHWDetection - ok
13:46:46.0937 5892 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
13:46:46.0937 5892 sisagp - ok
13:46:46.0984 5892 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
13:46:46.0984 5892 SiSRaid2 - ok
13:46:47.0015 5892 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
13:46:47.0030 5892 SiSRaid4 - ok
13:46:47.0280 5892 slsvc (a1dcd30534835cb67733ad00175125a6) C:\Windows\system32\SLsvc.exe
13:46:47.0436 5892 slsvc - ok
13:46:47.0592 5892 SLUINotify (56da296e7b376a727e7bdc5ac7fbee02) C:\Windows\system32\SLUINotify.dll
13:46:47.0592 5892 SLUINotify - ok
13:46:47.0654 5892 Smb (46baf398809a0f3b2d3300a1760e4b91) C:\Windows\system32\DRIVERS\smb.sys
13:46:47.0654 5892 Smb - ok
13:46:47.0701 5892 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
13:46:47.0701 5892 SNMPTRAP - ok
13:46:47.0732 5892 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
13:46:47.0732 5892 spldr - ok
13:46:47.0764 5892 Spooler (da612ef2556776df2630b68bf2d48935) C:\Windows\System32\spoolsv.exe
13:46:47.0779 5892 Spooler - ok
13:46:47.0904 5892 SRTSP (ec5c3c6260f4019b03dfaa03ec8cbf6a) C:\Windows\System32\Drivers\N360\0404000.00C\SRTSP.SYS
13:46:47.0982 5892 SRTSP - ok
13:46:48.0013 5892 SRTSPX (55d5c37ed41231e3ac2063d16df50840) C:\Windows\system32\drivers\N360\0404000.00C\SRTSPX.SYS
13:46:48.0044 5892 SRTSPX - ok
13:46:48.0107 5892 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
13:46:48.0138 5892 srv - ok
13:46:48.0200 5892 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
13:46:48.0200 5892 srv2 - ok
13:46:48.0263 5892 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
13:46:48.0263 5892 srvnet - ok
13:46:48.0341 5892 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\Windows\system32\DRIVERS\ssadbus.sys
13:46:48.0388 5892 ssadbus - ok
13:46:48.0434 5892 SSDPSRV (8d3e4baff8b3997138c38eb1b600519a) C:\Windows\System32\ssdpsrv.dll
13:46:48.0450 5892 SSDPSRV - ok
13:46:48.0481 5892 STacSV (7e6dd4b34acd36af6c711d2bde91b040) C:\Windows\system32\STacSV.exe
13:46:48.0481 5892 STacSV - ok
13:46:48.0544 5892 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
13:46:48.0559 5892 STHDA - ok
13:46:48.0653 5892 StillCam (7a95b5deb594616f1693486b8161411e) C:\Windows\system32\DRIVERS\serscan.sys
13:46:48.0668 5892 StillCam - ok
13:46:48.0731 5892 stisvc (a941e099ef46e3cc12f898cbe1c39910) C:\Windows\System32\wiaservc.dll
13:46:48.0762 5892 stisvc - ok
13:46:48.0887 5892 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
13:46:48.0918 5892 stllssvr - ok
13:46:48.0949 5892 swenum (3b80b4383c9bce13279c8482734b32b2) C:\Windows\system32\DRIVERS\swenum.sys
13:46:48.0980 5892 swenum - ok
13:46:49.0043 5892 swprv (749ada8d6c18a08adfede69cbf5db2e0) C:\Windows\System32\swprv.dll
13:46:49.0058 5892 swprv - ok
13:46:49.0090 5892 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:46:49.0090 5892 Symc8xx - ok
13:46:49.0214 5892 SymDS (56890bf9d9204b93042089d4b45ae671) C:\Windows\system32\drivers\N360\0404000.00C\SYMDS.SYS
13:46:49.0230 5892 SymDS - ok
13:46:49.0292 5892 SymEFA (10ba64273feff4df0a7ccb0ff3b9b26b) C:\Windows\system32\drivers\N360\0404000.00C\SYMEFA.SYS
13:46:49.0308 5892 SymEFA - ok
13:46:49.0355 5892 SymEvent (5c76a63fac8a5580c5a1c4a4ed827782) C:\Windows\system32\Drivers\SYMEVENT.SYS
13:46:49.0433 5892 SymEvent - ok
13:46:49.0480 5892 SymIRON (dc80fbf0a348e54853ef82eed4e11e35) C:\Windows\system32\drivers\N360\0404000.00C\Ironx86.SYS
13:46:49.0526 5892 SymIRON - ok
13:46:49.0573 5892 SYMTDIv (b501d61792d8355eae7eb4f7449a9d99) C:\Windows\System32\Drivers\N360\0404000.00C\SYMTDIV.SYS
13:46:49.0589 5892 SYMTDIv - ok
13:46:49.0620 5892 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:46:49.0620 5892 Sym_hi - ok
13:46:49.0651 5892 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:46:49.0651 5892 Sym_u3 - ok
13:46:49.0729 5892 SysMain (6d73375116fae5360b16f0a2d9b773ce) C:\Windows\system32\sysmain.dll
13:46:49.0760 5892 SysMain - ok
13:46:49.0792 5892 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
13:46:49.0792 5892 TabletInputService - ok
13:46:49.0823 5892 TapiSrv (ef3dd33c740fc2f82e7e4622f1c49289) C:\Windows\System32\tapisrv.dll
13:46:49.0854 5892 TapiSrv - ok
13:46:49.0870 5892 TBS (68fa52794ae9acc61bde16fe0956b414) C:\Windows\System32\tbssvc.dll
13:46:49.0870 5892 TBS - ok
13:46:49.0963 5892 Tcpip (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\drivers\tcpip.sys
13:46:50.0010 5892 Tcpip - ok
13:46:50.0026 5892 Tcpip6 (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\DRIVERS\tcpip.sys
13:46:50.0026 5892 Tcpip6 - ok
13:46:50.0072 5892 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
13:46:50.0072 5892 tcpipreg - ok
13:46:50.0104 5892 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
13:46:50.0104 5892 TDPIPE - ok
13:46:50.0135 5892 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
13:46:50.0135 5892 TDTCP - ok
13:46:50.0166 5892 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
13:46:50.0166 5892 tdx - ok
13:46:50.0182 5892 TermDD (849ed71967d45f15c3e0abfc633fdf2a) C:\Windows\system32\DRIVERS\termdd.sys
13:46:50.0182 5892 TermDD - ok
13:46:50.0244 5892 TermService (fad71c1e8e4047b154e899ae31eb8caa) C:\Windows\System32\termsrv.dll
13:46:50.0260 5892 TermService - ok
13:46:50.0306 5892 Themes (b264dfa21677728613267fe63802b332) C:\Windows\system32\shsvcs.dll
13:46:50.0306 5892 Themes - ok
13:46:50.0353 5892 THREADORDER (9dfa3a459af0954aa85b4f7622ad87bb) C:\Windows\system32\mmcss.dll
13:46:50.0353 5892 THREADORDER - ok
13:46:50.0369 5892 TrkWks (6bba0582c0025d43729a1112d3b57897) C:\Windows\System32\trkwks.dll
13:46:50.0384 5892 TrkWks - ok
13:46:50.0494 5892 TrustedInstaller (34e388a395fedba1d0511ed39bbf4074) C:\Windows\servicing\TrustedInstaller.exe
13:46:50.0494 5892 TrustedInstaller - ok
13:46:50.0525 5892 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:46:50.0525 5892 tssecsrv - ok
13:46:50.0587 5892 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
13:46:50.0618 5892 tunmp - ok
13:46:50.0665 5892 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
13:46:50.0665 5892 tunnel - ok
13:46:50.0712 5892 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
13:46:50.0712 5892 uagp35 - ok
13:46:50.0759 5892 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
13:46:50.0806 5892 udfs - ok
13:46:50.0868 5892 UI0Detect (24a333f4f14dcfb6ff6d5a1b9e5d79dd) C:\Windows\system32\UI0Detect.exe
13:46:50.0868 5892 UI0Detect - ok
13:46:50.0899 5892 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
13:46:50.0915 5892 uliagpkx - ok
13:46:50.0962 5892 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
13:46:50.0977 5892 uliahci - ok
13:46:51.0008 5892 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:46:51.0008 5892 UlSata - ok
13:46:51.0040 5892 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:46:51.0055 5892 ulsata2 - ok
13:46:51.0086 5892 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
13:46:51.0086 5892 umbus - ok
13:46:51.0133 5892 upnphost (8eb871a3deb6b3d5a85eb6ddfc390b59) C:\Windows\System32\upnphost.dll
13:46:51.0149 5892 upnphost - ok
13:46:51.0227 5892 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
13:46:51.0227 5892 USBAAPL - ok
13:46:51.0274 5892 usbccgp (b0ba9caffe9b0555ec0317f30cb79cd2) C:\Windows\system32\DRIVERS\usbccgp.sys
13:46:51.0274 5892 usbccgp - ok
13:46:51.0320 5892 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:46:51.0336 5892 usbcir - ok
13:46:51.0398 5892 usbehci (c9fcd05b0a80ea08c2768e5a279b14de) C:\Windows\system32\DRIVERS\usbehci.sys
13:46:51.0398 5892 usbehci - ok
13:46:51.0430 5892 usbhub (5e44f7d957f7560da06bfe6b84b58a35) C:\Windows\system32\DRIVERS\usbhub.sys
13:46:51.0445 5892 usbhub - ok
13:46:51.0508 5892 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
13:46:51.0508 5892 usbohci - ok
13:46:51.0539 5892 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
13:46:51.0539 5892 usbprint - ok
13:46:51.0617 5892 usbscan (b1f95285c08ddfe00c0b955462637ec7) C:\Windows\system32\DRIVERS\usbscan.sys
13:46:51.0617 5892 usbscan - ok
13:46:51.0679 5892 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:46:51.0679 5892 USBSTOR - ok
13:46:51.0726 5892 usbuhci (d864735b0bfcb65440960a0b7cc1a38d) C:\Windows\system32\DRIVERS\usbuhci.sys
13:46:51.0726 5892 usbuhci - ok
13:46:51.0773 5892 UxSms (f79d0d7c9004474cb42746d9b2c30a2b) C:\Windows\System32\uxsms.dll
13:46:51.0773 5892 UxSms - ok
13:46:51.0820 5892 vds (c9d0bafee0d0a2681f048ca61bc0da96) C:\Windows\System32\vds.exe
13:46:51.0851 5892 vds - ok
13:46:51.0882 5892 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
13:46:51.0882 5892 vga - ok
13:46:51.0913 5892 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
13:46:51.0913 5892 VgaSave - ok
13:46:51.0929 5892 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
13:46:51.0944 5892 viaagp - ok
13:46:51.0960 5892 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
13:46:51.0960 5892 ViaC7 - ok
13:46:51.0976 5892 viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys
13:46:51.0991 5892 viaide - ok
13:46:52.0022 5892 volmgr (fd16fac15f9f165ac19a618e7b391f5c) C:\Windows\system32\drivers\volmgr.sys
13:46:52.0038 5892 volmgr - ok
13:46:52.0085 5892 volmgrx (420c48e593b9520c2dee45d671f923e1) C:\Windows\system32\drivers\volmgrx.sys
13:46:52.0100 5892 volmgrx - ok
13:46:52.0178 5892 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
13:46:52.0178 5892 volsnap - ok
13:46:52.0225 5892 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
13:46:52.0225 5892 vsmraid - ok
13:46:52.0303 5892 VSS (e0e29d9ef2524abd11749c7c2fd7f607) C:\Windows\system32\vssvc.exe
13:46:52.0334 5892 VSS - ok
13:46:52.0412 5892 W32Time (62b0d0f6f5580d9d0dfa5e0b466ff2ed) C:\Windows\system32\w32time.dll
13:46:52.0444 5892 W32Time - ok
13:46:52.0475 5892 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
13:46:52.0475 5892 WacomPen - ok
13:46:52.0506 5892 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
13:46:52.0522 5892 Wanarp - ok
13:46:52.0537 5892 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
13:46:52.0537 5892 Wanarpv6 - ok
13:46:52.0615 5892 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\Windows\system32\DRIVERS\wanatw4.sys
13:46:52.0615 5892 wanatw - ok
13:46:52.0740 5892 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
13:46:52.0756 5892 WcesComm - ok
13:46:52.0818 5892 wcncsvc (c1b19162e0509ceab4cdf664e139d956) C:\Windows\System32\wcncsvc.dll
13:46:52.0834 5892 wcncsvc - ok
13:46:52.0865 5892 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
13:46:52.0865 5892 WcsPlugInService - ok
13:46:52.0896 5892 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
13:46:52.0912 5892 Wd - ok
13:46:53.0036 5892 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
13:46:53.0052 5892 Wdf01000 - ok
13:46:53.0083 5892 WdiServiceHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
13:46:53.0083 5892 WdiServiceHost - ok
13:46:53.0099 5892 WdiSystemHost (2a424b89b14ef17a3d06bcb5a8f79601) C:\Windows\system32\wdi.dll
13:46:53.0114 5892 WdiSystemHost - ok
13:46:53.0177 5892 WebClient (01e41c264eedcb827820a1909162579f) C:\Windows\System32\webclnt.dll
13:46:53.0192 5892 WebClient - ok
13:46:53.0239 5892 Wecsvc (9cf67ff7f8d34cbf115d0c278b9f74aa) C:\Windows\system32\wecsvc.dll
13:46:53.0255 5892 Wecsvc - ok
13:46:53.0270 5892 wercplsupport (b68cab45db1dab59d92acadfad6364a8) C:\Windows\System32\wercplsupport.dll
13:46:53.0286 5892 wercplsupport - ok
13:46:53.0302 5892 WerSvc (36ba0707680ef4236fd752bee982cc25) C:\Windows\System32\WerSvc.dll
13:46:53.0317 5892 WerSvc - ok
13:46:53.0395 5892 winachsf (4daca8f07537d4d7e3534bb99294aa26) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
13:46:53.0473 5892 winachsf - ok
13:46:53.0629 5892 WinDefend (0d5ad0e71ff5ddac5dd2f443b499abd0) C:\Program Files\Windows Defender\mpsvc.dll
13:46:53.0645 5892 WinDefend - ok
13:46:53.0676 5892 WinHttpAutoProxySvc - ok
13:46:53.0738 5892 Winmgmt (38a7b89de4e3417c122317949667fdd8) C:\Windows\system32\wbem\WMIsvc.dll
13:46:53.0754 5892 Winmgmt - ok
13:46:53.0816 5892 WinRM (3f6823040030c3e4da1cf11cd40b7534) C:\Windows\system32\WsmSvc.dll
13:46:53.0848 5892 WinRM - ok
13:46:53.0957 5892 Wlansvc (7f91ac406a3255c175ee3da6dfe8c36c) C:\Windows\System32\wlansvc.dll
13:46:53.0972 5892 Wlansvc - ok
13:46:54.0206 5892 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:46:54.0269 5892 wlidsvc - ok
13:46:54.0362 5892 wltrysvc - ok
13:46:54.0487 5892 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:46:54.0487 5892 WmiAcpi - ok
13:46:54.0596 5892 wmiApSrv (a279323bee5fffafda222910bce92132) C:\Windows\system32\wbem\WmiApSrv.exe
13:46:54.0612 5892 wmiApSrv - ok
13:46:54.0752 5892 WMPNetworkSvc (acb2e63d50157e3ea7140f29d9e76a48) C:\Program Files\Windows Media Player\wmpnetwk.exe
13:46:54.0815 5892 WMPNetworkSvc - ok
13:46:54.0862 5892 WPCSvc (3d3b3b80c12abe506f56930c46422c28) C:\Windows\System32\wpcsvc.dll
13:46:54.0877 5892 WPCSvc - ok
13:46:54.0924 5892 WPDBusEnum (c24844a1d0d9528b19d5bc266b8cd572) C:\Windows\system32\wpdbusenum.dll
13:46:54.0940 5892 WPDBusEnum - ok
13:46:55.0002 5892 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
13:46:55.0002 5892 WpdUsb - ok
13:46:55.0049 5892 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
13:46:55.0096 5892 ws2ifsl - ok
13:46:55.0142 5892 wscsvc (f97cbb919af6d0a6643d1a59c15014d1) C:\Windows\System32\wscsvc.dll
13:46:55.0158 5892 wscsvc - ok
13:46:55.0174 5892 WSearch - ok
13:46:55.0376 5892 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
13:46:55.0408 5892 wuauserv - ok
13:46:55.0610 5892 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:46:55.0610 5892 WUDFRd - ok
13:46:55.0657 5892 wudfsvc (db5bf5aab72b1b99b5331231d09ebb26) C:\Windows\System32\WUDFSvc.dll
13:46:55.0673 5892 wudfsvc - ok
13:46:55.0766 5892 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
13:46:55.0766 5892 XAudio - ok
13:46:55.0860 5892 XAudioService (28dc5d626e036a75a572556f0a6eb1f6) C:\Windows\system32\DRIVERS\xaudio.exe
13:46:55.0891 5892 XAudioService - ok
13:46:55.0969 5892 yukonwlh (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
13:46:55.0985 5892 yukonwlh - ok
13:46:56.0047 5892 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
13:46:56.0390 5892 \Device\Harddisk0\DR0 - ok
13:46:56.0437 5892 Boot (0x1200) (eb511dd440069f64fa5d128555a9bc41) \Device\Harddisk0\DR0\Partition0
13:46:56.0437 5892 \Device\Harddisk0\DR0\Partition0 - ok
13:46:56.0453 5892 Boot (0x1200) (308a089bedabed1655bea821e22fdeb9) \Device\Harddisk0\DR0\Partition1
13:46:56.0453 5892 \Device\Harddisk0\DR0\Partition1 - ok
13:46:56.0453 5892 ============================================================
13:46:56.0453 5892 Scan finished
13:46:56.0453 5892 ============================================================
13:46:56.0500 5460 Detected object count: 0
13:46:56.0500 5460 Actual detected object count: 0
13:49:45.0556 4220 Deinitialize success

#5 AshM27

AshM27
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:52 PM

Posted 10 July 2012 - 01:12 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-10 13:57:39
-----------------------------
13:57:39.797 OS Version: Windows 6.0.6000
13:57:39.797 Number of processors: 2 586 0xF0D
13:57:39.797 ComputerName: PEDRO-PC UserName: pedro
13:57:43.650 Initialize success
13:58:36.609 AVAST engine defs: 12071000
13:58:38.372 The log file has been saved successfully to "C:\Users\pedro\Documents\aswMBR.txt"
13:58:41.778 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
13:58:41.778 Disk 0 Vendor: ST912082 3.CD Size: 114473MB BusType: 3
13:58:41.809 Disk 0 MBR read successfully
13:58:41.809 Disk 0 MBR scan
13:58:41.840 Disk 0 Windows VISTA default MBR code
13:58:41.840 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 62 MB offset 63
13:58:41.887 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 129024
13:58:41.965 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 101609 MB offset 21100544
13:58:41.981 Disk 0 Partition - 00 0F Extended LBA 2560 MB offset 229195776
13:58:42.012 Disk 0 Partition 4 00 DD MSDOS5.0 2559 MB offset 229197824
13:58:42.043 Disk 0 scanning sectors +234438656
13:58:42.246 Disk 0 scanning C:\Windows\system32\drivers
13:59:26.691 Service scanning
14:00:20.139 Modules scanning
14:00:36.784 Disk 0 trace - called modules:
14:00:36.815 ntkrnlpa.exe CLASSPNP.SYS disk.sys hal.dll iastor.sys
14:00:36.815 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85877750]
14:00:36.831 3 ntkrnlpa.exe[824b07e2] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84dff030]
14:00:37.673 AVAST engine scan C:\Windows
14:00:42.618 AVAST engine scan C:\Windows\system32
14:05:50.801 AVAST engine scan C:\Windows\system32\drivers
14:06:20.505 AVAST engine scan C:\Users\pedro
14:08:18.457 Disk 0 MBR has been saved successfully to "C:\Users\pedro\Desktop\MBR.dat"
14:08:18.472 The log file has been saved successfully to "C:\Users\pedro\Desktop\aswMBR.txt"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:52 PM

Posted 10 July 2012 - 01:50 PM

ESET log ?

#7 AshM27

AshM27
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:52 PM

Posted 10 July 2012 - 02:51 PM

Still scanning... been an hour and a half. Is at 49%

#8 AshM27

AshM27
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:52 PM

Posted 10 July 2012 - 02:54 PM

It has found 4 infected files so far.

#9 AshM27

AshM27
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:52 PM

Posted 10 July 2012 - 04:16 PM

ESET


C:\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\pedro\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\7d358f61-4625335d a variant of Java/TrojanDownloader.OpenStream.NCM trojan cleaned by deleting - quarantined
C:\Users\pedro\Downloads\cnet2_Unlocker1_9_1_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\pedro\Downloads\Unlocker1.9.1.exe a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:52 PM

Posted 10 July 2012 - 06:44 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#11 AshM27

AshM27
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:52 PM

Posted 11 July 2012 - 11:07 AM

MBAM full scan was clean on the first scan.
Here is minitoolbox result:



MiniToolBox by Farbar Version: 25-06-2012
Ran by pedro (administrator) on 11-07-2012 at 12:00:45
Microsoft® Windows Vista™ Home Premium (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "localhost,127.0.0.1"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1390 WLAN Mini-Card = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set interface luid=loopback_0 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_1 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_2 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_4 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_6 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=wireless_0 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : pedro-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-1D-D9-E9-72-05
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1390 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-1E-4C-B3-9F-65
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c418:dc09:4383:85be%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, July 11, 2012 8:41:55 AM
Lease Expires . . . . . . . . . . : Thursday, July 12, 2012 8:41:53 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 167779916
DNS Servers . . . . . . . . . . . : 4.2.2.1
4.2.2.2
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-15-C5-84-D1-9B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:807:317f:3f57:fd98(Preferred)
Link-local IPv6 Address . . . . . : fe80::807:317f:3f57:fd98%8(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{68A57FB3-2172-4586-8147-EC6BDAF31D2B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{68A57FB3-2172-4586-8147-EC6BDAF31D2B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.Belkin
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{68A57FB3-2172-4586-8147-EC6BDAF31D2B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{FCEE7096-AA11-47AA-A6C0-2397AF1677A5}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.2.103%35(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 4.2.2.1
4.2.2.2
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 21:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{68A57FB3-2172-4586-8147-EC6BDAF31D2B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 22:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.Belkin
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 23:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.Belkin
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 25:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.pgn.medcity.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 29:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 30:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 26:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{68A57FB3-2172-4586-8147-EC6BDAF31D2B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 31:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{AC67A43E-53F3-47B0-BFC3-F5E51269E9BD}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: a.resolvers.level3.net
Address: 4.2.2.1:53

Name: google.com
Addresses: 74.125.137.101, 74.125.137.102, 74.125.137.113, 74.125.137.138
74.125.137.139, 74.125.137.100



Pinging google.com [74.125.137.100] with 32 bytes of data:



Reply from 74.125.137.100: bytes=32 time=52ms TTL=47

Reply from 74.125.137.100: bytes=32 time=34ms TTL=47



Ping statistics for 74.125.137.100:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 34ms, Maximum = 52ms, Average = 43ms

Server: a.resolvers.level3.net
Address: 4.2.2.1:53

Name: yahoo.com
Addresses: 98.139.183.24, 209.191.122.70, 72.30.38.140



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=51ms TTL=50

Reply from 209.191.122.70: bytes=32 time=50ms TTL=50



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 50ms, Maximum = 51ms, Average = 50ms

Server: a.resolvers.level3.net
Address: 4.2.2.1:53

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time=12ms TTL=128

Reply from 127.0.0.1: bytes=32 time=3ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 3ms, Maximum = 12ms, Average = 7ms

===========================================================================
Interface List
12 ...00 1d d9 e9 72 05 ...... Bluetooth Device (Personal Area Network)
10 ...00 1e 4c b3 9f 65 ...... Dell Wireless 1390 WLAN Mini-Card
9 ...00 15 c5 84 d1 9b ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
8 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
13 ...00 00 00 00 00 00 00 e0 isatap.{68A57FB3-2172-4586-8147-EC6BDAF31D2B}
17 ...00 00 00 00 00 00 00 e0 isatap.{68A57FB3-2172-4586-8147-EC6BDAF31D2B}
18 ...00 00 00 00 00 00 00 e0 isatap.Belkin
16 ...00 00 00 00 00 00 00 e0 isatap.{68A57FB3-2172-4586-8147-EC6BDAF31D2B}
35 ...00 00 00 00 00 00 00 e0 isatap.{FCEE7096-AA11-47AA-A6C0-2397AF1677A5}
20 ...00 00 00 00 00 00 00 e0 isatap.{68A57FB3-2172-4586-8147-EC6BDAF31D2B}
19 ...00 00 00 00 00 00 00 e0 isatap.Belkin
22 ...00 00 00 00 00 00 00 e0 isatap.Belkin
27 ...00 00 00 00 00 00 00 e0 isatap.pgn.medcity.net
25 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
26 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
33 ...00 00 00 00 00 00 00 e0 isatap.{68A57FB3-2172-4586-8147-EC6BDAF31D2B}
28 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
29 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
34 ...00 00 00 00 00 00 00 e0 isatap.{AC67A43E-53F3-47B0-BFC3-F5E51269E9BD}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.103 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.103 281
192.168.2.103 255.255.255.255 On-link 192.168.2.103 281
192.168.2.255 255.255.255.255 On-link 192.168.2.103 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.103 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.103 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
8 18 ::/0 On-link
1 306 ::1/128 On-link
8 18 2001::/32 On-link
8 266 2001:0:4137:9e76:807:317f:3f57:fd98/128
On-link
10 281 fe80::/64 On-link
8 266 fe80::/64 On-link
35 286 fe80::5efe:192.168.2.103/128
On-link
8 266 fe80::807:317f:3f57:fd98/128
On-link
10 281 fe80::c418:dc09:4383:85be/128
On-link
1 306 ff00::/8 On-link
8 266 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [227328] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/11/2012 08:45:11 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/11/2012 08:45:11 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/11/2012 08:45:10 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/11/2012 08:42:14 AM) (Source: AntiSpywareService) (User: )
Description: Service failed on stop: Access violation at address 0047E52D in module 'ComcastAntiSpyService.exe'. Read of address 0000000C

Error: (07/11/2012 08:22:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18996709

Error: (07/11/2012 08:22:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18996709

Error: (07/11/2012 08:22:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/11/2012 08:22:34 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18980423

Error: (07/11/2012 08:22:34 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18980423

Error: (07/11/2012 08:22:34 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/11/2012 08:42:02 AM) (Source: Service Control Manager) (User: )
Description: SPCA1528 Video Camera Service%%2

Error: (07/11/2012 08:42:02 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/11/2012 08:39:08 AM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (07/11/2012 08:37:56 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (07/11/2012 08:23:28 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: 0x80070490Security Update for Windows Vista (KB970710){14293FEB-87E3-4573-BA5D-1F1269944B1D}102

Error: (07/11/2012 03:04:12 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update 970710-28_neutral_GDR from package KB970710(Security Update) into Staged(Staged) state

Error: (07/11/2012 03:04:12 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB970710 (Security Update) into Install Requested(Install Requested) state

Error: (07/11/2012 03:04:12 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update 970710-26_neutral_GDR from package KB970710(Security Update) into Staged(Staged) state

Error: (07/11/2012 03:04:12 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of changing update 970710-25_neutral_LDR from package KB970710(Security Update) into Staged(Staged) state

Error: (07/11/2012 03:04:12 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB970710 (Security Update) into Install Requested(Install Requested) state


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Advanced Audio FX Engine
Advanced Video FX Engine
Advertising Center (Version: 0.0.0.1)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
BitTorrent (Version: 7.6.0)
Bonjour (Version: 3.0.0.10)
Browser Address Error Redirector (Version: 1.00.0000)
CamStudio OSS Desktop Recorder (Version: 2.6 Beta r294)
Comcast High-Speed Internet Install Wizard
Comcast Toolbar 3.5
Conexant HDA D330 MDC V.92 Modem
Coupon Printer for Windows (Version: 5.0.0.0)
Dell DataSafe Online (Version: 1.0.21)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Version: 2.0.07282)
Dell Touchpad (Version: 7.1.102.7)
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card (Version: 4.102.15.61)
Digital Line Detect (Version: 1.21)
DolbyFiles (Version: 2.0)
EarthLink Setup Files (Version: 2005.2.178.0.2.2)
ESET Online Scanner v3
Google Chrome (Version: 20.0.1132.47)
Google Desktop (Version: 5.9.0911.03589)
Google Earth (Version: 6.2.2.6613)
Google Gears (Version: 0.5.3600)
Google Toolbar for Firefox (Version: 7.1.20110512)
Google Update Helper (Version: 1.3.21.111)
Google Updater (Version: 2.4.2432.1652)
Haali Media Splitter
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Deskjet 3050A J611 series Basic Device Software (Version: 25.0.571.0)
HP Deskjet 3050A J611 series Help (Version: 140.0.2.2)
HP Deskjet 3050A J611 series Product Improvement Study (Version: 25.0.571.0)
HP Update (Version: 5.003.001.001)
ImagXpress (Version: 7.0.74.0)
Intel® Matrix Storage Manager
Internet Service Offers Launcher (Version: 1.00.0000)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 23 (Version: 6.0.230)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
Laptop Integrated Webcam Driver (1.03.02.0719)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
McAfee Security Scan Plus (Version: 2.0.181.2)
Menu Templates - Starter Kit (Version: 9.4.2.0)
MFC RunTime files (Version: 1.0.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft UI Engine (Version: 4.0.0318.1)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 08.05.0818)
Modem Diagnostic Tool (Version: 1.0.20.0)
Movie Templates - Starter Kit (Version: 9.4.2.0)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSRedist (Version: 9.0.30729.4148)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music, Photos & Videos Launcher (Version: 1.00.0000)
Nero 9 Trial
Nero BurnRights (Version: 3.4.10.100)
Nero ControlCenter (Version: 9.0.0.1)
Nero CoverDesigner (Version: 4.4.8.100)
Nero Disc Copy Gadget (Version: 2.4.17.0)
Nero DiscSpeed (Version: 5.4.10.100)
Nero DriveSpeed (Version: 4.4.10.100)
Nero InfoTool (Version: 6.4.10.100)
Nero Installer (Version: 4.4.8.1)
Nero Live (Version: 1.4.40.0)
Nero PhotoSnap (Version: 1.53.2.0)
Nero Recode (Version: 4.4.22.0)
Nero Rescue Agent (Version: 2.4.11.100)
Nero ShowTime (Version: 5.4.13.100)
Nero StartSmart (Version: 9.4.11.100)
Nero Vision (Version: 6.4.9.100)
Nero WaveEditor (Version: 5.4.23.0)
NeroBurningROM (Version: 9.4.13.100)
NeroExpress (Version: 9.4.13.100)
neroxml (Version: 1.0.0)
NetWaiting (Version: 2.5.44)
NetZeroInstallers (Version: 1.0.0)
Norton Security Suite (Version: 4.4.0.12)
Prepware 10 (Version: 10.0)
Product Documentation Launcher (Version: 1.00.0000)
QuickSet (Version: 8.2.17)
QuickTime (Version: 7.65.17.80)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator BDAV Plugin (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator DE (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio Update Manager (Version: 3.0.0)
RTC Client API v1.2 (Version: 1.2.0000)
Sonic Activation Module (Version: 1.0)
SoundTrax (Version: 4.4.23.0)
SPCA1528 PC Driver (Version: 2.2.3.7)
Spybot - Search & Destroy (Version: 1.6.2)
swMSM (Version: 12.0.0.1)
Uninstall
Unity Web Player (Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
User's Guides
Viewpoint Media Player
Visual C++ 8.0 CRT (x86) WinSXS MSM (Version: 8.0.50727.762)
Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM (Version: 8.0.50727.762)
Visual C++ 8.0 MFC (x86) WinSXS MSM (Version: 8.0.50727.762)
Visual C++ 8.0 MFC.Policy (x86) WinSXS MSM (Version: 8.0.50727.762)
WIDCOMM Bluetooth Software 6.0.1.3100 (Version: 6.0.1.3100)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail

========================= Memory info: ===================================

Percentage of memory in use: 59%
Total physical RAM: 2037.43 MB
Available physical RAM: 832.16 MB
Total Pagefile: 4285.38 MB
Available Pagefile: 2651.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.34 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:99.23 GB) (Free:18.76 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.68 GB) NTFS

========================= Users: ========================================

User accounts for \\PEDRO-PC

Administrator Guest pedro


**** End of log ****

#12 AshM27

AshM27
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:52 PM

Posted 11 July 2012 - 11:31 AM

Redirect still present

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:52 PM

Posted 11 July 2012 - 01:16 PM

which browser has redirects?

#14 AshM27

AshM27
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:52 PM

Posted 11 July 2012 - 01:19 PM

Chrome redirects just about every time.
Firefox, about 60% of the time.
I do not use IE

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:52 PM

Posted 11 July 2012 - 01:26 PM

I ran MBAM yesterday , and it found 25 threats. I deleted them, and restarted. The redirect was still present.


Can you post this log

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users